Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/40ehfBxTRZGGKAStsdEYqYDojWo.roa
File: 40ehfBxTRZGGKAStsdEYqYDojWo.roa (raw, json)
Hash identifier: DlCXvtc3TfLmBvwUidVcO8IT9K64HisCRVa0WLO2azQ=
Subject key identifier: E3:47:A1:7C:1C:53:45:91:86:28:04:AD:B1:D1:18:A9:80:E8:8D:6A
Certificate issuer: /CN=e7c07db9880133c5cdce005bca111b552cd14c53
Certificate serial: 018B9455602E77ED8D29DEC49F481990675F
Authority key identifier: E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/40ehfBxTRZGGKAStsdEYqYDojWo.roa
Signing time: Fri 03 Nov 2023 08:38:25 +0000
ROA not before: Fri 03 Nov 2023 08:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202539
IP address blocks: 45.12.200.0/24 maxlen: 24
2a0e:bf00::/32 maxlen: 48
2001:67c:1160::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:55:60:2e:77:ed:8d:29:de:c4:9f:48:19:90:67:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7c07db9880133c5cdce005bca111b552cd14c53
Validity
Not Before: Nov 3 08:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e347a17c1c534591862804adb1d118a980e88d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:75:1f:59:f7:ea:af:63:d5:77:ca:49:2a:b9:
49:58:47:a8:2d:0c:f4:7d:bd:e3:5e:41:e1:40:8b:
aa:a0:b9:a2:0f:2b:86:04:36:49:0d:ba:e4:76:f1:
75:4e:1a:6b:35:1d:ee:b8:df:98:bf:1e:05:08:5f:
0a:b5:99:fa:1a:f6:a0:56:2b:d5:b8:c8:d3:cc:dc:
8f:fc:df:96:8a:86:76:ab:89:0d:08:a5:0e:c2:3d:
a0:43:aa:9f:aa:c7:47:c4:b5:ce:46:7a:d1:96:85:
8a:0b:74:98:9e:c1:b3:93:f3:23:b3:14:60:e7:c4:
99:a0:48:e8:90:65:f7:81:51:d1:87:7e:c5:e7:a7:
c2:3d:33:11:5a:08:c0:31:0f:65:7a:4a:2f:11:be:
cf:10:96:78:03:36:26:ba:f2:79:c1:d3:8d:87:81:
fb:26:1d:8b:79:15:1e:84:ff:5a:62:10:9a:79:7c:
84:27:10:f0:8d:69:36:0d:51:2a:6b:0a:0a:49:21:
c8:a9:73:2c:2e:a0:e1:cc:ff:5b:e3:50:cd:b5:f4:
4b:96:62:69:c7:45:6d:f2:4c:4b:b8:62:47:e0:bc:
b2:aa:2b:0b:7b:2f:3c:39:26:e8:89:58:b2:77:5a:
ac:18:0d:e2:cf:88:94:de:1c:be:83:96:ad:95:a2:
3a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:A1:7C:1C:53:45:91:86:28:04:AD:B1:D1:18:A9:80:E8:8D:6A
X509v3 Authority Key Identifier:
keyid:E7:C0:7D:B9:88:01:33:C5:CD:CE:00:5B:CA:11:1B:55:2C:D1:4C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/58B9uYgBM8XNzgBbyhEbVSzRTFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/40ehfBxTRZGGKAStsdEYqYDojWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/8cdd49-c094-4c6a-918c-0aa463cdfca0/1/58B9uYgBM8XNzgBbyhEbVSzRTFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.200.0/24
IPv6:
2001:67c:1160::/48
2a0e:bf00::/32
Signature Algorithm: sha256WithRSAEncryption
d9:bb:73:0d:e1:2c:88:c7:c5:b3:c1:96:14:3b:ac:34:c8:d6:
14:3f:0c:63:42:ca:4b:2e:b9:db:98:c5:86:4d:d1:b8:68:a5:
f2:09:ad:b9:10:92:03:6c:82:74:74:fa:aa:9c:39:92:2a:ec:
21:84:20:50:62:e2:a9:63:7b:53:40:35:3e:a5:c6:49:b3:5e:
0f:eb:9d:1f:5d:63:15:4a:72:fc:75:0f:57:15:94:85:4b:ea:
ea:9e:de:d3:dc:a3:6d:76:9c:42:27:b6:88:47:89:59:39:eb:
42:c6:f3:65:b8:f0:af:5f:79:1d:db:83:59:6e:92:52:42:94:
ff:ad:3d:99:18:51:c2:59:5a:11:e8:f2:f4:0c:7c:7f:a6:c1:
49:93:fe:69:1f:46:7d:ac:9f:6a:58:8e:14:da:41:05:78:7c:
b7:1a:71:7b:52:98:e3:57:af:4a:92:0d:62:3d:04:51:1d:a4:
0b:cc:0f:5d:24:ab:c6:c4:e0:0b:ba:7a:08:61:94:93:53:a1:
d1:fe:cf:8b:26:f5:71:ee:cb:f4:d5:51:49:11:79:92:c6:f8:
69:5a:bc:0b:43:87:9d:62:55:bd:39:ec:e0:3f:d0:64:96:12:
75:ae:cf:11:30:71:07:b5:20:1c:e3:b7:dd:40:a3:25:44:a3:
66:c1:87:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuUVWAud+2NKd7En0gZkGdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YzA3ZGI5ODgwMTMzYzVjZGNlMDA1YmNhMTExYjU1MmNk
MTRjNTMwHhcNMjMxMTAzMDgzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ3YTE3YzFjNTM0NTkxODYyODA0YWRiMWQxMThhOTgwZTg4ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4HUfWffqr2PVd8pJKrlJWEeoLQz0
fb3jXkHhQIuqoLmiDyuGBDZJDbrkdvF1ThprNR3uuN+Yvx4FCF8KtZn6GvagVivV
uMjTzNyP/N+WioZ2q4kNCKUOwj2gQ6qfqsdHxLXORnrRloWKC3SYnsGzk/MjsxRg
58SZoEjokGX3gVHRh37F56fCPTMRWgjAMQ9lekovEb7PEJZ4AzYmuvJ5wdONh4H7
Jh2LeRUehP9aYhCaeXyEJxDwjWk2DVEqawoKSSHIqXMsLqDhzP9b41DNtfRLlmJp
x0Vt8kxLuGJH4LyyqisLey88OSboiViyd1qsGA3iz4iU3hy+g5atlaI6XQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFONHoXwcU0WRhigErbHRGKmA6I1qMB8GA1UdIwQY
MBaAFOfAfbmIATPFzc4AW8oRG1Us0UxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMt
MGFhNDYzY2RmY2EwLzEvNDBlaGZCeFRSWkdHS0FTdHNkRVlxWURvaldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84Y2RkNDktYzA5NC00YzZhLTkxOGMtMGFhNDYzY2RmY2Ew
LzEvNThCOXVZZ0JNOFhOemdCYnloRWJWU3pSVEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALQzIMBYE
AgACMBADBwAgAQZ8EWADBQAqDr8AMA0GCSqGSIb3DQEBCwUAA4IBAQDZu3MN4SyI
x8WzwZYUO6w0yNYUPwxjQspLLrnbmMWGTdG4aKXyCa25EJIDbIJ0dPqqnDmSKuwh
hCBQYuKpY3tTQDU+pcZJs14P650fXWMVSnL8dQ9XFZSFS+rqnt7T3KNtdpxCJ7aI
R4lZOetCxvNluPCvX3kd24NZbpJSQpT/rT2ZGFHCWVoR6PL0DHx/psFJk/5pH0Z9
rJ9qWI4U2kEFeHy3GnF7UpjjV69Kkg1iPQRRHaQLzA9dJKvGxOALunoIYZSTU6HR
/s+LJvVx7sv01VFJEXmSxvhpWrwLQ4edYlW9OezgP9BklhJ1rs8RMHEHtSAc47fd
QKMlRKNmwYdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:52 2024 by rpki-client on console-ams.rpki-client.org