Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/yjjOFJHCekFBfQMdW--iGce3J9c.roa
File: yjjOFJHCekFBfQMdW--iGce3J9c.roa (raw, json)
Hash identifier: jX1C3TmBy7X9tZXrLtlF4jPQ9d+wqYWYzpQ/n8GN/BA=
Subject key identifier: CA:38:CE:14:91:C2:7A:41:41:7D:03:1D:5B:EF:A2:19:C7:B7:27:D7
Certificate issuer: /CN=843d1afcf13bd2117d47df683e40a63287004cfe
Certificate serial: 01856CAF0ADBF6B670347ABB0A269ABC9BDE
Authority key identifier: 84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/yjjOFJHCekFBfQMdW--iGce3J9c.roa
Signing time: Sun 01 Jan 2023 09:34:48 +0000
ROA not before: Sun 01 Jan 2023 09:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43004
IP address blocks: 45.142.84.0/24 maxlen: 24
45.142.84.4/32 maxlen: 32
45.142.84.2/32 maxlen: 32
45.142.84.3/32 maxlen: 32
45.142.84.1/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:0a:db:f6:b6:70:34:7a:bb:0a:26:9a:bc:9b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843d1afcf13bd2117d47df683e40a63287004cfe
Validity
Not Before: Jan 1 09:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca38ce1491c27a41417d031d5befa219c7b727d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a1:13:41:25:c6:83:de:e8:15:3d:7d:84:a6:
88:fa:5f:6d:71:0c:03:9d:4a:f6:ad:58:9b:05:58:
e0:02:a8:66:6a:70:56:b6:4a:b8:2f:38:cd:d0:d8:
7b:59:5d:46:2c:2a:df:47:72:6b:ec:38:49:c0:57:
30:9e:79:af:17:c5:e5:db:07:7b:5f:66:00:5f:e9:
45:f8:15:4a:c4:cf:d9:dc:dc:57:6e:3f:82:88:fa:
14:4c:3a:b5:b6:5f:d2:ca:75:b3:fb:94:6b:c4:75:
02:72:c6:f3:59:2a:c5:d0:fd:f2:d9:82:a0:b0:ca:
aa:6e:b1:04:f7:30:a9:64:07:b2:49:03:2a:b9:f0:
0e:14:c6:c5:25:bf:27:a3:01:3a:cd:f8:ac:75:61:
a2:ca:5c:2f:ad:c1:d3:b5:26:6f:0e:37:d8:4f:c2:
c6:b5:f8:1e:0d:31:7f:0d:db:10:75:c1:26:39:dd:
86:be:09:25:c6:4a:93:b1:3d:42:0c:cf:68:75:90:
0d:b6:9b:db:85:15:d5:92:44:05:45:eb:9d:06:2c:
9a:ff:a8:d8:43:65:72:91:17:04:86:9d:0e:23:45:
4a:37:f0:a4:90:0b:94:c8:c2:13:ea:15:9f:49:78:
97:54:cf:b6:90:ea:a4:60:b7:47:f0:37:bf:63:57:
fc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:38:CE:14:91:C2:7A:41:41:7D:03:1D:5B:EF:A2:19:C7:B7:27:D7
X509v3 Authority Key Identifier:
keyid:84:3D:1A:FC:F1:3B:D2:11:7D:47:DF:68:3E:40:A6:32:87:00:4C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hD0a_PE70hF9R99oPkCmMocATP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/yjjOFJHCekFBfQMdW--iGce3J9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/173306-2dbd-4ad8-bd51-b1f3bcc67aae/1/hD0a_PE70hF9R99oPkCmMocATP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.84.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8c:97:13:6b:be:74:20:4d:a0:82:04:a1:b3:d3:0d:ca:e5:
c1:5e:86:98:e9:1b:a3:1e:6b:b0:ec:77:2b:14:af:26:49:0f:
df:ce:ee:79:15:58:60:6f:0c:07:01:84:a0:fe:d5:3b:3b:b7:
18:ff:e7:ca:7e:e2:62:3a:2d:56:27:76:d5:b1:9c:16:f0:2b:
22:20:93:8c:aa:ca:b5:f3:c2:ba:6f:00:95:27:6e:b0:6b:ee:
e6:b7:b5:5a:7e:3d:35:25:56:ca:33:c3:c1:52:20:94:74:0f:
91:47:78:c1:73:e9:ff:f2:f9:8a:9a:81:c8:c6:7a:38:d6:d6:
d3:2d:e7:74:9b:81:2c:23:79:31:9e:47:5f:cb:9a:62:89:da:
28:38:ca:7e:31:b7:bd:fb:6f:69:49:fd:ca:84:6b:b5:c2:e0:
99:8e:bb:8d:12:37:0e:a6:3b:d6:13:34:e6:76:7c:a5:20:e6:
6f:82:35:ff:59:0c:89:be:4f:2d:4c:35:f9:6b:d5:4c:96:33:
93:b6:5d:9e:ac:11:4b:11:c6:4a:6a:d3:20:30:44:90:7b:90:
35:5e:a9:e6:e8:80:2a:64:b4:c4:1b:b0:1d:f5:28:e0:4a:b4:
5c:23:71:f8:a7:ab:29:92:c4:78:ec:3b:6f:40:73:86:54:42:
0e:ea:6e:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrwrb9rZwNHq7CiaavJveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2QxYWZjZjEzYmQyMTE3ZDQ3ZGY2ODNlNDBhNjMyODcw
MDRjZmUwHhcNMjMwMTAxMDkzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM4Y2UxNDkxYzI3YTQxNDE3ZDAzMWQ1YmVmYTIxOWM3YjcyN2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKETQSXGg97oFT19hKaI+l9tcQwD
nUr2rVibBVjgAqhmanBWtkq4LzjN0Nh7WV1GLCrfR3Jr7DhJwFcwnnmvF8Xl2wd7
X2YAX+lF+BVKxM/Z3NxXbj+CiPoUTDq1tl/SynWz+5RrxHUCcsbzWSrF0P3y2YKg
sMqqbrEE9zCpZAeySQMqufAOFMbFJb8nowE6zfisdWGiylwvrcHTtSZvDjfYT8LG
tfgeDTF/DdsQdcEmOd2GvgklxkqTsT1CDM9odZANtpvbhRXVkkQFReudBiya/6jY
Q2VykRcEhp0OI0VKN/CkkAuUyMIT6hWfSXiXVM+2kOqkYLdH8De/Y1f8XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMo4zhSRwnpBQX0DHVvvohnHtyfXMB8GA1UdIwQY
MBaAFIQ9GvzxO9IRfUffaD5ApjKHAEz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEt
YjFmM2JjYzY3YWFlLzEveWpqT0ZKSENla0ZCZlFNZFctLWlHY2UzSjljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xNzMzMDYtMmRiZC00YWQ4LWJkNTEtYjFmM2JjYzY3YWFl
LzEvaEQwYV9QRTcwaEY5Ujk5b1BrQ21Nb2NBVFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY5UMA0G
CSqGSIb3DQEBCwUAA4IBAQAPjJcTa750IE2gggShs9MNyuXBXoaY6RujHmuw7Hcr
FK8mSQ/fzu55FVhgbwwHAYSg/tU7O7cY/+fKfuJiOi1WJ3bVsZwW8CsiIJOMqsq1
88K6bwCVJ26wa+7mt7Vafj01JVbKM8PBUiCUdA+RR3jBc+n/8vmKmoHIxno41tbT
Led0m4EsI3kxnkdfy5piidooOMp+Mbe9+29pSf3KhGu1wuCZjruNEjcOpjvWEzTm
dnylIOZvgjX/WQyJvk8tTDX5a9VMljOTtl2erBFLEcZKatMgMESQe5A1Xqnm6IAq
ZLTEG7Ad9SjgSrRcI3H4p6spksR47DtvQHOGVEIO6m73
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:51 2024 by rpki-client on console-ams.rpki-client.org