Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/hoPugyZsv-Y8KxmRYItxCxA4tPw.roa
File: hoPugyZsv-Y8KxmRYItxCxA4tPw.roa (raw, json)
Hash identifier: olY9HpfjpSl8SdNU68din8Z7gaYIH3jrTNiDir0xpoc=
Subject key identifier: 86:83:EE:83:26:6C:BF:E6:3C:2B:19:91:60:8B:71:0B:10:38:B4:FC
Certificate issuer: /CN=37f8ccf0c82de044e8e2e3c2b12c080d524c6f15
Certificate serial: 018570397714BC68724012EB1362D75AD1A9
Authority key identifier: 37:F8:CC:F0:C8:2D:E0:44:E8:E2:E3:C2:B1:2C:08:0D:52:4C:6F:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/hoPugyZsv-Y8KxmRYItxCxA4tPw.roa
Signing time: Mon 02 Jan 2023 02:04:52 +0000
ROA not before: Mon 02 Jan 2023 02:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60264
IP address blocks: 45.150.124.0/24 maxlen: 24
45.150.124.0/23 maxlen: 23
45.150.125.0/24 maxlen: 24
45.150.127.0/24 maxlen: 24
45.150.126.0/24 maxlen: 24
45.150.126.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:77:14:bc:68:72:40:12:eb:13:62:d7:5a:d1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37f8ccf0c82de044e8e2e3c2b12c080d524c6f15
Validity
Not Before: Jan 2 02:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8683ee83266cbfe63c2b1991608b710b1038b4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:db:d2:9b:59:7a:26:49:26:6c:c3:cd:ba:fe:
b6:69:42:0c:37:57:69:5b:5a:31:6f:14:7d:38:6c:
bb:17:01:a1:a9:89:65:d5:d2:5d:74:01:28:08:f4:
36:eb:43:98:e9:cd:b9:5f:06:8c:a7:f9:6e:1c:46:
b9:cd:78:8f:4a:fb:1a:88:ba:fb:d7:2c:28:88:26:
fe:ac:46:9f:c6:53:fe:48:f6:e6:b3:62:e8:f9:29:
95:28:87:6f:b2:27:36:ff:03:6d:5c:a7:fa:01:31:
04:8f:56:8c:f9:26:86:4d:d3:dc:99:dd:7d:86:41:
8d:55:9d:d7:9a:b0:18:9a:83:b1:5d:8e:fa:02:04:
f9:d5:ec:16:98:f0:8d:8a:6f:3b:19:ac:cf:4b:22:
7f:85:3b:db:63:c7:fc:33:e3:26:e3:1e:10:47:ea:
1a:0c:54:ac:e0:4d:07:68:2b:01:b3:eb:4a:86:67:
68:db:e7:41:66:a6:ba:90:f2:d1:ae:2d:69:b5:78:
2a:70:d5:0b:aa:36:83:92:14:2d:bf:e5:96:81:e4:
b4:37:a3:0e:09:1e:78:f6:86:69:96:1e:36:99:d6:
fb:bb:d8:7f:f7:e4:c1:56:fd:a0:d6:ab:20:de:db:
21:42:28:dc:d2:bb:22:e7:41:7d:01:4b:b0:49:4d:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:83:EE:83:26:6C:BF:E6:3C:2B:19:91:60:8B:71:0B:10:38:B4:FC
X509v3 Authority Key Identifier:
keyid:37:F8:CC:F0:C8:2D:E0:44:E8:E2:E3:C2:B1:2C:08:0D:52:4C:6F:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/hoPugyZsv-Y8KxmRYItxCxA4tPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/38803f-6947-4c9d-8ce1-03283d49adcf/1/N_jM8Mgt4ETo4uPCsSwIDVJMbxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.124.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:78:21:c7:e7:59:66:60:56:f8:7a:d8:3b:53:6e:a2:8b:a6:
d3:c8:36:22:ed:bb:d0:a6:5e:02:c8:f4:fa:a8:de:ee:6c:17:
46:cf:89:25:5b:f5:25:9e:a2:eb:33:50:6b:8d:07:44:fa:02:
4b:e6:f5:ac:b3:5b:28:9c:52:13:9b:86:3a:d4:85:bc:6d:1a:
f2:e5:76:18:d8:5a:27:28:80:29:bb:22:2b:8f:83:df:0b:86:
3f:c1:55:eb:70:02:38:9d:84:65:ea:f8:46:1b:78:69:0b:cf:
7d:dc:ae:24:15:f0:8a:2d:31:4e:e3:88:f6:63:3b:85:90:d3:
91:11:bf:49:68:c6:b4:e1:26:fd:25:ae:49:e8:23:f9:84:e7:
6b:28:8b:8c:63:db:66:a1:6a:4c:d5:df:32:17:c0:5f:e1:5a:
1e:ed:97:fd:be:1b:75:2b:56:f8:b0:d3:61:db:3e:73:d8:a0:
fb:eb:c2:30:31:bd:80:1e:e5:15:e6:51:3f:3a:dc:db:6c:6f:
b1:c4:8b:8b:48:2d:1c:43:a4:06:91:d4:47:01:63:d3:9d:8d:
c9:43:27:23:e8:ef:64:f1:ac:a5:81:3a:be:64:5a:e9:b3:71:
7b:5a:98:a8:54:c0:ec:5e:10:2e:c0:a0:75:40:9c:ba:b5:c3:
62:5c:2e:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOXcUvGhyQBLrE2LXWtGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZjhjY2YwYzgyZGUwNDRlOGUyZTNjMmIxMmMwODBkNTI0
YzZmMTUwHhcNMjMwMTAyMDIwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgzZWU4MzI2NmNiZmU2M2MyYjE5OTE2MDhiNzEwYjEwMzhiNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdvSm1l6JkkmbMPNuv62aUIMN1dp
W1oxbxR9OGy7FwGhqYll1dJddAEoCPQ260OY6c25XwaMp/luHEa5zXiPSvsaiLr7
1ywoiCb+rEafxlP+SPbms2Lo+SmVKIdvsic2/wNtXKf6ATEEj1aM+SaGTdPcmd19
hkGNVZ3XmrAYmoOxXY76AgT51ewWmPCNim87GazPSyJ/hTvbY8f8M+Mm4x4QR+oa
DFSs4E0HaCsBs+tKhmdo2+dBZqa6kPLRri1ptXgqcNULqjaDkhQtv+WWgeS0N6MO
CR549oZplh42mdb7u9h/9+TBVv2g1qsg3tshQijc0rsi50F9AUuwSU1iBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIaD7oMmbL/mPCsZkWCLcQsQOLT8MB8GA1UdIwQY
MBaAFDf4zPDILeBE6OLjwrEsCA1STG8VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9qTThNZ3Q0RVRvNHVQQ3NTd0lEVkpNYnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zODgwM2YtNjk0Ny00YzlkLThjZTEt
MDMyODNkNDlhZGNmLzEvaG9QdWd5WnN2LVk4S3htUllJdHhDeEE0dFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zODgwM2YtNjk0Ny00YzlkLThjZTEtMDMyODNkNDlhZGNm
LzEvTl9qTThNZ3Q0RVRvNHVQQ3NTd0lEVkpNYnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBaeCHH51lmYFb4etg7U26ii6bTyDYi7bvQpl4CyPT6
qN7ubBdGz4klW/UlnqLrM1BrjQdE+gJL5vWss1sonFITm4Y61IW8bRry5XYY2Fon
KIApuyIrj4PfC4Y/wVXrcAI4nYRl6vhGG3hpC8993K4kFfCKLTFO44j2YzuFkNOR
Eb9JaMa04Sb9Ja5J6CP5hOdrKIuMY9tmoWpM1d8yF8Bf4Voe7Zf9vht1K1b4sNNh
2z5z2KD768IwMb2AHuUV5lE/OtzbbG+xxIuLSC0cQ6QGkdRHAWPTnY3JQycj6O9k
8aylgTq+ZFrps3F7WpioVMDsXhAuwKB1QJy6tcNiXC4D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:23 2024 by rpki-client on console-ams.rpki-client.org