Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/bU1yKPIMHpIQhDFdILVORfNYt9M.roa
File: bU1yKPIMHpIQhDFdILVORfNYt9M.roa (raw, json)
Hash identifier: AD7bMkNc8GBa9BSFcTFPg8a9z95gP1pwOSe7zmN5SjA=
Subject key identifier: 6D:4D:72:28:F2:0C:1E:92:10:84:31:5D:20:B5:4E:45:F3:58:B7:D3
Certificate issuer: /CN=eaa5abe9f7304383198ba1ffa592790ecf2c3ceb
Certificate serial: 0191E5663E9E6EBEDD0B6E975E06F6DAA007
Authority key identifier: EA:A5:AB:E9:F7:30:43:83:19:8B:A1:FF:A5:92:79:0E:CF:2C:3C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/bU1yKPIMHpIQhDFdILVORfNYt9M.roa
Signing time: Thu 12 Sep 2024 08:42:48 +0000
ROA not before: Thu 12 Sep 2024 08:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60475
IP address blocks: 45.90.240.0/23 maxlen: 23
45.90.242.0/23 maxlen: 23
45.90.242.0/24 maxlen: 24
45.90.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:66:3e:9e:6e:be:dd:0b:6e:97:5e:06:f6:da:a0:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaa5abe9f7304383198ba1ffa592790ecf2c3ceb
Validity
Not Before: Sep 12 08:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d4d7228f20c1e921084315d20b54e45f358b7d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:42:9d:e2:e9:a7:5c:4e:23:8d:0c:ff:b2:
c0:1f:7c:80:0f:62:e1:e8:ec:70:b4:ef:bf:ec:d4:
5e:fa:e2:c2:09:66:e6:f1:8b:c1:74:13:ba:19:4f:
ac:f5:f0:b5:38:5e:a6:d7:2d:32:f0:21:52:02:87:
8a:d8:fb:f4:ee:be:a7:51:1a:c2:b8:7f:a4:8a:ea:
fc:44:ca:2c:34:06:a6:9f:25:4a:f1:4e:83:21:07:
6a:b0:54:38:99:f3:54:8f:75:0b:56:72:e5:0e:7b:
74:76:84:cb:01:42:77:b2:fe:ec:32:1c:06:53:78:
f6:75:2c:e6:8b:1f:43:a9:c5:6f:26:70:72:2f:b2:
ce:c8:4a:58:40:47:1d:ef:e8:0f:63:ea:77:e5:00:
39:df:f0:2a:0d:ee:09:32:b3:82:a8:eb:2e:12:f8:
fa:d0:90:6c:2b:b1:84:83:a6:13:cb:af:46:52:35:
b0:0c:94:b4:1e:02:75:73:55:71:7f:14:19:8e:a1:
d3:df:bb:51:a3:f0:81:85:91:fd:f9:91:a2:22:f5:
50:60:50:8f:2e:15:6f:4c:05:17:42:99:e5:91:75:
4a:a2:87:63:0e:c8:25:1b:a2:b0:99:51:c6:c4:d2:
8d:18:72:71:79:76:dd:25:c4:58:a2:b8:90:d2:53:
f5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4D:72:28:F2:0C:1E:92:10:84:31:5D:20:B5:4E:45:F3:58:B7:D3
X509v3 Authority Key Identifier:
keyid:EA:A5:AB:E9:F7:30:43:83:19:8B:A1:FF:A5:92:79:0E:CF:2C:3C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/bU1yKPIMHpIQhDFdILVORfNYt9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/fb2aa1-004b-49c4-aa41-c9de22b916ca/1/6qWr6fcwQ4MZi6H_pZJ5Ds8sPOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.240.0/22
Signature Algorithm: sha256WithRSAEncryption
48:5f:b1:d9:ca:27:ba:5f:ab:9b:82:db:49:02:6f:51:2a:b2:
33:93:11:e8:84:6f:ec:d8:24:27:79:85:0b:31:4a:b2:bb:c9:
0d:69:be:59:16:61:1b:94:73:d9:ba:9b:68:90:bd:82:68:5d:
5f:b4:e9:0a:95:1c:00:84:76:93:33:07:17:d2:5b:7a:31:c0:
48:e2:5c:2e:2d:ce:ba:6e:5b:18:d3:75:7d:b1:e2:77:ac:54:
d4:2f:ce:ac:2e:aa:1c:5b:3b:5b:15:45:6c:b4:8c:1a:a4:ce:
be:60:e9:0c:51:b3:3b:a5:f8:b2:dd:da:ef:0b:fa:f7:54:f1:
b4:6b:54:9d:fe:bb:5c:c7:39:35:fe:4f:db:8b:40:d7:5b:7e:
02:8b:9a:08:12:ae:92:18:9f:79:e5:7e:1f:c6:5c:05:4e:0b:
96:50:82:94:7f:3e:8f:21:28:88:2b:f2:8e:67:00:d1:58:df:
73:d0:0d:ed:84:1d:92:d3:c3:a7:44:fc:f3:30:cd:24:67:36:
8a:2a:1c:c2:e7:42:9a:73:f0:f1:d3:d1:8b:34:0c:5e:4f:d0:
7e:5e:88:5c:14:8b:96:9b:21:66:78:43:4f:4a:b3:e5:fb:a3:
71:8f:b9:7e:23:e4:78:0a:02:c4:3b:60:4d:47:9d:dd:2a:b9:
9c:9f:87:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHlZj6ebr7dC26XXgb22qAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYTVhYmU5ZjczMDQzODMxOThiYTFmZmE1OTI3OTBlY2Yy
YzNjZWIwHhcNMjQwOTEyMDg0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRkNzIyOGYyMGMxZTkyMTA4NDMxNWQyMGI1NGU0NWYzNThiN2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTlCneLpp1xOI40M/7LAH3yAD2Lh
6OxwtO+/7NRe+uLCCWbm8YvBdBO6GU+s9fC1OF6m1y0y8CFSAoeK2Pv07r6nURrC
uH+kiur8RMosNAamnyVK8U6DIQdqsFQ4mfNUj3ULVnLlDnt0doTLAUJ3sv7sMhwG
U3j2dSzmix9DqcVvJnByL7LOyEpYQEcd7+gPY+p35QA53/AqDe4JMrOCqOsuEvj6
0JBsK7GEg6YTy69GUjWwDJS0HgJ1c1VxfxQZjqHT37tRo/CBhZH9+ZGiIvVQYFCP
LhVvTAUXQpnlkXVKoodjDsglG6KwmVHGxNKNGHJxeXbdJcRYoriQ0lP1xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1NcijyDB6SEIQxXSC1TkXzWLfTMB8GA1UdIwQY
MBaAFOqlq+n3MEODGYuh/6WSeQ7PLDzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFXcjZmY3dRNE1aaTZIX3BaSjVEczhzUE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mYjJhYTEtMDA0Yi00OWM0LWFhNDEt
YzlkZTIyYjkxNmNhLzEvYlUxeUtQSU1IcElRaERGZElMVk9SZk5ZdDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mYjJhYTEtMDA0Yi00OWM0LWFhNDEtYzlkZTIyYjkxNmNh
LzEvNnFXcjZmY3dRNE1aaTZIX3BaSjVEczhzUE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVrwMA0G
CSqGSIb3DQEBCwUAA4IBAQBIX7HZyie6X6ubgttJAm9RKrIzkxHohG/s2CQneYUL
MUqyu8kNab5ZFmEblHPZuptokL2CaF1ftOkKlRwAhHaTMwcX0lt6McBI4lwuLc66
blsY03V9seJ3rFTUL86sLqocWztbFUVstIwapM6+YOkMUbM7pfiy3drvC/r3VPG0
a1Sd/rtcxzk1/k/bi0DXW34Ci5oIEq6SGJ955X4fxlwFTguWUIKUfz6PISiIK/KO
ZwDRWN9z0A3thB2S08OnRPzzMM0kZzaKKhzC50Kac/Dx09GLNAxeT9B+XohcFIuW
myFmeENPSrPl+6Nxj7l+I+R4CgLEO2BNR53dKrmcn4f3
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:23 2024 by rpki-client on console-ams.rpki-client.org