Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/hn13tPwuZ0JsQASnOB_dw-KEss0.roa
File: hn13tPwuZ0JsQASnOB_dw-KEss0.roa (raw, json)
Hash identifier: RwYhJCTSmPb9xQk+KraY5TYn+Nxf5V8UoRtGtJmjgRU=
Subject key identifier: 86:7D:77:B4:FC:2E:67:42:6C:40:04:A7:38:1F:DD:C3:E2:84:B2:CD
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 01856C53D65CA19A560E09FD9A962CB8B341
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/hn13tPwuZ0JsQASnOB_dw-KEss0.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133861
IP address blocks: 45.136.12.0/22 maxlen: 24
45.144.139.0/24 maxlen: 24
45.144.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d6:5c:a1:9a:56:0e:09:fd:9a:96:2c:b8:b3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=867d77b4fc2e67426c4004a7381fddc3e284b2cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:46:bc:bf:4e:12:f0:3c:a7:5d:81:2c:09:b2:
ff:e5:be:f5:0e:e6:ec:56:9a:07:b4:71:5a:d2:c7:
c7:61:f9:94:a8:c6:b3:48:5f:69:18:09:f6:5f:02:
53:86:98:1a:2d:48:ce:e5:89:c8:9b:95:9f:45:36:
8c:a9:ca:0c:22:6b:49:07:20:e2:4d:c7:83:ee:65:
8c:43:bd:e5:cc:92:50:de:f1:3e:77:0b:56:ed:3f:
11:cb:e9:78:82:c6:14:1d:a2:48:ea:b9:0f:c1:63:
45:76:b1:2d:fe:ff:9d:3f:43:ef:6c:42:ff:b8:ba:
4c:00:63:c3:df:c6:21:f1:08:89:b1:65:3f:5d:3e:
8d:0b:71:22:e6:97:2e:53:f9:b6:b3:44:73:50:74:
f3:e6:ce:d6:74:1a:a2:f8:43:f7:a6:02:21:5a:bc:
48:fb:35:d4:57:3c:a4:37:38:4e:b3:bb:b9:84:0b:
2b:a3:0c:06:c6:48:4c:ef:4f:ae:4c:53:b0:f0:61:
e3:30:41:94:9c:df:ca:04:7e:88:24:86:6c:e1:d8:
2a:12:99:df:11:07:79:5d:fd:d8:ce:64:6e:6e:62:
32:7f:5d:5b:32:77:f8:25:d4:e0:d0:f7:0d:73:8b:
f6:8c:99:ff:ca:ef:41:6b:53:13:74:d9:a4:c1:c3:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7D:77:B4:FC:2E:67:42:6C:40:04:A7:38:1F:DD:C3:E2:84:B2:CD
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/hn13tPwuZ0JsQASnOB_dw-KEss0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/22
45.144.136.0/22
Signature Algorithm: sha256WithRSAEncryption
99:92:64:4d:71:60:8f:60:10:75:9c:c2:6e:a1:6c:8e:e5:71:
eb:e4:d6:fe:55:78:47:a5:ef:56:95:45:c6:12:b7:36:27:75:
87:b6:80:eb:20:47:04:a2:07:2d:78:bf:37:bc:23:d3:02:aa:
03:2d:3b:c5:0d:66:45:b9:e1:1e:4a:cd:4c:7f:db:8d:dc:1a:
3b:72:ec:d0:b8:1e:41:10:6f:91:df:0a:ce:8c:e6:04:50:93:
62:9b:55:18:03:87:6e:6c:96:7e:c1:46:4f:e3:a0:e8:03:52:
42:f2:dc:78:0c:93:99:06:cc:78:09:0e:b7:9d:72:1e:9f:ba:
67:58:fd:f3:7a:f9:ee:28:2a:47:5a:d7:96:8d:aa:15:14:87:
a0:9d:46:0d:45:f5:76:d8:ef:fe:ce:a4:f7:33:cc:2f:3e:a7:
47:2a:32:18:20:11:d4:82:86:6b:43:8d:88:7a:ce:60:0c:43:
70:e3:b7:7a:c5:c7:e9:1b:84:13:f6:0c:20:1f:1e:15:16:aa:
87:61:e2:53:00:4c:a6:10:36:a8:0d:fb:8d:f9:f2:e0:d5:97:
cd:de:de:6b:12:12:d3:94:7d:65:0b:64:e4:99:1e:8c:a4:bb:
29:d5:04:2b:9c:1b:1e:d0:d3:08:c2:90:46:fc:d0:10:16:f3:
42:ca:3d:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU9ZcoZpWDgn9mpYsuLNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdkNzdiNGZjMmU2NzQyNmM0MDA0YTczODFmZGRjM2UyODRiMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjka8v04S8DynXYEsCbL/5b71Dubs
VpoHtHFa0sfHYfmUqMazSF9pGAn2XwJThpgaLUjO5YnIm5WfRTaMqcoMImtJByDi
TceD7mWMQ73lzJJQ3vE+dwtW7T8Ry+l4gsYUHaJI6rkPwWNFdrEt/v+dP0PvbEL/
uLpMAGPD38Yh8QiJsWU/XT6NC3Ei5pcuU/m2s0RzUHTz5s7WdBqi+EP3pgIhWrxI
+zXUVzykNzhOs7u5hAsrowwGxkhM70+uTFOw8GHjMEGUnN/KBH6IJIZs4dgqEpnf
EQd5Xf3YzmRubmIyf11bMnf4JdTg0PcNc4v2jJn/yu9Ba1MTdNmkwcPFKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIZ9d7T8LmdCbEAEpzgf3cPihLLNMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvaG4xM3RQd3VaMEpzUUFTbk9CX2R3LUtFc3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYgMAwQC
LZCIMA0GCSqGSIb3DQEBCwUAA4IBAQCZkmRNcWCPYBB1nMJuoWyO5XHr5Nb+VXhH
pe9WlUXGErc2J3WHtoDrIEcEogcteL83vCPTAqoDLTvFDWZFueEeSs1Mf9uN3Bo7
cuzQuB5BEG+R3wrOjOYEUJNim1UYA4dubJZ+wUZP46DoA1JC8tx4DJOZBsx4CQ63
nXIen7pnWP3zevnuKCpHWteWjaoVFIegnUYNRfV22O/+zqT3M8wvPqdHKjIYIBHU
goZrQ42Ies5gDENw47d6xcfpG4QT9gwgHx4VFqqHYeJTAEymEDaoDfuN+fLg1ZfN
3t5rEhLTlH1lC2TkmR6MpLsp1QQrnBse0NMIwpBG/NAQFvNCyj2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:12 2024 by rpki-client on console-ams.rpki-client.org