Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ES0ChU8gh0hRO_RekTenc5g_hfE.roa
File: ES0ChU8gh0hRO_RekTenc5g_hfE.roa (raw, json)
Hash identifier: ONLZPYHCAQZir9vTHjlyVwhrGPgcutHuWwnqOcrWpGE=
Subject key identifier: 11:2D:02:85:4F:20:87:48:51:3B:F4:5E:91:37:A7:73:98:3F:85:F1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7A0F4DEE0BE545970794B63E8B468
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ES0ChU8gh0hRO_RekTenc5g_hfE.roa
Signing time: Mon 02 Jan 2023 08:44:49 +0000
ROA not before: Mon 02 Jan 2023 08:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39690
IP address blocks: 45.143.44.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a0:f4:de:e0:be:54:59:70:79:4b:63:e8:b4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=112d02854f208748513bf45e9137a773983f85f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:05:0b:3d:1d:ad:9b:c6:b9:96:10:b1:3f:99:
1a:40:46:7e:c8:84:26:ba:2d:6a:15:d5:19:4a:b0:
00:03:c5:95:17:59:0d:26:22:15:5f:20:73:b4:69:
74:8f:8f:5d:bd:18:bd:5f:85:c7:4e:09:e3:be:a1:
30:0e:b0:aa:6d:9a:db:5e:ae:44:28:b6:b7:4e:f8:
7b:89:a7:41:2c:63:1b:c7:64:51:a1:a0:c8:b0:2b:
ae:ac:9a:71:0d:26:7d:66:75:1b:03:58:54:36:99:
22:3c:84:96:41:b4:c1:61:97:d3:c2:1d:1a:2e:97:
f2:80:af:e0:a7:bd:88:03:bc:e6:9a:58:a4:30:11:
e5:81:03:41:33:a1:81:9d:e8:1c:1a:c4:49:17:1b:
f7:f4:2e:8c:ed:b7:20:53:da:2e:5d:62:a3:fb:d6:
37:b2:b4:66:77:52:9b:20:de:99:3a:8b:58:73:e3:
19:08:be:ae:68:c2:7c:1c:27:33:ea:26:23:58:70:
fb:0a:23:21:88:02:65:b0:e4:1d:9d:64:7d:f4:73:
b8:cd:aa:61:b1:14:62:76:49:eb:a6:58:3e:38:7a:
3a:db:14:4b:fe:c2:21:d5:d0:82:a8:d2:76:b1:35:
c9:f1:1e:7d:6b:3c:02:7b:14:a6:3d:e8:30:13:64:
90:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2D:02:85:4F:20:87:48:51:3B:F4:5E:91:37:A7:73:98:3F:85:F1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/ES0ChU8gh0hRO_RekTenc5g_hfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.44.0/22
Signature Algorithm: sha256WithRSAEncryption
41:b5:70:a9:02:c6:c3:34:25:29:00:9b:92:9b:e2:f8:03:05:
12:e9:58:aa:af:ef:6c:19:c4:f3:4d:c5:a7:b4:0d:9c:96:e2:
00:9a:8a:9c:d2:92:05:ab:55:89:d7:db:68:55:cb:cc:a7:11:
ce:48:d5:e0:80:89:27:d1:e0:10:5b:51:5e:c9:ae:ef:df:8d:
42:b8:1b:81:0a:52:be:cf:f9:c5:14:35:7b:91:8d:74:e7:31:
4e:0e:ac:22:b1:af:f9:72:8c:70:94:6e:68:36:6e:ae:cf:a4:
00:59:c8:81:29:aa:3a:19:c1:bb:11:ab:65:79:c1:b5:30:84:
45:5b:75:5f:d7:a3:ff:34:96:91:4f:49:a6:4a:ef:f2:f4:18:
37:78:77:d4:9f:38:92:cb:d8:e1:a6:4b:45:57:21:e2:62:8d:
20:0a:94:48:1f:bc:3a:74:80:a4:ad:f2:b1:b8:15:f0:8e:98:
58:4d:5d:7f:33:e3:b0:48:c8:8e:90:f6:c3:5f:29:8b:9a:97:
90:d4:36:f0:4e:d4:4f:07:c9:95:5e:66:8c:b7:41:c2:03:24:
5f:5c:89:98:12:ff:ee:4e:f6:e9:f2:76:21:1a:d9:b6:56:82:
61:f9:3e:5a:2d:42:c7:c2:17:1a:a6:60:06:c4:02:34:d2:51:
f0:e4:28:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp6D03uC+VFlweUtj6LRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJkMDI4NTRmMjA4NzQ4NTEzYmY0NWU5MTM3YTc3Mzk4M2Y4NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QULPR2tm8a5lhCxP5kaQEZ+yIQm
ui1qFdUZSrAAA8WVF1kNJiIVXyBztGl0j49dvRi9X4XHTgnjvqEwDrCqbZrbXq5E
KLa3Tvh7iadBLGMbx2RRoaDIsCuurJpxDSZ9ZnUbA1hUNpkiPISWQbTBYZfTwh0a
LpfygK/gp72IA7zmmlikMBHlgQNBM6GBnegcGsRJFxv39C6M7bcgU9ouXWKj+9Y3
srRmd1KbIN6ZOotYc+MZCL6uaMJ8HCcz6iYjWHD7CiMhiAJlsOQdnWR99HO4zaph
sRRidknrplg+OHo62xRL/sIh1dCCqNJ2sTXJ8R59azwCexSmPegwE2SQMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEtAoVPIIdIUTv0XpE3p3OYP4XxMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRVMwQ2hVOGdoMGhST19SZWtUZW5jNWdfaGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY8sMA0G
CSqGSIb3DQEBCwUAA4IBAQBBtXCpAsbDNCUpAJuSm+L4AwUS6Viqr+9sGcTzTcWn
tA2cluIAmoqc0pIFq1WJ19toVcvMpxHOSNXggIkn0eAQW1Feya7v341CuBuBClK+
z/nFFDV7kY105zFODqwisa/5coxwlG5oNm6uz6QAWciBKao6GcG7EatlecG1MIRF
W3Vf16P/NJaRT0mmSu/y9Bg3eHfUnziSy9jhpktFVyHiYo0gCpRIH7w6dICkrfKx
uBXwjphYTV1/M+OwSMiOkPbDXymLmpeQ1DbwTtRPB8mVXmaMt0HCAyRfXImYEv/u
Tvbp8nYhGtm2VoJh+T5aLULHwhcapmAGxAI00lHw5Cjp
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:06 2024 by rpki-client on console-ams.rpki-client.org