Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/RhECaUBF0uZn5rk6BszBxvNBUCQ.roa
File: RhECaUBF0uZn5rk6BszBxvNBUCQ.roa (raw, json)
Hash identifier: mJv17yLe85WallWXs+4+m0A+lVYgWhjhJ/1BjVoe5CM=
Subject key identifier: 46:11:02:69:40:45:D2:E6:67:E6:B9:3A:06:CC:C1:C6:F3:41:50:24
Certificate issuer: /CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7
Certificate serial: 0185729EC7917EB81FB21CBE6F1D86EBC0FD
Authority key identifier: C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/RhECaUBF0uZn5rk6BszBxvNBUCQ.roa
Signing time: Mon 02 Jan 2023 13:14:46 +0000
ROA not before: Mon 02 Jan 2023 13:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58154
IP address blocks: 45.131.220.0/22 maxlen: 24
2a0e:6340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:c7:91:7e:b8:1f:b2:1c:be:6f:1d:86:eb:c0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7
Validity
Not Before: Jan 2 13:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=461102694045d2e667e6b93a06ccc1c6f3415024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:ae:25:73:95:83:06:4c:9f:53:31:e3:fb:
f2:b2:2f:d1:04:a6:ef:0d:a2:9a:2d:9d:f2:00:9b:
0b:65:4d:83:2c:58:80:ef:e9:30:4e:4d:7d:87:73:
e9:57:8b:77:5f:81:42:f7:4e:8f:af:37:16:56:04:
3f:71:41:8d:09:20:2e:2e:0e:bd:dd:f2:6c:4d:be:
21:89:60:ea:55:79:04:d5:93:42:8f:7a:e0:63:e3:
ed:4b:f3:bc:6c:46:c0:5d:35:b2:48:d5:b5:3d:02:
79:81:ce:f6:ef:5b:a6:18:4e:e9:34:a5:40:0b:66:
27:fe:c0:45:a2:6c:9f:c4:c4:b9:06:81:4c:dd:2e:
3b:d7:bf:5e:89:1c:1a:78:bb:50:22:71:ec:a6:d5:
03:57:e2:8f:01:8f:12:69:d7:99:33:05:67:56:98:
42:8b:fb:97:db:50:03:8f:7b:f4:7f:26:c1:e7:c9:
8d:78:a4:3d:2b:aa:91:98:dc:7c:7a:56:19:8e:39:
96:3e:d6:07:6a:1b:df:7b:b1:87:c7:58:3b:6b:a7:
65:7b:83:f4:4a:65:8f:c8:bb:60:0c:68:29:88:e4:
f6:8d:ba:ee:32:e2:26:d6:d6:c0:25:f4:1c:9a:5d:
c4:80:a2:2d:d3:0b:c4:08:77:8c:e9:87:39:51:01:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:11:02:69:40:45:D2:E6:67:E6:B9:3A:06:CC:C1:C6:F3:41:50:24
X509v3 Authority Key Identifier:
keyid:C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/RhECaUBF0uZn5rk6BszBxvNBUCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/xs-pT2E045YOpfMYhGowzz6SLdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.220.0/22
IPv6:
2a0e:6340::/29
Signature Algorithm: sha256WithRSAEncryption
55:13:fa:6c:a2:49:19:68:7f:a0:62:0a:17:c1:cc:1c:c7:42:
e3:02:5f:1c:73:4f:93:42:28:cd:b3:0d:67:e0:5f:22:b0:81:
7e:da:d6:7c:61:7c:a6:1a:41:94:8b:a2:33:80:58:6b:7c:05:
5c:cf:ce:e8:a6:c5:7c:38:41:80:c8:4c:f3:7e:39:2b:f3:12:
82:54:b3:37:25:51:9a:66:03:72:95:8f:c0:74:e0:dc:79:9b:
fc:82:ba:00:a3:8f:17:74:53:c6:de:0a:ce:69:58:54:d1:29:
32:e2:94:ff:85:99:83:ee:14:b3:dc:10:32:61:49:9f:60:70:
c8:06:a1:bf:7a:e8:09:f6:ca:2a:82:61:b5:ae:88:36:f9:2e:
8f:8e:c9:6d:87:b6:3d:41:a0:4e:21:bd:1f:95:5e:34:95:03:
13:67:63:3e:16:35:c2:cf:52:4d:b2:0c:80:06:c6:65:d0:62:
ef:8c:db:11:af:b4:9a:d6:ab:a0:eb:1d:1e:5d:6e:ef:94:92:
d2:31:17:fd:59:c3:0b:6a:51:c9:2a:b2:81:67:d2:ad:fb:3e:
a5:d3:ea:dc:44:76:c8:49:db:cb:79:26:e0:bc:a0:e2:d0:b0:
d1:1a:7b:da:36:03:cf:2a:cb:49:e6:3e:97:7d:be:b6:3b:8c:
72:c4:db:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVynseRfrgfshy+bx2G68D9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2Y2ZhOTRmNjEzNGUzOTYwZWE1ZjMxODg0NmEzMGNmM2U5
MjJkZDcwHhcNMjMwMTAyMTMxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjExMDI2OTQwNDVkMmU2NjdlNmI5M2EwNmNjYzFjNmYzNDE1MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCSuJXOVgwZMn1Mx4/vysi/RBKbv
DaKaLZ3yAJsLZU2DLFiA7+kwTk19h3PpV4t3X4FC906PrzcWVgQ/cUGNCSAuLg69
3fJsTb4hiWDqVXkE1ZNCj3rgY+PtS/O8bEbAXTWySNW1PQJ5gc7271umGE7pNKVA
C2Yn/sBFomyfxMS5BoFM3S47179eiRwaeLtQInHsptUDV+KPAY8SadeZMwVnVphC
i/uX21ADj3v0fybB58mNeKQ9K6qRmNx8elYZjjmWPtYHahvfe7GHx1g7a6dle4P0
SmWPyLtgDGgpiOT2jbruMuIm1tbAJfQcml3EgKIt0wvECHeM6Yc5UQHpQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEYRAmlARdLmZ+a5OgbMwcbzQVAkMB8GA1UdIwQY
MBaAFMbPqU9hNOOWDqXzGIRqMM8+ki3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUt
ZjlhNDM3MDlkMDBiLzEvUmhFQ2FVQkYwdVpuNXJrNkJzekJ4dk5CVUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUtZjlhNDM3MDlkMDBi
LzEveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYPcMA0E
AgACMAcDBQMqDmNAMA0GCSqGSIb3DQEBCwUAA4IBAQBVE/psokkZaH+gYgoXwcwc
x0LjAl8cc0+TQijNsw1n4F8isIF+2tZ8YXymGkGUi6IzgFhrfAVcz87opsV8OEGA
yEzzfjkr8xKCVLM3JVGaZgNylY/AdODceZv8groAo48XdFPG3grOaVhU0Sky4pT/
hZmD7hSz3BAyYUmfYHDIBqG/eugJ9soqgmG1rog2+S6Pjslth7Y9QaBOIb0flV40
lQMTZ2M+FjXCz1JNsgyABsZl0GLvjNsRr7Sa1qug6x0eXW7vlJLSMRf9WcMLalHJ
KrKBZ9Kt+z6l0+rcRHbISdvLeSbgvKDi0LDRGnvaNgPPKstJ5j6Xfb62O4xyxNtK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:53 2024 by rpki-client on console-fra.rpki-client.org