Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/_COp2w95xM1lCjGlBdpVAs6Rls8.roa
File: _COp2w95xM1lCjGlBdpVAs6Rls8.roa (raw, json)
Hash identifier: b+5M9qeEOIsDdUpTar4GjcrKfPdXQI7AGA0Pm8JgLh8=
Subject key identifier: FC:23:A9:DB:0F:79:C4:CD:65:0A:31:A5:05:DA:55:02:CE:91:96:CF
Certificate issuer: /CN=da980a45fe487366e386b6064c2c652519f9fc93
Certificate serial: 018573CD03D70C0F5174C7CF8D2F1946813A
Authority key identifier: DA:98:0A:45:FE:48:73:66:E3:86:B6:06:4C:2C:65:25:19:F9:FC:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/_COp2w95xM1lCjGlBdpVAs6Rls8.roa
Signing time: Mon 02 Jan 2023 18:44:53 +0000
ROA not before: Mon 02 Jan 2023 18:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206313
IP address blocks: 45.154.110.0/24 maxlen: 24
45.154.108.0/24 maxlen: 24
45.154.108.0/22 maxlen: 24
45.154.109.0/24 maxlen: 24
2a0f:b500::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cd:03:d7:0c:0f:51:74:c7:cf:8d:2f:19:46:81:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da980a45fe487366e386b6064c2c652519f9fc93
Validity
Not Before: Jan 2 18:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc23a9db0f79c4cd650a31a505da5502ce9196cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5c:28:ac:00:66:f7:e5:00:1c:f0:60:0e:be:
13:ac:9c:86:56:26:16:48:e3:46:78:60:1c:cc:04:
b5:1e:41:e1:ec:38:7c:2f:21:ab:77:06:71:28:ea:
29:e3:ed:55:60:c0:b0:a2:d4:38:57:ef:8f:8a:0c:
a6:64:31:4e:e6:21:b4:ec:e5:dc:35:97:af:be:25:
8b:11:64:5a:89:84:51:1b:f7:b8:24:c1:a5:f9:e4:
15:47:2d:71:be:e3:a3:83:39:51:9d:52:a8:c6:de:
bd:c7:ac:3a:ad:37:a3:f1:3d:7b:85:a9:ab:06:fd:
1e:59:03:dc:b1:99:93:bb:f0:49:74:f6:22:dc:e0:
48:bf:f9:ce:27:34:9b:b8:16:27:ac:86:60:56:00:
95:3c:a8:d7:dd:8e:0b:91:18:c0:1e:20:2e:a4:ab:
a0:7e:d3:35:71:53:e9:2b:ac:19:31:9f:cb:25:2a:
45:4b:90:0a:a1:8f:4a:7b:0e:d7:bd:99:6b:1c:0b:
ef:ee:2c:d8:15:98:ff:05:9e:0d:60:19:fd:e0:65:
fc:20:ed:fd:9f:20:d2:cb:0a:5e:86:35:4a:77:1c:
91:27:95:15:02:ff:17:3f:3a:35:c6:d4:2e:57:d3:
58:4d:b2:59:29:99:60:54:d2:7e:04:67:4c:1d:95:
6a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:23:A9:DB:0F:79:C4:CD:65:0A:31:A5:05:DA:55:02:CE:91:96:CF
X509v3 Authority Key Identifier:
keyid:DA:98:0A:45:FE:48:73:66:E3:86:B6:06:4C:2C:65:25:19:F9:FC:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/_COp2w95xM1lCjGlBdpVAs6Rls8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/410e39-b8a6-46ca-acdc-3f12aff274da/1/2pgKRf5Ic2bjhrYGTCxlJRn5_JM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.108.0/22
IPv6:
2a0f:b500::/29
Signature Algorithm: sha256WithRSAEncryption
0d:99:4a:a2:38:78:75:db:86:06:75:65:59:02:3e:38:38:0f:
f0:a0:96:35:b7:ea:f7:8e:fd:3b:70:87:c5:ba:35:c4:fe:47:
91:6d:ac:10:8f:e0:8a:78:9e:c5:c2:c4:7b:0f:d0:5b:47:73:
38:3e:96:38:c0:9f:1a:59:66:f0:e9:44:aa:f4:f9:9c:19:4a:
d3:e6:9b:44:93:5d:c3:69:fb:f7:af:18:ba:4e:41:23:77:33:
90:66:eb:42:1a:1a:44:4d:40:8a:0a:cd:65:bb:4c:69:ba:1a:
0e:c6:78:88:64:61:f3:40:25:0f:4d:18:9e:a6:5f:59:be:c0:
bb:12:5a:9f:c4:e4:b0:eb:57:08:66:0b:52:63:10:67:2a:fb:
ad:4a:45:f6:37:b8:d1:a8:0a:46:91:3b:f0:eb:eb:03:20:7e:
47:4e:d7:d1:68:7b:be:ad:b0:bd:a2:8c:63:84:26:d9:1f:48:
1c:c8:67:fd:cb:c3:70:06:bb:f4:ac:c0:b0:f8:13:42:7c:85:
07:f7:7c:25:92:65:ef:ee:cd:95:bd:13:ef:63:b6:18:bb:b1:
57:85:cd:c0:7f:6a:1b:28:92:a5:ae:01:f4:73:09:68:15:92:
03:44:e9:80:25:3f:b9:a4:f0:83:0f:ce:41:43:f0:b9:7d:69:
19:40:12:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzzQPXDA9RdMfPjS8ZRoE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTgwYTQ1ZmU0ODczNjZlMzg2YjYwNjRjMmM2NTI1MTlm
OWZjOTMwHhcNMjMwMTAyMTg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzIzYTlkYjBmNzljNGNkNjUwYTMxYTUwNWRhNTUwMmNlOTE5NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglworABm9+UAHPBgDr4TrJyGViYW
SONGeGAczAS1HkHh7Dh8LyGrdwZxKOop4+1VYMCwotQ4V++PigymZDFO5iG07OXc
NZevviWLEWRaiYRRG/e4JMGl+eQVRy1xvuOjgzlRnVKoxt69x6w6rTej8T17hamr
Bv0eWQPcsZmTu/BJdPYi3OBIv/nOJzSbuBYnrIZgVgCVPKjX3Y4LkRjAHiAupKug
ftM1cVPpK6wZMZ/LJSpFS5AKoY9Kew7XvZlrHAvv7izYFZj/BZ4NYBn94GX8IO39
nyDSywpehjVKdxyRJ5UVAv8XPzo1xtQuV9NYTbJZKZlgVNJ+BGdMHZVqgQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPwjqdsPecTNZQoxpQXaVQLOkZbPMB8GA1UdIwQY
MBaAFNqYCkX+SHNm44a2BkwsZSUZ+fyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBnS1JmNUljMmJqaHJZR1RDeGxKUm41X0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80MTBlMzktYjhhNi00NmNhLWFjZGMt
M2YxMmFmZjI3NGRhLzEvX0NPcDJ3OTV4TTFsQ2pHbEJkcFZBczZSbHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80MTBlMzktYjhhNi00NmNhLWFjZGMtM2YxMmFmZjI3NGRh
LzEvMnBnS1JmNUljMmJqaHJZR1RDeGxKUm41X0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZpsMA0E
AgACMAcDBQMqD7UAMA0GCSqGSIb3DQEBCwUAA4IBAQANmUqiOHh124YGdWVZAj44
OA/woJY1t+r3jv07cIfFujXE/keRbawQj+CKeJ7FwsR7D9BbR3M4PpY4wJ8aWWbw
6USq9PmcGUrT5ptEk13Dafv3rxi6TkEjdzOQZutCGhpETUCKCs1lu0xpuhoOxniI
ZGHzQCUPTRiepl9ZvsC7ElqfxOSw61cIZgtSYxBnKvutSkX2N7jRqApGkTvw6+sD
IH5HTtfRaHu+rbC9ooxjhCbZH0gcyGf9y8NwBrv0rMCw+BNCfIUH93wlkmXv7s2V
vRPvY7YYu7FXhc3Af2obKJKlrgH0cwloFZIDROmAJT+5pPCDD85BQ/C5fWkZQBJw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org