Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/tDcKIekNqdwRF8uZpgt222vKsR8.roa
File: tDcKIekNqdwRF8uZpgt222vKsR8.roa (raw, json)
Hash identifier: +J7zDFZMw/1FFxqli9tnhzJRELEOQl9V+gTl+nqTwe8=
Subject key identifier: B4:37:0A:21:E9:0D:A9:DC:11:17:CB:99:A6:0B:76:DB:6B:CA:B1:1F
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018CC5012A396A9B8EFA3EE199561AEE32F0
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/tDcKIekNqdwRF8uZpgt222vKsR8.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.94.139.0/24 maxlen: 24
45.94.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 22:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2a:39:6a:9b:8e:fa:3e:e1:99:56:1a:ee:32:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4370a21e90da9dc1117cb99a60b76db6bcab11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:71:5c:0c:9f:bf:4c:45:23:84:27:09:8e:33:
b7:7d:a2:36:14:96:5f:c3:eb:3b:8c:bd:3b:6e:99:
ba:bc:fc:20:31:83:d8:f4:e4:78:6c:cf:f7:22:04:
1c:18:9f:c5:15:24:48:cb:91:c0:30:70:14:24:ce:
30:93:77:24:ab:1b:44:9b:a2:ac:91:d8:9a:c5:9e:
59:d7:25:99:3f:14:3e:02:46:c3:a4:71:8e:f3:17:
69:3a:ef:34:fc:22:04:3d:e6:40:75:ac:a9:8c:6c:
92:09:26:ac:4b:f8:f3:10:41:14:05:ba:ec:f5:0e:
11:f1:22:9d:30:ab:5a:64:d0:29:4a:f9:05:f6:07:
25:5d:3c:7c:ff:dc:54:17:08:90:2b:7a:d4:87:bb:
36:6a:d1:f7:d8:0f:f0:5b:bd:a8:5c:3a:50:1d:76:
2c:a2:96:07:c3:fc:5f:c5:4f:22:cd:d1:fe:ed:91:
ea:b2:1c:70:f2:07:df:29:3b:48:26:aa:5b:8d:27:
88:cc:79:bf:f5:b4:71:dc:65:cc:e9:3c:c1:c1:31:
6b:c6:5c:7f:c8:67:68:7c:60:50:21:94:2b:4c:23:
4e:ec:69:f7:1d:36:fd:4a:4e:3e:7f:7e:cb:b6:d4:
cd:f7:1c:2b:23:d4:e6:82:07:53:c6:54:cb:f8:96:
79:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:37:0A:21:E9:0D:A9:DC:11:17:CB:99:A6:0B:76:DB:6B:CA:B1:1F
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/tDcKIekNqdwRF8uZpgt222vKsR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.136.0/24
45.94.139.0/24
Signature Algorithm: sha256WithRSAEncryption
20:be:a1:56:11:13:f8:f1:84:69:21:41:37:db:d3:5d:c7:4c:
e7:af:0e:78:20:92:d9:d3:0d:dc:43:54:36:36:66:cd:f9:83:
62:39:22:76:b8:e2:8c:00:e0:fe:7d:c7:80:fc:8a:55:1d:1d:
ab:ad:08:3a:8b:ad:86:a9:6a:81:66:67:01:26:1c:33:88:28:
6a:d2:40:a6:a5:c0:f4:db:66:9f:cd:71:a8:7e:4c:d0:70:7a:
34:ef:0b:8c:aa:d2:ba:f1:0c:e5:26:8b:75:c0:be:59:70:6d:
91:64:5c:0a:fd:c3:c8:f0:61:31:6b:e1:33:9b:bf:cf:a4:12:
03:91:6d:4d:30:5b:bd:f9:8a:55:d2:79:63:bf:71:99:21:49:
f8:5d:27:50:a7:a4:e8:55:61:ce:70:e9:1d:fb:48:ec:03:fd:
bd:26:01:09:1a:ca:af:a7:fb:a7:74:2f:a6:40:b5:6f:b3:29:
f4:c5:c1:7c:35:de:35:d5:eb:c6:f5:d4:31:f3:41:aa:d4:a9:
ef:44:72:cc:17:cb:5d:05:29:88:72:3e:ca:e5:2e:5c:5d:77:
65:b5:ff:c7:50:1e:fa:30:c1:f2:75:b0:4e:a9:2d:67:d8:c6:
72:ff:7f:25:d2:01:d7:99:34:bf:97:9f:29:ec:15:76:69:68:
0c:a2:6b:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFASo5apuO+j7hmVYa7jLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM3MGEyMWU5MGRhOWRjMTExN2NiOTlhNjBiNzZkYjZiY2FiMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3FcDJ+/TEUjhCcJjjO3faI2FJZf
w+s7jL07bpm6vPwgMYPY9OR4bM/3IgQcGJ/FFSRIy5HAMHAUJM4wk3ckqxtEm6Ks
kdiaxZ5Z1yWZPxQ+AkbDpHGO8xdpOu80/CIEPeZAdaypjGySCSasS/jzEEEUBbrs
9Q4R8SKdMKtaZNApSvkF9gclXTx8/9xUFwiQK3rUh7s2atH32A/wW72oXDpQHXYs
opYHw/xfxU8izdH+7ZHqshxw8gffKTtIJqpbjSeIzHm/9bRx3GXM6TzBwTFrxlx/
yGdofGBQIZQrTCNO7Gn3HTb9Sk4+f37LttTN9xwrI9TmggdTxlTL+JZ5vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQ3CiHpDancERfLmaYLdttryrEfMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvdERjS0lla05xZHdSRjh1WnBndDIyMnZLc1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV6IAwQA
LV6LMA0GCSqGSIb3DQEBCwUAA4IBAQAgvqFWERP48YRpIUE329Ndx0znrw54IJLZ
0w3cQ1Q2NmbN+YNiOSJ2uOKMAOD+fceA/IpVHR2rrQg6i62GqWqBZmcBJhwziChq
0kCmpcD022afzXGofkzQcHo07wuMqtK68QzlJot1wL5ZcG2RZFwK/cPI8GExa+Ez
m7/PpBIDkW1NMFu9+YpV0nljv3GZIUn4XSdQp6ToVWHOcOkd+0jsA/29JgEJGsqv
p/undC+mQLVvsyn0xcF8Nd411evG9dQx80Gq1KnvRHLMF8tdBSmIcj7K5S5cXXdl
tf/HUB76MMHydbBOqS1n2MZy/38l0gHXmTS/l58p7BV2aWgMomu4
-----END CERTIFICATE-----
Generated at Fri Feb 9 00:31:03 2024 by rpki-client on console-ams.rpki-client.org