Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/45hGnyWffvMA2xuXeG9M55AsMss.roa
File: 45hGnyWffvMA2xuXeG9M55AsMss.roa (raw, json)
Hash identifier: OUPWQEW4L9EV5/FIP9m4uHafd9xDUAxKVmPVt1SYmnA=
Subject key identifier: E3:98:46:9F:25:9F:7E:F3:00:DB:1B:97:78:6F:4C:E7:90:2C:32:CB
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018895EB3400D9BB26C0B701FFCDEC8BE2A8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/45hGnyWffvMA2xuXeG9M55AsMss.roa
Signing time: Wed 07 Jun 2023 12:53:19 +0000
ROA not before: Wed 07 Jun 2023 12:53:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207743
IP address blocks: 64.43.77.0/24 maxlen: 24
64.43.78.0/23 maxlen: 23
109.207.134.0/23 maxlen: 23
64.43.96.0/23 maxlen: 23
64.43.98.0/23 maxlen: 23
93.120.26.0/24 maxlen: 24
93.120.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:eb:34:00:d9:bb:26:c0:b7:01:ff:cd:ec:8b:e2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 7 12:53:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e398469f259f7ef300db1b97786f4ce7902c32cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3e:c1:56:9a:00:0b:a2:8d:26:71:26:a5:0f:
cc:c3:51:0d:fb:64:d2:df:4c:ce:2d:b5:8b:a5:b8:
da:79:b6:c0:a2:00:4a:d0:89:a1:7e:11:19:d8:4f:
9d:32:b7:53:2a:ac:ca:c0:bf:ba:a0:04:07:77:db:
4b:9f:f9:ea:58:64:a5:38:7a:95:2a:97:f4:44:11:
1b:11:6c:ec:e6:13:2f:fa:3e:bb:47:ad:27:7d:20:
51:60:7b:8d:79:4e:16:00:2f:a3:eb:b3:63:18:81:
9c:17:4f:97:14:2e:4b:9c:ef:39:9f:01:b5:cc:6b:
61:a9:b3:4b:91:e5:fb:93:32:a7:52:6d:d3:54:7c:
98:92:e8:7f:4e:5f:43:92:73:d0:e3:22:34:39:67:
51:75:4b:a0:d1:c2:16:fb:63:2c:ee:60:32:e0:6e:
de:31:db:94:94:c0:cc:ee:91:f1:00:15:62:7d:2d:
ee:c8:33:0b:33:c8:94:0a:ba:41:ef:dc:09:2e:3f:
80:4a:35:19:c5:e6:98:5e:14:d3:2c:df:a1:2a:ac:
be:5f:3b:55:fb:31:ca:20:35:8e:b4:5a:b6:20:61:
1b:04:19:2a:39:b1:08:cd:2e:57:6e:c5:d1:ad:dd:
f9:2f:0e:ad:cb:17:86:77:d7:45:42:84:5d:82:2d:
79:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:98:46:9F:25:9F:7E:F3:00:DB:1B:97:78:6F:4C:E7:90:2C:32:CB
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/45hGnyWffvMA2xuXeG9M55AsMss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.77.0-64.43.79.255
64.43.96.0/22
93.120.26.0/24
93.120.32.0/24
109.207.134.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:1a:bd:f5:8c:42:34:b6:bf:75:42:00:e2:f4:8a:e4:e8:83:
3c:be:95:ff:22:ba:ee:97:78:4f:29:d0:e9:a3:8d:90:ab:8d:
93:62:4a:7b:ad:10:50:8b:fa:81:7c:4e:0a:95:8e:42:3c:69:
1e:3f:e9:0f:4d:31:a0:15:a3:d8:57:73:73:f8:4d:f7:e9:e3:
b7:b5:96:31:56:7e:e8:cb:17:ae:69:01:db:5e:cc:f6:19:2e:
6a:65:a3:a6:cc:85:e4:d2:29:54:34:89:ee:58:05:29:be:5b:
fc:5f:fa:17:dd:c9:cd:44:e7:19:d1:f1:70:b0:95:2c:e9:76:
3d:87:e4:ba:62:1b:6b:cc:6c:cc:aa:4c:10:46:4b:26:45:1a:
5f:3e:e3:56:73:0b:54:e2:79:3a:15:b6:0d:30:02:40:68:13:
93:60:f6:6b:00:d4:5d:d5:05:46:08:80:92:38:7b:4f:fb:13:
fa:51:31:d7:5b:37:ef:e1:83:57:fe:36:ad:e7:23:94:d5:89:
4e:9b:71:c2:10:ec:ee:2d:e5:56:cd:7a:47:99:98:17:4d:53:
1a:4c:cd:39:15:a9:da:eb:a6:64:45:78:7a:07:8e:6e:4f:ea:
33:e4:84:e3:e7:40:a3:4f:9a:33:16:db:89:9d:16:ca:fc:06:
89:22:fb:56
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYiV6zQA2bsmwLcB/83si+KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA3MTI1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk4NDY5ZjI1OWY3ZWYzMDBkYjFiOTc3ODZmNGNlNzkwMmMzMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz7BVpoAC6KNJnEmpQ/Mw1EN+2TS
30zOLbWLpbjaebbAogBK0ImhfhEZ2E+dMrdTKqzKwL+6oAQHd9tLn/nqWGSlOHqV
Kpf0RBEbEWzs5hMv+j67R60nfSBRYHuNeU4WAC+j67NjGIGcF0+XFC5LnO85nwG1
zGthqbNLkeX7kzKnUm3TVHyYkuh/Tl9DknPQ4yI0OWdRdUug0cIW+2Ms7mAy4G7e
MduUlMDM7pHxABVifS3uyDMLM8iUCrpB79wJLj+ASjUZxeaYXhTTLN+hKqy+XztV
+zHKIDWOtFq2IGEbBBkqObEIzS5XbsXRrd35Lw6tyxeGd9dFQoRdgi15IQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOOYRp8ln37zANsbl3hvTOeQLDLLMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNDVoR255V2Zmdk1BMnh1WGVHOU01NUFzTXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABAK00D
BARAK0ADBAJAK2ADBABdeBoDBABdeCADBAFtz4YwDQYJKoZIhvcNAQELBQADggEB
AEoavfWMQjS2v3VCAOL0iuTogzy+lf8iuu6XeE8p0OmjjZCrjZNiSnutEFCL+oF8
TgqVjkI8aR4/6Q9NMaAVo9hXc3P4Tffp47e1ljFWfujLF65pAdtezPYZLmplo6bM
heTSKVQ0ie5YBSm+W/xf+hfdyc1E5xnR8XCwlSzpdj2H5LpiG2vMbMyqTBBGSyZF
Gl8+41ZzC1TieToVtg0wAkBoE5Ng9msA1F3VBUYIgJI4e0/7E/pRMddbN+/hg1f+
Nq3nI5TViU6bccIQ7O4t5VbNekeZmBdNUxpMzTkVqdrrpmRFeHoHjm5P6jPkhOPn
QKNPmjMW24mdFsr8Boki+1Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org