Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kPmO4hCzwWQYCUYN8ntb9-HNJ0U.roa
File: kPmO4hCzwWQYCUYN8ntb9-HNJ0U.roa (raw, json)
Hash identifier: YYQHxnLeB8clXHW50Ec0ThH1aYGpdufrgcgKpLMdWvw=
Subject key identifier: 90:F9:8E:E2:10:B3:C1:64:18:09:46:0D:F2:7B:5B:F7:E1:CD:27:45
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA229C43EB7B6F4DADBFB4798AD806
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kPmO4hCzwWQYCUYN8ntb9-HNJ0U.roa
Signing time: Sun 01 Jan 2023 05:24:47 +0000
ROA not before: Sun 01 Jan 2023 05:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Sep 2023 06:35:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:22:9c:43:eb:7b:6f:4d:ad:bf:b4:79:8a:d8:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90f98ee210b3c1641809460df27b5bf7e1cd2745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e0:c0:56:06:61:f6:79:75:95:4c:d2:7a:d5:
ce:77:c5:b1:95:73:96:7e:bf:54:df:74:85:ac:23:
00:e6:01:3f:07:3e:03:07:25:dd:1d:d6:50:19:e4:
c7:e6:9c:81:6b:df:3e:39:17:be:2f:b0:48:59:37:
b1:96:23:3f:6f:bf:fc:a4:ea:7e:07:ff:83:4e:3c:
9b:49:ff:aa:64:c8:1b:2f:fa:78:ff:4c:77:a5:85:
f3:48:9f:2a:61:b7:f9:d1:73:6a:e2:7d:36:1f:65:
84:d5:e1:f8:08:65:2c:09:30:39:f6:e5:6a:9a:8a:
2c:24:51:ba:8a:2b:3d:ef:eb:19:a6:ed:04:42:79:
28:54:9f:ed:14:c1:99:d2:95:a5:4f:f6:d8:b9:35:
8a:f1:b0:28:0e:7e:cc:f9:9f:7d:54:15:5b:03:35:
71:50:c9:42:8d:d2:93:b3:9b:cc:e4:8f:79:c8:db:
59:76:73:ec:25:ec:cd:f4:1d:30:51:06:96:0c:d8:
26:28:25:5a:94:6b:0b:c6:c5:05:06:12:23:e4:15:
f3:35:f6:80:67:b3:b4:73:02:3d:b5:31:8c:1c:31:
3d:fd:1b:8d:44:b3:ca:28:b3:17:18:03:75:af:93:
64:01:5f:43:ce:1b:08:46:42:78:39:74:b1:65:ec:
c5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F9:8E:E2:10:B3:C1:64:18:09:46:0D:F2:7B:5B:F7:E1:CD:27:45
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kPmO4hCzwWQYCUYN8ntb9-HNJ0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
Signature Algorithm: sha256WithRSAEncryption
39:80:12:00:72:1e:6e:b3:68:6d:e1:ee:45:fc:98:f8:7b:bb:
03:51:7f:dd:b6:64:65:2a:b9:4f:fd:93:1c:ea:23:47:11:7c:
23:8c:32:60:79:78:59:d1:fe:6a:87:72:35:ff:7b:39:2a:f4:
38:6c:f9:ff:8f:09:e6:60:d4:16:da:72:9a:5c:a9:66:8f:89:
90:3c:9b:d9:d2:20:bf:d6:dd:62:fe:07:95:60:3e:5e:01:60:
86:1e:9c:fa:0e:b1:c9:ad:7e:ad:fa:bd:7d:8b:4e:de:dc:7c:
37:11:04:2e:b7:59:1a:14:4d:d4:8c:40:53:d0:f4:65:f4:61:
5e:96:0a:56:7f:96:3b:e4:2b:1c:a0:6f:e7:2c:a3:4d:9f:99:
9a:90:8f:34:65:3a:9a:ad:8f:d8:60:0c:60:4b:1d:06:1d:56:
53:3a:80:52:e9:38:48:21:52:ff:81:ea:66:d5:c3:ca:36:66:
4f:65:5b:2d:57:37:09:9c:41:58:ff:ee:3e:19:2c:d5:98:50:
23:97:ae:01:d8:b0:18:68:af:03:18:d4:2d:02:b2:03:78:4a:
00:8d:38:34:6e:78:63:71:17:b6:50:1f:ab:c1:5d:cd:bf:2f:
07:bf:90:67:29:f8:bf:6b:cd:fc:63:eb:85:51:d1:41:24:9f:
60:c5:5f:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryiKcQ+t7b02tv7R5itgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGY5OGVlMjEwYjNjMTY0MTgwOTQ2MGRmMjdiNWJmN2UxY2QyNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeDAVgZh9nl1lUzSetXOd8WxlXOW
fr9U33SFrCMA5gE/Bz4DByXdHdZQGeTH5pyBa98+ORe+L7BIWTexliM/b7/8pOp+
B/+DTjybSf+qZMgbL/p4/0x3pYXzSJ8qYbf50XNq4n02H2WE1eH4CGUsCTA59uVq
moosJFG6iis97+sZpu0EQnkoVJ/tFMGZ0pWlT/bYuTWK8bAoDn7M+Z99VBVbAzVx
UMlCjdKTs5vM5I95yNtZdnPsJezN9B0wUQaWDNgmKCValGsLxsUFBhIj5BXzNfaA
Z7O0cwI9tTGMHDE9/RuNRLPKKLMXGAN1r5NkAV9DzhsIRkJ4OXSxZezFpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJD5juIQs8FkGAlGDfJ7W/fhzSdFMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEva1BtTzRoQ3p3V1FZQ1VZTjhudGI5LUhOSjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5gBIAch5us2ht4e5F/Jj4e7sDUX/dtmRlKrlP/ZMc
6iNHEXwjjDJgeXhZ0f5qh3I1/3s5KvQ4bPn/jwnmYNQW2nKaXKlmj4mQPJvZ0iC/
1t1i/geVYD5eAWCGHpz6DrHJrX6t+r19i07e3Hw3EQQut1kaFE3UjEBT0PRl9GFe
lgpWf5Y75CscoG/nLKNNn5makI80ZTqarY/YYAxgSx0GHVZTOoBS6ThIIVL/gepm
1cPKNmZPZVstVzcJnEFY/+4+GSzVmFAjl64B2LAYaK8DGNQtArIDeEoAjTg0bnhj
cRe2UB+rwV3Nvy8Hv5BnKfi/a838Y+uFUdFBJJ9gxV9C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org