Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/CPa33Htr7SSp3QOz7EegUwXrfQE.roa
File: CPa33Htr7SSp3QOz7EegUwXrfQE.roa (raw, json)
Hash identifier: kQKfkUZVDZvvumOjUsJ+Zt0IncwfvPciIFYI6ZLuO48=
Subject key identifier: 08:F6:B7:DC:7B:6B:ED:24:A9:DD:03:B3:EC:47:A0:53:05:EB:7D:01
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 01933A995EB3D05360B32C9F698BD404D3B0
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/CPa33Htr7SSp3QOz7EegUwXrfQE.roa
Signing time: Sun 17 Nov 2024 14:49:10 +0000
ROA not before: Sun 17 Nov 2024 14:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152159
IP address blocks: 45.91.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 10:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:99:5e:b3:d0:53:60:b3:2c:9f:69:8b:d4:04:d3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Nov 17 14:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08f6b7dc7b6bed24a9dd03b3ec47a05305eb7d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f7:17:79:79:05:0b:cc:78:fc:46:e3:59:fb:
94:0a:a6:79:49:3f:1c:ed:a1:55:67:af:c4:7f:4f:
d5:09:f3:ca:c6:9d:65:19:f4:43:e7:cc:00:b9:83:
94:d5:a5:97:4f:1e:ff:70:cc:27:a9:8f:b6:2e:10:
00:98:56:17:3e:ad:48:09:05:ec:cf:66:d6:6d:71:
a7:6e:ad:09:83:12:e4:2c:c3:00:a4:eb:c7:67:13:
b3:47:1c:57:e7:a5:92:04:70:47:70:a1:b9:62:56:
20:61:7d:ca:a3:cf:c6:b0:b4:ac:fb:45:94:c2:8a:
04:23:f5:20:f4:34:19:f2:28:8c:cb:a9:18:3e:7a:
55:d5:6f:f1:29:20:98:16:96:08:62:69:cf:11:46:
d6:fa:bc:59:1c:da:43:52:fd:28:26:a7:71:01:92:
d8:cc:aa:9b:1c:68:5c:2d:3f:cb:36:0e:02:01:09:
ed:17:95:b6:5a:b7:a9:84:c8:b3:81:e1:81:75:df:
f6:4f:6b:0c:c8:b8:f6:04:1f:08:a9:c6:4e:f7:64:
e3:6d:66:a8:a2:38:7b:36:41:24:a2:aa:5c:2a:94:
e7:0c:ce:55:d9:9a:b7:34:70:3c:d3:d1:ad:92:ad:
80:fc:da:f9:cb:13:f1:25:db:b7:46:ec:30:a2:42:
22:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F6:B7:DC:7B:6B:ED:24:A9:DD:03:B3:EC:47:A0:53:05:EB:7D:01
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/CPa33Htr7SSp3QOz7EegUwXrfQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.224.0/24
Signature Algorithm: sha256WithRSAEncryption
23:fe:50:25:51:0b:43:58:d1:08:55:1d:dd:0b:97:70:cd:c3:
e3:18:7a:4d:f3:66:be:58:fd:c2:66:7d:87:49:7e:a4:82:19:
7d:cc:49:3a:41:1f:c4:cb:e1:93:45:7c:62:26:8a:e0:a6:be:
b7:7c:56:57:f6:7e:f7:2d:c1:12:19:ad:46:48:21:b3:08:6c:
0d:42:7d:df:24:79:77:34:4f:dc:0c:03:ba:dc:f9:4f:4a:1a:
2f:29:ec:c4:c2:1c:8b:c2:b7:86:b4:36:6b:0e:ca:ac:3e:f7:
97:c0:07:5c:df:f8:10:06:1f:e7:84:79:5a:7b:46:95:f6:fb:
a7:d9:d8:b6:05:85:17:6e:fe:9b:7b:80:ab:92:97:c1:5f:e3:
ae:6f:96:01:bd:d2:b4:fb:78:f7:9e:7e:ec:65:4d:2d:f1:26:
d9:dd:21:49:f0:f8:2d:53:6a:0f:b9:3b:f3:ac:ec:02:29:e1:
93:84:d9:51:8e:8a:3e:b4:f9:29:c6:a2:11:a5:ea:f9:99:8a:
46:c5:5d:64:44:43:c2:19:8c:d0:cc:f6:73:2e:60:e9:c0:62:
62:06:60:04:9c:97:75:e0:9d:12:45:4f:65:53:fd:34:0e:94:
55:e5:ae:d8:50:30:44:cc:8d:03:60:08:de:71:ab:86:f0:14:
67:15:91:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZM6mV6z0FNgsyyfaYvUBNOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQxMTE3MTQ0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGY2YjdkYzdiNmJlZDI0YTlkZDAzYjNlYzQ3YTA1MzA1ZWI3ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PcXeXkFC8x4/EbjWfuUCqZ5ST8c
7aFVZ6/Ef0/VCfPKxp1lGfRD58wAuYOU1aWXTx7/cMwnqY+2LhAAmFYXPq1ICQXs
z2bWbXGnbq0JgxLkLMMApOvHZxOzRxxX56WSBHBHcKG5YlYgYX3Ko8/GsLSs+0WU
wooEI/Ug9DQZ8iiMy6kYPnpV1W/xKSCYFpYIYmnPEUbW+rxZHNpDUv0oJqdxAZLY
zKqbHGhcLT/LNg4CAQntF5W2WrephMizgeGBdd/2T2sMyLj2BB8IqcZO92TjbWao
ojh7NkEkoqpcKpTnDM5V2Zq3NHA809Gtkq2A/Nr5yxPxJdu3RuwwokIitQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAj2t9x7a+0kqd0Ds+xHoFMF630BMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvQ1BhMzNIdHI3U1NwM1FPejdFZWdVd1hyZlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVvgMA0G
CSqGSIb3DQEBCwUAA4IBAQAj/lAlUQtDWNEIVR3dC5dwzcPjGHpN82a+WP3CZn2H
SX6kghl9zEk6QR/Ey+GTRXxiJorgpr63fFZX9n73LcESGa1GSCGzCGwNQn3fJHl3
NE/cDAO63PlPShovKezEwhyLwreGtDZrDsqsPveXwAdc3/gQBh/nhHlae0aV9vun
2di2BYUXbv6be4CrkpfBX+Oub5YBvdK0+3j3nn7sZU0t8SbZ3SFJ8PgtU2oPuTvz
rOwCKeGThNlRjoo+tPkpxqIRper5mYpGxV1kREPCGYzQzPZzLmDpwGJiBmAEnJd1
4J0SRU9lU/00DpRV5a7YUDBEzI0DYAjecauG8BRnFZHs
-----END CERTIFICATE-----
Generated at Mon Nov 18 13:32:29 2024 by rpki-client on console-ams.rpki-client.org