Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/2gI5o-dxiARZYQeOAX_iwfNxlRk.roa
File: 2gI5o-dxiARZYQeOAX_iwfNxlRk.roa (raw, json)
Hash identifier: cAkWhR1pO/eAqS9r0a0F3/dRK+iTTZXcQnOkalw4N/A=
Subject key identifier: DA:02:39:A3:E7:71:88:04:59:61:07:8E:01:7F:E2:C1:F3:71:95:19
Certificate issuer: /CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Certificate serial: 018CC793DFE77BA130688F7476B59FA9491C
Authority key identifier: 9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/2gI5o-dxiARZYQeOAX_iwfNxlRk.roa
Signing time: Tue 02 Jan 2024 00:30:06 +0000
ROA not before: Tue 02 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208882
IP address blocks: 45.81.40.0/23 maxlen: 23
2a0e:4d80::/29 maxlen: 29
2a0d:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Jan 2024 16:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:df:e7:7b:a1:30:68:8f:74:76:b5:9f:a9:49:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c556767201c50f6b2a955db6a1e6e011dfa5d44
Validity
Not Before: Jan 2 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da0239a3e77188045961078e017fe2c1f3719519
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e2:de:b9:f1:ed:b0:4d:54:25:6d:69:5c:08:
b8:0c:82:10:f4:39:97:6f:4f:e2:86:fb:e8:da:09:
32:2c:03:96:ee:a6:21:2c:81:4e:e8:28:be:b4:d9:
4d:50:d2:64:05:5c:5e:00:e7:46:03:90:53:54:42:
b2:0b:e7:4e:b4:fb:64:7a:00:13:4f:51:77:33:41:
75:26:72:34:32:29:f0:1c:d6:7b:63:56:50:30:7c:
96:89:79:d8:b9:c5:aa:df:29:55:d8:4a:d8:6d:01:
12:2d:6b:d7:77:a6:81:84:f8:38:ec:ce:0c:fc:7d:
1b:34:aa:d2:36:97:4c:9d:3a:85:24:cf:32:83:a0:
1d:a5:34:13:80:f9:8f:22:44:b5:d4:95:68:d3:26:
ae:c2:87:16:bd:29:49:65:77:4a:ea:42:e9:94:6c:
02:a9:bd:b5:d8:f5:48:fa:19:0b:cf:52:96:03:69:
f0:93:39:4d:3b:49:34:d0:80:3f:d1:6f:29:ce:d0:
0e:79:78:db:bc:78:f4:67:4e:ce:84:11:61:56:4f:
2a:8d:d5:3a:9e:01:c5:2a:fc:d6:b5:e8:98:bd:0a:
58:7a:86:a7:fd:33:8d:2e:43:0a:3d:41:d0:78:ae:
d1:98:6c:75:7b:40:c3:f6:8e:90:45:15:11:e1:61:
19:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:02:39:A3:E7:71:88:04:59:61:07:8E:01:7F:E2:C1:F3:71:95:19
X509v3 Authority Key Identifier:
keyid:9C:55:67:67:20:1C:50:F6:B2:A9:55:DB:6A:1E:6E:01:1D:FA:5D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFVnZyAcUPayqVXbah5uAR36XUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/2gI5o-dxiARZYQeOAX_iwfNxlRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6dac86-224b-4ae5-b2a8-496ba82492ce/1/nFVnZyAcUPayqVXbah5uAR36XUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.40.0/23
IPv6:
2a0d:ff40::/29
2a0e:4d80::/29
Signature Algorithm: sha256WithRSAEncryption
83:7b:87:9e:43:bb:fb:81:54:ce:a4:99:90:60:65:85:08:86:
97:7e:10:f0:4d:fa:3b:69:80:1d:0f:50:ef:06:19:55:6c:88:
eb:3d:45:4b:c0:f6:46:a4:1e:10:48:ef:62:90:53:ee:b6:7d:
ee:3a:54:c9:f8:16:9b:1d:df:44:cc:7c:56:83:80:4c:a5:78:
9e:30:6f:c3:7f:7c:60:b0:b2:b4:cc:07:21:f3:79:c7:f5:aa:
e1:69:5c:c8:84:32:d8:14:bc:f0:8d:78:f9:13:52:64:95:48:
bb:c7:f6:fd:9b:97:d4:0f:f8:dd:14:de:7b:43:fa:c7:99:cd:
ff:de:00:aa:2a:19:80:d6:eb:08:70:0b:ad:08:6b:fe:b6:40:
86:32:37:e4:ee:ed:e9:8e:2d:a5:40:15:0b:cb:de:0c:65:2e:
a1:52:61:d0:a6:e6:80:51:25:00:fd:f5:5d:1a:a5:27:3d:c6:
84:a9:97:92:46:ec:58:84:3f:48:ba:a1:fe:00:57:e0:aa:11:
09:17:74:50:98:4c:9b:8c:45:b9:b1:9e:40:ea:49:d9:6e:38:
c0:8c:48:27:ad:ef:7d:11:c5:e3:94:07:db:4e:27:27:69:4c:
aa:ea:3a:ad:d0:3d:a7:ca:31:ce:20:33:8a:e7:11:8f:3f:b3:
30:23:55:e7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzHk9/ne6EwaI90drWfqUkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTU2NzY3MjAxYzUwZjZiMmE5NTVkYjZhMWU2ZTAxMWRm
YTVkNDQwHhcNMjQwMTAyMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTAyMzlhM2U3NzE4ODA0NTk2MTA3OGUwMTdmZTJjMWYzNzE5NTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+LeufHtsE1UJW1pXAi4DIIQ9DmX
b0/ihvvo2gkyLAOW7qYhLIFO6Ci+tNlNUNJkBVxeAOdGA5BTVEKyC+dOtPtkegAT
T1F3M0F1JnI0MinwHNZ7Y1ZQMHyWiXnYucWq3ylV2ErYbQESLWvXd6aBhPg47M4M
/H0bNKrSNpdMnTqFJM8yg6AdpTQTgPmPIkS11JVo0yauwocWvSlJZXdK6kLplGwC
qb212PVI+hkLz1KWA2nwkzlNO0k00IA/0W8pztAOeXjbvHj0Z07OhBFhVk8qjdU6
ngHFKvzWteiYvQpYeoan/TONLkMKPUHQeK7RmGx1e0DD9o6QRRUR4WEZwQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNoCOaPncYgEWWEHjgF/4sHzcZUZMB8GA1UdIwQY
MBaAFJxVZ2cgHFD2sqlV22oebgEd+l1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgt
NDk2YmE4MjQ5MmNlLzEvMmdJNW8tZHhpQVJaWVFlT0FYX2l3Zk54bFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82ZGFjODYtMjI0Yi00YWU1LWIyYTgtNDk2YmE4MjQ5MmNl
LzEvbkZWblp5QWNVUGF5cVZYYmFoNXVBUjM2WFVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBLVEoMBQE
AgACMA4DBQMqDf9AAwUDKg5NgDANBgkqhkiG9w0BAQsFAAOCAQEAg3uHnkO7+4FU
zqSZkGBlhQiGl34Q8E36O2mAHQ9Q7wYZVWyI6z1FS8D2RqQeEEjvYpBT7rZ97jpU
yfgWmx3fRMx8VoOATKV4njBvw398YLCytMwHIfN5x/Wq4WlcyIQy2BS88I14+RNS
ZJVIu8f2/ZuX1A/43RTee0P6x5nN/94AqioZgNbrCHALrQhr/rZAhjI35O7t6Y4t
pUAVC8veDGUuoVJh0KbmgFElAP31XRqlJz3GhKmXkkbsWIQ/SLqh/gBX4KoRCRd0
UJhMm4xFubGeQOpJ2W44wIxIJ63vfRHF45QH204nJ2lMquo6rdA9p8oxziAziucR
jz+zMCNV5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:06 2024 by rpki-client on console-ams.rpki-client.org