Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/D2c11eUFvnmdHe9Ou-jMF6wOZ6o.roa
File: D2c11eUFvnmdHe9Ou-jMF6wOZ6o.roa (raw, json)
Hash identifier: fM/jOXHWa0QnKQb+M+HqWEIbEBhXLdQSXhPJl9g9198=
Subject key identifier: 0F:67:35:D5:E5:05:BE:79:9D:1D:EF:4E:BB:E8:CC:17:AC:0E:67:AA
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC50150A0AC12548101FD09632CEFBAEB
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/D2c11eUFvnmdHe9Ou-jMF6wOZ6o.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48430
IP address blocks: 45.155.52.0/22 maxlen: 24
45.91.52.0/22 maxlen: 22
45.140.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 12:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:50:a0:ac:12:54:81:01:fd:09:63:2c:ef:ba:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f6735d5e505be799d1def4ebbe8cc17ac0e67aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:42:86:bd:18:88:97:43:e8:d4:ee:ec:23:79:
95:1a:27:b0:43:33:5b:b3:94:24:07:68:19:a8:42:
16:23:b9:83:2e:fb:d5:36:ed:6b:4b:45:a7:f3:b0:
61:96:4e:82:05:3e:a1:de:87:3d:ec:08:e5:6f:cf:
12:4c:9f:3b:40:42:7a:0a:fe:2d:81:54:a2:b8:5d:
62:33:aa:59:83:56:a1:e6:e4:82:2d:c2:78:fe:3d:
c7:7a:2e:95:14:76:0a:bd:a5:07:b9:eb:45:57:80:
3a:ca:5c:4a:37:51:7e:d6:82:d7:ab:48:0d:54:4d:
8a:be:0e:e0:d9:14:01:9d:49:1d:9a:85:5e:5e:3e:
19:31:94:8b:aa:9c:d7:12:4a:87:83:c7:d8:c8:bb:
d5:9f:12:3d:ad:68:fe:42:b4:5c:d6:7c:e0:f7:97:
f7:72:00:b4:dc:1a:e7:33:5d:d5:ce:e5:07:23:f3:
cd:a8:4c:4f:f3:b1:cc:75:b7:8e:85:47:24:67:24:
21:3f:85:99:01:02:01:d0:cf:30:86:94:54:aa:af:
7c:53:4b:9c:83:54:fa:da:63:f9:97:65:51:02:f6:
ac:d5:69:22:22:6c:76:65:de:50:4f:66:48:f5:38:
ac:fb:4e:6a:2c:8d:93:7e:b2:a1:e2:21:a0:8e:ef:
a5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:67:35:D5:E5:05:BE:79:9D:1D:EF:4E:BB:E8:CC:17:AC:0E:67:AA
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/D2c11eUFvnmdHe9Ou-jMF6wOZ6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.52.0/22
45.140.166.0/24
45.155.52.0/22
Signature Algorithm: sha256WithRSAEncryption
e1:26:17:1d:e9:bf:04:05:26:72:46:c2:45:0a:1a:55:73:dc:
a3:a8:b2:cc:54:c1:d5:2b:57:4b:11:fa:c8:3f:d7:17:e0:1e:
93:5b:7e:8c:56:77:8d:1a:ec:e6:74:f6:b5:a9:70:c8:ff:69:
69:f3:7b:a2:a1:2d:c0:6e:20:a9:ef:bb:ce:29:6b:73:3c:7e:
70:e2:6c:ba:59:94:04:65:97:7c:af:56:a3:56:7a:5d:b5:21:
52:9b:21:b7:aa:ec:a3:98:7c:51:bf:ac:c6:7c:24:06:ad:4a:
7e:5c:e3:e0:df:0b:91:d1:48:b6:26:73:fa:44:c3:31:dd:6f:
cf:e2:4f:e7:d3:f1:24:15:6c:65:e7:b4:2b:8e:b8:73:41:d3:
c2:60:89:f2:53:39:83:e7:ec:e6:99:c5:33:6b:38:97:04:9c:
0f:91:dc:d0:16:c3:23:7c:db:63:e3:66:f3:2a:2a:26:f2:b1:
a2:f4:ec:e3:a9:14:fb:65:b9:4a:0a:96:e8:0f:ba:54:62:b9:
a5:36:1f:86:3b:cb:21:4c:c4:60:be:d9:9b:49:93:36:1a:76:
85:94:d9:7e:ea:84:4d:75:a8:9d:8a:8b:88:0e:1e:18:cf:8b:
43:b2:69:5d:88:72:8a:ba:d5:bf:8d:8d:ca:54:14:8e:b7:6a:
a0:c9:11:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFAVCgrBJUgQH9CWMs77rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY3MzVkNWU1MDViZTc5OWQxZGVmNGViYmU4Y2MxN2FjMGU2N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0KGvRiIl0Po1O7sI3mVGiewQzNb
s5QkB2gZqEIWI7mDLvvVNu1rS0Wn87Bhlk6CBT6h3oc97Ajlb88STJ87QEJ6Cv4t
gVSiuF1iM6pZg1ah5uSCLcJ4/j3Hei6VFHYKvaUHuetFV4A6ylxKN1F+1oLXq0gN
VE2Kvg7g2RQBnUkdmoVeXj4ZMZSLqpzXEkqHg8fYyLvVnxI9rWj+QrRc1nzg95f3
cgC03BrnM13VzuUHI/PNqExP87HMdbeOhUckZyQhP4WZAQIB0M8whpRUqq98U0uc
g1T62mP5l2VRAvas1WkiImx2Zd5QT2ZI9Tis+05qLI2TfrKh4iGgju+lsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA9nNdXlBb55nR3vTrvozBesDmeqMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvRDJjMTFlVUZ2bm1kSGU5T3Utak1GNndPWjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVs0AwQA
LYymAwQCLZs0MA0GCSqGSIb3DQEBCwUAA4IBAQDhJhcd6b8EBSZyRsJFChpVc9yj
qLLMVMHVK1dLEfrIP9cX4B6TW36MVneNGuzmdPa1qXDI/2lp83uioS3AbiCp77vO
KWtzPH5w4my6WZQEZZd8r1ajVnpdtSFSmyG3quyjmHxRv6zGfCQGrUp+XOPg3wuR
0Ui2JnP6RMMx3W/P4k/n0/EkFWxl57QrjrhzQdPCYInyUzmD5+zmmcUzaziXBJwP
kdzQFsMjfNtj42bzKiom8rGi9OzjqRT7ZblKCpboD7pUYrmlNh+GO8shTMRgvtmb
SZM2GnaFlNl+6oRNdaidiouIDh4Yz4tDsmldiHKKutW/jY3KVBSOt2qgyRF8
-----END CERTIFICATE-----
Generated at Mon Aug 26 15:20:52 2024 by rpki-client on console-ams.rpki-client.org