Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/TaYqDL_do195zIEBCSZ9zzfWyr4.roa
File: TaYqDL_do195zIEBCSZ9zzfWyr4.roa (raw, json)
Hash identifier: isP+Tb9lgNwjFKRWaQImfmONjRA9twq6lE19tDjnQ1E=
Subject key identifier: 4D:A6:2A:0C:BF:DD:A3:5F:79:CC:81:01:09:26:7D:CF:37:D6:CA:BE
Certificate issuer: /CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Certificate serial: 018CC870A94966713C45CA2ACBC7AEC2FE76
Authority key identifier: 8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/TaYqDL_do195zIEBCSZ9zzfWyr4.roa
Signing time: Tue 02 Jan 2024 04:31:15 +0000
ROA not before: Tue 02 Jan 2024 04:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34939
IP address blocks: 45.90.30.0/23 maxlen: 24
45.90.28.0/23 maxlen: 24
2a07:a8c0::/32 maxlen: 33
2a07:a8c1::/32 maxlen: 33
Validation: Failed, certificate revoked on Fri 05 Apr 2024 12:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:a9:49:66:71:3c:45:ca:2a:cb:c7:ae:c2:fe:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad37a9933b052c2f12ef1b8f14d74f05fddb611
Validity
Not Before: Jan 2 04:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4da62a0cbfdda35f79cc810109267dcf37d6cabe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:64:3a:ac:d9:6d:f3:bb:b8:17:a2:cc:08:
be:32:68:0a:17:e6:37:99:ca:39:ae:4a:75:04:d1:
3b:ab:60:2e:e0:77:16:4e:9f:32:c1:07:1c:06:83:
30:26:36:a6:1a:40:75:49:99:70:59:9b:9f:f0:ad:
22:f5:da:7c:eb:b7:73:33:5a:d0:0d:e1:49:14:95:
46:ad:e4:1b:22:8d:0c:af:aa:07:3f:9a:43:87:bd:
bf:79:a5:d1:dc:6f:87:19:53:e6:4f:03:83:53:66:
21:59:b6:9a:10:41:9e:ce:1c:27:f8:95:ae:cd:45:
b8:f1:ac:f8:b1:66:6f:f2:a6:29:e8:fa:cb:41:5e:
bb:ac:44:44:2b:91:d3:34:ee:50:9e:02:fa:ad:ea:
e3:51:44:24:64:58:cd:93:4d:d2:99:51:a2:11:9d:
8f:b2:cb:2f:43:de:7e:67:61:f0:65:f0:ea:ac:ce:
41:82:22:eb:3f:ee:51:ae:c9:6f:bc:69:7d:e9:8a:
c4:94:36:e1:03:fe:71:be:13:db:a4:8e:6f:e0:e3:
e5:84:c5:a3:16:16:fe:f0:5d:67:5c:2f:28:63:ea:
8e:57:b1:1a:b2:38:9e:90:77:e4:a8:6e:55:82:09:
46:da:73:ec:5c:36:b3:11:11:fd:a7:33:d9:d4:c3:
15:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A6:2A:0C:BF:DD:A3:5F:79:CC:81:01:09:26:7D:CF:37:D6:CA:BE
X509v3 Authority Key Identifier:
keyid:8A:D3:7A:99:33:B0:52:C2:F1:2E:F1:B8:F1:4D:74:F0:5F:DD:B6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itN6mTOwUsLxLvG48U108F_dthE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/TaYqDL_do195zIEBCSZ9zzfWyr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3e3126-3f4f-48e9-abef-5cb11a368d10/1/itN6mTOwUsLxLvG48U108F_dthE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.28.0/22
IPv6:
2a07:a8c0::/31
Signature Algorithm: sha256WithRSAEncryption
19:f9:d2:1b:65:f1:39:42:c4:97:f6:b2:3d:d8:d0:83:b8:cd:
25:4e:62:be:4d:ef:93:ff:d8:9d:68:65:18:cd:f6:d5:ca:21:
31:a3:85:af:cc:cb:d2:9d:b1:f9:7e:9a:ac:f6:87:d3:8e:2c:
c8:11:14:0c:3c:b7:eb:ab:83:a1:e7:51:f9:4c:4b:d2:77:e1:
2b:40:25:f2:6c:91:90:cc:a9:10:6f:d9:b9:ad:a2:cf:f9:34:
73:0d:a3:93:6c:86:7d:c0:dd:6f:63:6d:bd:7c:7d:b0:f3:2a:
83:36:00:fd:e1:f0:a2:5a:00:cd:0c:f8:4b:e5:35:a5:3b:ee:
0f:f2:14:fc:68:3b:72:d5:25:a5:87:d0:06:a8:17:0c:a0:6b:
c2:f6:91:96:5b:e8:28:9e:aa:d0:a3:a8:f7:87:b3:6a:3c:58:
ef:5f:e3:ad:d6:59:2a:ec:0e:07:eb:39:43:bd:c8:e2:2f:d1:
dd:e1:29:ca:46:4e:a8:11:66:ec:e4:5d:02:b2:c5:96:b2:7f:
c7:9a:89:76:0c:c4:f4:07:b0:1d:25:4a:38:01:c6:6a:fb:05:
29:68:71:fb:16:ef:98:f1:21:da:c0:21:7c:b6:71:26:84:bb:
e2:a3:f5:53:36:b9:71:81:03:69:a5:cc:d3:43:bd:6c:69:8e:
e5:d5:33:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcKlJZnE8Rcoqy8euwv52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDM3YTk5MzNiMDUyYzJmMTJlZjFiOGYxNGQ3NGYwNWZk
ZGI2MTEwHhcNMjQwMTAyMDQzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE2MmEwY2JmZGRhMzVmNzljYzgxMDEwOTI2N2RjZjM3ZDZjYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrtkOqzZbfO7uBeizAi+MmgKF+Y3
mco5rkp1BNE7q2Au4HcWTp8ywQccBoMwJjamGkB1SZlwWZuf8K0i9dp867dzM1rQ
DeFJFJVGreQbIo0Mr6oHP5pDh72/eaXR3G+HGVPmTwODU2YhWbaaEEGezhwn+JWu
zUW48az4sWZv8qYp6PrLQV67rEREK5HTNO5QngL6rerjUUQkZFjNk03SmVGiEZ2P
sssvQ95+Z2HwZfDqrM5BgiLrP+5RrslvvGl96YrElDbhA/5xvhPbpI5v4OPlhMWj
Fhb+8F1nXC8oY+qOV7EasjiekHfkqG5VgglG2nPsXDazERH9pzPZ1MMVfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE2mKgy/3aNfecyBAQkmfc831sq+MB8GA1UdIwQY
MBaAFIrTepkzsFLC8S7xuPFNdPBf3bYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYt
NWNiMTFhMzY4ZDEwLzEvVGFZcURMX2RvMTk1eklFQkNTWjl6emZXeXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zZTMxMjYtM2Y0Zi00OGU5LWFiZWYtNWNiMTFhMzY4ZDEw
LzEvaXRONm1UT3dVc0x4THZHNDhVMTA4Rl9kdGhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVocMA0E
AgACMAcDBQEqB6jAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ+dIbZfE5QsSX9rI92NCD
uM0lTmK+Te+T/9idaGUYzfbVyiExo4WvzMvSnbH5fpqs9ofTjizIERQMPLfrq4Oh
51H5TEvSd+ErQCXybJGQzKkQb9m5raLP+TRzDaOTbIZ9wN1vY229fH2w8yqDNgD9
4fCiWgDNDPhL5TWlO+4P8hT8aDty1SWlh9AGqBcMoGvC9pGWW+gonqrQo6j3h7Nq
PFjvX+Ot1lkq7A4H6zlDvcjiL9Hd4SnKRk6oEWbs5F0CssWWsn/Hmol2DMT0B7Ad
JUo4AcZq+wUpaHH7Fu+Y8SHawCF8tnEmhLvio/VTNrlxgQNppczTQ71saY7l1TPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:27 2024 by rpki-client on console-ams.rpki-client.org