Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c47iCsdYw9JLhZvWwXcV5PRRaaQ.roa
File: c47iCsdYw9JLhZvWwXcV5PRRaaQ.roa (raw, json)
Hash identifier: tCmxGs/ZXjB578azIbO9zjKEppGlv/UrwfnRsepwtps=
Subject key identifier: 73:8E:E2:0A:C7:58:C3:D2:4B:85:9B:D6:C1:77:15:E4:F4:51:69:A4
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 0186E9AEB27429752BD25D6BDA87877FE7BE
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c47iCsdYw9JLhZvWwXcV5PRRaaQ.roa
Signing time: Thu 16 Mar 2023 09:09:45 +0000
ROA not before: Thu 16 Mar 2023 09:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31529
IP address blocks: 45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
2a0e:dbc0::/48 maxlen: 48
2a0e:dbc0:3::/48 maxlen: 48
2a0e:dbc0:1::/48 maxlen: 48
2a0e:dbc0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e9:ae:b2:74:29:75:2b:d2:5d:6b:da:87:87:7f:e7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Mar 16 09:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=738ee20ac758c3d24b859bd6c17715e4f45169a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6f:71:59:15:85:91:c3:b7:a4:22:da:91:c7:
df:b7:da:7f:55:28:5f:31:b7:56:3f:57:5b:0f:1a:
86:6a:38:70:31:fb:10:9f:76:2f:78:67:3b:35:ec:
3a:2a:5c:63:3e:c8:6f:1a:03:49:86:bf:7f:7f:67:
57:b1:6e:ac:d2:09:51:7a:95:bb:0f:d8:20:d7:7f:
ad:9e:31:ec:4e:c1:37:45:5f:80:90:57:0d:2b:89:
44:2a:41:e7:57:93:98:c1:d0:8d:da:da:44:6c:25:
0e:cc:84:88:cb:22:ef:72:7a:81:b9:95:a9:1e:30:
f5:84:7a:5d:6c:52:05:6b:41:9f:08:e3:43:08:56:
70:d9:42:0e:ce:d6:2d:0c:8c:ec:b1:e1:e4:da:f1:
b8:a9:89:84:4e:78:f5:07:76:f3:86:eb:b8:37:b3:
3c:31:33:57:63:25:d1:11:d5:7f:52:13:e4:51:8f:
41:36:d3:90:8a:df:a3:00:bb:d6:81:19:5d:f1:83:
e0:2c:a0:6d:b7:89:12:68:0f:46:7a:84:31:67:b2:
f4:09:91:62:4c:01:3f:ca:65:b2:8e:79:bc:5c:6a:
82:31:8a:d8:13:b9:56:1b:0a:30:ff:ba:a4:15:2f:
02:e7:57:ca:8a:e8:76:ec:5c:43:64:cf:43:77:9f:
06:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:8E:E2:0A:C7:58:C3:D2:4B:85:9B:D6:C1:77:15:E4:F4:51:69:A4
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/c47iCsdYw9JLhZvWwXcV5PRRaaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/46
Signature Algorithm: sha256WithRSAEncryption
27:60:6a:9f:49:7b:79:f2:5e:2c:42:8a:01:20:d4:28:94:9b:
31:2c:50:77:4e:05:5e:1c:48:df:06:f6:e8:1b:aa:e8:c2:c8:
98:c6:65:5f:c3:fb:12:b1:3e:1d:a5:71:aa:ed:67:7f:bb:2b:
c7:38:ea:41:6e:ee:36:c7:f4:84:8d:be:98:89:a2:23:0b:ad:
a6:38:ef:11:1f:2b:72:82:94:e5:55:10:34:9f:e8:27:b9:2d:
e3:de:c4:53:da:44:30:56:e8:47:9f:0e:8c:a0:cb:db:9a:99:
2a:66:e7:e2:c4:ba:70:34:92:f9:60:7a:a8:6e:1b:a8:38:cc:
74:eb:ca:be:36:85:4d:35:7e:85:77:25:61:f2:81:f8:d3:ba:
70:67:3e:bc:cf:16:11:bb:e9:27:65:77:29:dc:09:d4:5e:13:
c8:da:7e:c9:5b:49:d6:8e:c0:a4:7b:02:cd:4c:ca:e8:8b:d9:
a5:86:d2:46:e3:f3:8f:cb:58:fc:df:64:aa:22:d5:7e:45:55:
1a:65:7e:b3:41:6f:23:41:32:dc:a4:52:a1:23:8f:96:a0:df:
c0:74:f2:c0:ab:c7:1f:96:c2:96:d2:2e:bd:39:7b:9d:c3:31:
e6:af:56:03:bb:f5:38:31:a4:1e:ef:63:12:d8:e7:4b:d6:cc:
4e:29:b8:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbprrJ0KXUr0l1r2oeHf+e+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjMwMzE2MDkwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzhlZTIwYWM3NThjM2QyNGI4NTliZDZjMTc3MTVlNGY0NTE2OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm9xWRWFkcO3pCLakcfft9p/VShf
MbdWP1dbDxqGajhwMfsQn3YveGc7New6KlxjPshvGgNJhr9/f2dXsW6s0glRepW7
D9gg13+tnjHsTsE3RV+AkFcNK4lEKkHnV5OYwdCN2tpEbCUOzISIyyLvcnqBuZWp
HjD1hHpdbFIFa0GfCONDCFZw2UIOztYtDIzsseHk2vG4qYmETnj1B3bzhuu4N7M8
MTNXYyXREdV/UhPkUY9BNtOQit+jALvWgRld8YPgLKBtt4kSaA9GeoQxZ7L0CZFi
TAE/ymWyjnm8XGqCMYrYE7lWGwow/7qkFS8C51fKiuh27FxDZM9Dd58GnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHOO4grHWMPSS4Wb1sF3FeT0UWmkMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvYzQ3aUNzZFl3OUpMaFp2V3dYY1Y1UFJSYWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLY7cMA8E
AgACMAkDBwIqDtvAAAAwDQYJKoZIhvcNAQELBQADggEBACdgap9Je3nyXixCigEg
1CiUmzEsUHdOBV4cSN8G9ugbqujCyJjGZV/D+xKxPh2lcartZ3+7K8c46kFu7jbH
9ISNvpiJoiMLraY47xEfK3KClOVVEDSf6Ce5LePexFPaRDBW6EefDoygy9uamSpm
5+LEunA0kvlgeqhuG6g4zHTryr42hU01foV3JWHygfjTunBnPrzPFhG76Sdldync
CdReE8jafslbSdaOwKR7As1MyuiL2aWG0kbj84/LWPzfZKoi1X5FVRplfrNBbyNB
MtykUqEjj5ag38B08sCrxx+WwpbSLr05e53DMeavVgO79TgxpB7vYxLY50vWzE4p
uMs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:45 2024 by rpki-client on console-ams.rpki-client.org