Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/YDA6xpRvUjnxp_YIl8R-A5v0SEs.roa
File: YDA6xpRvUjnxp_YIl8R-A5v0SEs.roa (raw, json)
Hash identifier: n+Ldkta3xgmfMTbNHF667eecD25oIjy0MaFJ5JNpPhg=
Subject key identifier: 60:30:3A:C6:94:6F:52:39:F1:A7:F6:08:97:C4:7E:03:9B:F4:48:4B
Certificate issuer: /CN=eaa5abe9f7304383198ba1ffa592790ecf2c3ceb
Certificate serial: 0191E5C5758150E48E155AD58C9C2EE6BF02
Authority key identifier: EA:A5:AB:E9:F7:30:43:83:19:8B:A1:FF:A5:92:79:0E:CF:2C:3C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/YDA6xpRvUjnxp_YIl8R-A5v0SEs.roa
Signing time: Thu 12 Sep 2024 10:26:48 +0000
ROA not before: Thu 12 Sep 2024 10:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60475
IP address blocks: 45.90.240.0/22 maxlen: 22
45.90.240.0/23 maxlen: 23
45.90.242.0/23 maxlen: 23
45.90.242.0/24 maxlen: 24
45.90.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:c5:75:81:50:e4:8e:15:5a:d5:8c:9c:2e:e6:bf:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaa5abe9f7304383198ba1ffa592790ecf2c3ceb
Validity
Not Before: Sep 12 10:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60303ac6946f5239f1a7f60897c47e039bf4484b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:41:5f:2d:ff:c9:0d:98:b5:95:76:e9:3f:
91:db:28:d1:e2:57:a6:25:08:53:15:ce:02:d6:53:
7f:41:f2:c8:f0:c9:9a:38:99:d0:15:07:8f:78:90:
dd:5c:e4:28:31:92:b3:51:5b:a1:22:4a:17:c6:94:
c6:21:ca:43:69:ca:47:0b:35:c9:71:b3:be:42:f8:
9a:d5:a9:49:ec:02:99:b4:95:be:b3:0d:3f:dc:02:
a4:c4:42:45:9f:d8:b2:fb:e1:54:61:03:30:c7:7a:
8b:a1:3c:11:16:bf:c1:b8:d4:17:6a:03:e0:83:d5:
c7:07:b7:63:9a:5e:7a:8a:85:a8:0b:85:46:27:0e:
a3:bb:89:21:c9:b1:ad:02:86:3b:18:c0:93:a5:d8:
e5:f7:ff:6f:5b:8c:98:16:95:60:fb:7b:39:0c:72:
52:60:b9:f7:d2:84:41:28:f8:cb:01:21:81:f3:b1:
93:f8:61:18:ef:3b:62:71:0f:3c:a3:25:ae:4f:ca:
7e:f7:75:4d:ab:1f:4e:2f:1c:f8:b6:b2:83:c8:39:
be:ee:af:0f:24:87:76:ab:36:55:80:b5:01:af:86:
35:a2:96:b2:14:c3:99:b4:01:0a:11:05:17:37:a9:
c9:69:94:77:28:5f:c6:37:dd:51:b6:c6:96:d3:08:
47:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:30:3A:C6:94:6F:52:39:F1:A7:F6:08:97:C4:7E:03:9B:F4:48:4B
X509v3 Authority Key Identifier:
keyid:EA:A5:AB:E9:F7:30:43:83:19:8B:A1:FF:A5:92:79:0E:CF:2C:3C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/YDA6xpRvUjnxp_YIl8R-A5v0SEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.240.0/22
Signature Algorithm: sha256WithRSAEncryption
19:6d:72:f8:cb:e7:f3:a3:2e:fa:28:3b:0f:ba:02:69:40:6b:
0f:40:3f:09:d8:51:2d:e0:c4:b0:c8:7d:b0:1a:d5:e5:0a:f5:
0c:3e:f0:e7:46:d0:ec:90:92:d4:be:5a:53:95:a8:84:0b:80:
5a:ee:70:3e:b5:0d:3f:18:63:de:c2:57:30:a2:57:92:b7:d2:
69:8d:4d:ef:73:5d:80:63:4f:77:04:a2:26:35:5c:bc:e0:5b:
e3:c8:b4:b1:60:10:9c:3f:09:86:37:d4:2e:05:b3:dd:61:27:
b2:26:37:5f:04:ba:53:3d:cc:c0:eb:46:0b:3a:00:a7:96:12:
12:5c:c6:04:98:3a:f3:e4:b4:af:13:6b:91:53:1d:24:a0:c6:
b9:f9:b2:65:95:b3:3b:1e:6c:48:f7:b3:0c:de:25:7a:fa:3d:
19:aa:a6:5e:01:96:7d:bc:e9:f6:fb:99:83:c9:44:83:02:18:
d2:47:a2:b2:98:68:b3:57:20:a8:55:fb:61:55:fe:80:9d:44:
0e:46:62:f3:62:ce:a6:7c:e2:70:09:2b:f3:3a:23:24:4c:20:
bd:c3:49:e3:dc:96:d4:0d:6a:17:70:9f:18:07:07:48:23:0e:
0e:2f:f5:7b:31:4f:2e:09:05:ea:b2:c2:97:4c:40:e1:3a:05:
d9:e8:83:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHlxXWBUOSOFVrVjJwu5r8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYTVhYmU5ZjczMDQzODMxOThiYTFmZmE1OTI3OTBlY2Yy
YzNjZWIwHhcNMjQwOTEyMTAyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMwM2FjNjk0NmY1MjM5ZjFhN2Y2MDg5N2M0N2UwMzliZjQ0ODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA101BXy3/yQ2YtZV26T+R2yjR4lem
JQhTFc4C1lN/QfLI8MmaOJnQFQePeJDdXOQoMZKzUVuhIkoXxpTGIcpDacpHCzXJ
cbO+Qvia1alJ7AKZtJW+sw0/3AKkxEJFn9iy++FUYQMwx3qLoTwRFr/BuNQXagPg
g9XHB7djml56ioWoC4VGJw6ju4khybGtAoY7GMCTpdjl9/9vW4yYFpVg+3s5DHJS
YLn30oRBKPjLASGB87GT+GEY7zticQ88oyWuT8p+93VNqx9OLxz4trKDyDm+7q8P
JId2qzZVgLUBr4Y1opayFMOZtAEKEQUXN6nJaZR3KF/GN91RtsaW0whHrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAwOsaUb1I58af2CJfEfgOb9EhLMB8GA1UdIwQY
MBaAFOqlq+n3MEODGYuh/6WSeQ7PLDzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFXcjZmY3dRNE1aaTZIX3BaSjVEczhzUE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mYjJhYTEtMDA0Yi00OWM0LWFhNDEt
YzlkZTIyYjkxNmNhLzEvWURBNnhwUnZVam54cF9ZSWw4Ui1BNXYwU0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mYjJhYTEtMDA0Yi00OWM0LWFhNDEtYzlkZTIyYjkxNmNh
LzEvNnFXcjZmY3dRNE1aaTZIX3BaSjVEczhzUE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAZbXL4y+fzoy76KDsPugJpQGsPQD8J2FEt4MSwyH2w
GtXlCvUMPvDnRtDskJLUvlpTlaiEC4Ba7nA+tQ0/GGPewlcwoleSt9JpjU3vc12A
Y093BKImNVy84FvjyLSxYBCcPwmGN9QuBbPdYSeyJjdfBLpTPczA60YLOgCnlhIS
XMYEmDrz5LSvE2uRUx0koMa5+bJllbM7HmxI97MM3iV6+j0ZqqZeAZZ9vOn2+5mD
yUSDAhjSR6KymGizVyCoVfthVf6AnUQORmLzYs6mfOJwCSvzOiMkTCC9w0nj3JbU
DWoXcJ8YBwdIIw4OL/V7MU8uCQXqssKXTEDhOgXZ6IMD
-----END CERTIFICATE-----
Generated at Fri Sep 13 10:35:14 2024 by rpki-client on console-fra.rpki-client.org