Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e2e3d6-f226-4a7e-840d-d5763fecd605/1/4iJUQSFWpkdhG56KES0lO9i1WIw.roa
File: 4iJUQSFWpkdhG56KES0lO9i1WIw.roa (raw, json)
Hash identifier: cGWr0ut0D7Cy7wTaCUcJ6VE0e5bT0IKUw6L+PP85Sg4=
Subject key identifier: E2:22:54:41:21:56:A6:47:61:1B:9E:8A:11:2D:25:3B:D8:B5:58:8C
Certificate issuer: /CN=7488ac3ce7e91e240caff219cbe38fcf023bf2b6
Certificate serial: 0189BBCC5776882039464ED80261DBECC9A9
Authority key identifier: 74:88:AC:3C:E7:E9:1E:24:0C:AF:F2:19:CB:E3:8F:CF:02:3B:F2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIisPOfpHiQMr_IZy-OPzwI78rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e2e3d6-f226-4a7e-840d-d5763fecd605/1/4iJUQSFWpkdhG56KES0lO9i1WIw.roa
Signing time: Thu 03 Aug 2023 14:27:58 +0000
ROA not before: Thu 03 Aug 2023 14:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202548
IP address blocks: 185.212.185.0/24 maxlen: 24
45.130.45.0/24 maxlen: 24
2a0f:a040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:cc:57:76:88:20:39:46:4e:d8:02:61:db:ec:c9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7488ac3ce7e91e240caff219cbe38fcf023bf2b6
Validity
Not Before: Aug 3 14:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e22254412156a647611b9e8a112d253bd8b5588c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ba:da:8c:c6:af:c0:20:3c:73:66:3f:0c:c5:
5f:65:eb:76:a5:1a:c9:3e:4e:0f:d0:77:ed:41:1e:
c6:6c:e9:56:00:cb:f5:98:34:83:83:4a:cd:a9:fe:
2e:6c:ff:88:5b:25:55:05:1c:17:2e:b9:6a:6c:1e:
bd:21:57:6c:bd:98:74:68:dc:ff:1a:4f:60:dd:6f:
21:6e:fa:43:a0:81:85:7a:ff:6a:ea:e3:de:47:7c:
27:da:2a:3c:2b:fd:4f:94:a3:96:9c:e5:b2:95:55:
98:35:27:2b:ac:0b:19:00:ee:9e:7f:3d:d1:2b:bd:
54:41:78:2a:e3:38:3a:4e:05:64:2a:3c:56:16:64:
3d:67:d8:0d:4b:e1:3f:61:f9:29:e6:1b:ef:2c:9e:
d3:2a:ce:bd:1c:6e:bc:d8:75:94:2f:96:92:7e:e9:
72:54:db:95:89:f6:56:60:74:7f:20:04:9c:ce:e0:
3f:85:df:25:c0:4a:ba:7b:ed:06:c7:22:06:23:ab:
44:48:09:f2:8d:cd:1f:f7:8c:59:0d:ee:db:ba:a6:
3c:3d:e0:67:98:0f:58:a6:40:c2:f3:70:36:71:fe:
d9:5a:6b:cb:6c:6f:0b:bc:b7:16:e0:c4:75:39:56:
f6:81:a5:c1:05:b7:b8:35:81:56:68:27:c4:61:27:
91:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:22:54:41:21:56:A6:47:61:1B:9E:8A:11:2D:25:3B:D8:B5:58:8C
X509v3 Authority Key Identifier:
keyid:74:88:AC:3C:E7:E9:1E:24:0C:AF:F2:19:CB:E3:8F:CF:02:3B:F2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIisPOfpHiQMr_IZy-OPzwI78rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e2e3d6-f226-4a7e-840d-d5763fecd605/1/4iJUQSFWpkdhG56KES0lO9i1WIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e2e3d6-f226-4a7e-840d-d5763fecd605/1/dIisPOfpHiQMr_IZy-OPzwI78rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.45.0/24
185.212.185.0/24
IPv6:
2a0f:a040::/29
Signature Algorithm: sha256WithRSAEncryption
a9:29:48:f1:34:ac:6f:a4:49:da:42:e2:95:bf:f0:6a:80:70:
56:4f:18:e1:67:92:e6:e2:b0:67:10:60:b9:8b:ec:97:34:4d:
da:4d:c4:ec:c6:3f:1d:02:e7:c5:c0:1e:8a:b8:be:ce:91:6b:
fb:b3:4c:cb:90:2f:c2:16:30:fc:c7:2d:ed:b0:68:65:cf:0e:
b4:a2:5b:e7:7b:50:11:d4:22:bc:9c:a6:31:f2:9c:01:fc:12:
40:d1:13:e5:a3:76:6e:d7:09:f6:fa:a0:0e:ff:81:98:b1:52:
6a:68:12:45:20:e4:ec:2f:dd:df:35:25:12:41:c1:34:51:50:
17:18:7b:45:e5:c3:8a:b6:28:4d:50:c1:a9:be:c8:14:9b:d3:
12:b6:b6:b8:8b:5d:f6:4a:0c:98:e8:44:09:da:59:e7:2f:af:
b8:e6:51:a7:98:7e:b7:6d:f3:a9:df:b7:04:26:2d:c2:3a:c0:
6d:88:d6:fd:13:41:bc:86:ce:0c:89:f3:15:69:98:e9:ba:e2:
d1:cc:c7:f8:61:5e:24:5f:b5:94:cc:85:2d:8c:eb:f9:4e:78:
f3:d2:05:cd:21:c5:7c:a6:c0:61:96:49:c2:69:e2:97:0f:a2:
64:cf:bd:2c:33:41:2b:4d:cd:39:ca:df:a1:49:47:9f:85:a4:
97:3f:49:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYm7zFd2iCA5Rk7YAmHb7MmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODhhYzNjZTdlOTFlMjQwY2FmZjIxOWNiZTM4ZmNmMDIz
YmYyYjYwHhcNMjMwODAzMTQyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjIyNTQ0MTIxNTZhNjQ3NjExYjllOGExMTJkMjUzYmQ4YjU1ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurrajMavwCA8c2Y/DMVfZet2pRrJ
Pk4P0HftQR7GbOlWAMv1mDSDg0rNqf4ubP+IWyVVBRwXLrlqbB69IVdsvZh0aNz/
Gk9g3W8hbvpDoIGFev9q6uPeR3wn2io8K/1PlKOWnOWylVWYNScrrAsZAO6efz3R
K71UQXgq4zg6TgVkKjxWFmQ9Z9gNS+E/Yfkp5hvvLJ7TKs69HG682HWUL5aSfuly
VNuVifZWYHR/IASczuA/hd8lwEq6e+0GxyIGI6tESAnyjc0f94xZDe7buqY8PeBn
mA9YpkDC83A2cf7ZWmvLbG8LvLcW4MR1OVb2gaXBBbe4NYFWaCfEYSeRbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOIiVEEhVqZHYRueihEtJTvYtViMMB8GA1UdIwQY
MBaAFHSIrDzn6R4kDK/yGcvjj88CO/K2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElpc1BPZnBIaVFNcl9JWnktT1B6d0k3OHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMmUzZDYtZjIyNi00YTdlLTg0MGQt
ZDU3NjNmZWNkNjA1LzEvNGlKVVFTRldwa2RoRzU2S0VTMGxPOWkxV0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMmUzZDYtZjIyNi00YTdlLTg0MGQtZDU3NjNmZWNkNjA1
LzEvZElpc1BPZnBIaVFNcl9JWnktT1B6d0k3OHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYItAwQA
udS5MA0EAgACMAcDBQMqD6BAMA0GCSqGSIb3DQEBCwUAA4IBAQCpKUjxNKxvpEna
QuKVv/BqgHBWTxjhZ5Lm4rBnEGC5i+yXNE3aTcTsxj8dAufFwB6KuL7OkWv7s0zL
kC/CFjD8xy3tsGhlzw60olvne1AR1CK8nKYx8pwB/BJA0RPlo3Zu1wn2+qAO/4GY
sVJqaBJFIOTsL93fNSUSQcE0UVAXGHtF5cOKtihNUMGpvsgUm9MStra4i132SgyY
6EQJ2lnnL6+45lGnmH63bfOp37cEJi3COsBtiNb9E0G8hs4MifMVaZjpuuLRzMf4
YV4kX7WUzIUtjOv5Tnjz0gXNIcV8psBhlknCaeKXD6Jkz70sM0ErTc05yt+hSUef
haSXP0nm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:41 2024 by rpki-client on console-ams.rpki-client.org