Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/rjebunDknRDKpeg7AtcBgg8WjKg.roa
File: rjebunDknRDKpeg7AtcBgg8WjKg.roa (raw, json)
Hash identifier: 6kZrHHlLmc2T0p2LqPIBxYc0abU6BXGAej0V0jmxdrM=
Subject key identifier: AE:37:9B:BA:70:E4:9D:10:CA:A5:E8:3B:02:D7:01:82:0F:16:8C:A8
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01856FD523CFB9E98AB880DA94C680BBE250
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/rjebunDknRDKpeg7AtcBgg8WjKg.roa
Signing time: Mon 02 Jan 2023 00:15:17 +0000
ROA not before: Mon 02 Jan 2023 00:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8315
IP address blocks: 145.131.0.0/20 maxlen: 24
145.131.16.0/20 maxlen: 24
145.131.32.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:23:cf:b9:e9:8a:b8:80:da:94:c6:80:bb:e2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 2 00:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae379bba70e49d10caa5e83b02d701820f168ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d6:fa:49:0b:1b:02:e8:c2:7c:f4:4f:8b:8f:
6a:a4:62:79:73:95:d3:54:3e:42:6d:4e:2c:81:5e:
cb:46:f5:e2:ad:c6:3e:5a:16:b7:25:fe:14:7e:aa:
74:60:06:08:07:bd:a3:5f:40:7a:c7:be:d2:c2:5c:
ed:f3:5a:7e:d8:d9:ce:0b:01:ce:14:6a:1b:5c:f6:
4f:2a:35:f3:e4:6c:0b:6e:da:7b:84:4b:0e:cd:fd:
4f:e6:5a:da:b9:65:f5:80:a4:e1:6d:4c:4c:00:79:
ce:a5:5f:4d:f1:0d:de:dd:af:55:27:6c:b4:fa:9c:
a4:1c:c3:da:6c:27:c6:50:00:ff:9e:c7:18:91:c3:
3e:80:41:db:e2:2e:90:d7:49:49:cc:6a:55:ef:8e:
b9:a3:a7:9a:dc:c2:de:e4:e2:1d:2e:0b:09:70:fa:
ef:9a:86:3a:87:0a:04:7b:d0:fd:3a:4d:25:17:cc:
15:53:dc:e3:5d:20:bd:9b:f9:b9:4a:32:70:2d:14:
12:d3:9e:d8:c5:80:ca:37:93:11:95:92:4a:45:81:
28:6c:d0:51:f9:de:7d:04:a3:be:41:47:2a:43:68:
40:0b:71:e5:6e:6f:d8:65:d0:c7:d5:9b:c7:48:8b:
63:a7:26:a1:ca:85:94:9d:19:ee:62:fa:ec:42:48:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:37:9B:BA:70:E4:9D:10:CA:A5:E8:3B:02:D7:01:82:0F:16:8C:A8
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/rjebunDknRDKpeg7AtcBgg8WjKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.131.0.0-145.131.47.255
Signature Algorithm: sha256WithRSAEncryption
1c:bf:07:bb:9d:cb:fc:31:7d:8e:81:76:5b:b7:59:75:88:f8:
43:25:25:47:72:23:5b:3f:01:59:55:e2:5b:a2:85:10:31:21:
25:31:79:df:db:b4:fd:a6:2f:82:1e:bf:44:75:5a:1c:de:dd:
71:29:3f:5c:bb:30:9e:4c:f9:9e:93:bb:58:ef:98:ae:4a:63:
b7:1d:b0:fa:62:41:78:d5:2e:a8:07:f1:a1:aa:3d:7a:59:c1:
84:4a:4a:05:4e:02:f6:26:ec:30:52:b5:c2:14:0e:21:2c:43:
01:2b:4e:fb:4e:96:56:f1:24:75:f6:a9:52:cd:ba:f5:d4:45:
c6:21:3a:76:0f:d5:61:62:65:1d:a8:32:c0:39:bd:9f:e7:2c:
5e:b7:24:3a:97:bb:c2:b2:d2:a1:fa:19:2e:dd:7f:6a:30:13:
b6:13:2f:40:a2:1f:ce:03:a8:cf:3a:06:5d:33:4d:4d:93:a8:
d8:13:3d:eb:e5:02:12:90:37:6f:7b:63:f9:3e:07:f6:51:2d:
43:1c:ab:ad:c1:ee:0e:95:67:4f:bc:3a:7b:cc:e4:2a:e3:bd:
40:d4:0d:3d:7c:46:f5:66:fe:fa:a2:6c:ab:e1:64:f5:5f:8f:
d8:bb:04:61:1d:2f:67:19:ad:b3:61:bb:7f:53:05:52:f8:55:
7c:ba:4b:68
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVv1SPPuemKuIDalMaAu+JQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjMwMTAyMDAxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTM3OWJiYTcwZTQ5ZDEwY2FhNWU4M2IwMmQ3MDE4MjBmMTY4Y2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytb6SQsbAujCfPRPi49qpGJ5c5XT
VD5CbU4sgV7LRvXircY+Wha3Jf4Ufqp0YAYIB72jX0B6x77Swlzt81p+2NnOCwHO
FGobXPZPKjXz5GwLbtp7hEsOzf1P5lrauWX1gKThbUxMAHnOpV9N8Q3e3a9VJ2y0
+pykHMPabCfGUAD/nscYkcM+gEHb4i6Q10lJzGpV7465o6ea3MLe5OIdLgsJcPrv
moY6hwoEe9D9Ok0lF8wVU9zjXSC9m/m5SjJwLRQS057YxYDKN5MRlZJKRYEobNBR
+d59BKO+QUcqQ2hAC3Hlbm/YZdDH1ZvHSItjpyahyoWUnRnuYvrsQki5DQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFK43m7pw5J0QyqXoOwLXAYIPFoyoMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvcmplYnVuRGtuUkRLcGVnN0F0Y0JnZzhXaktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwCRgwME
BJGDIDANBgkqhkiG9w0BAQsFAAOCAQEAHL8Hu53L/DF9joF2W7dZdYj4QyUlR3Ij
Wz8BWVXiW6KFEDEhJTF539u0/aYvgh6/RHVaHN7dcSk/XLswnkz5npO7WO+Yrkpj
tx2w+mJBeNUuqAfxoao9elnBhEpKBU4C9ibsMFK1whQOISxDAStO+06WVvEkdfap
Us269dRFxiE6dg/VYWJlHagywDm9n+csXrckOpe7wrLSofoZLt1/ajATthMvQKIf
zgOozzoGXTNNTZOo2BM96+UCEpA3b3tj+T4H9lEtQxyrrcHuDpVnT7w6e8zkKuO9
QNQNPXxG9Wb++qJsq+Fk9V+P2LsEYR0vZxmts2G7f1MFUvhVfLpLaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:11 2024 by rpki-client on console-ams.rpki-client.org