Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/a6y-5kjx5ufJPmFMa0Wtw4acTJk.roa
File: a6y-5kjx5ufJPmFMa0Wtw4acTJk.roa (raw, json)
Hash identifier: OS2BCKRmRASay2H4uoJ4KbsUcavS1dv9QOX7AsxSF1c=
Subject key identifier: 6B:AC:BE:E6:48:F1:E6:E7:C9:3E:61:4C:6B:45:AD:C3:86:9C:4C:99
Certificate issuer: /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial: 018A002D9F23F06BF4A3FF9D02A1E3563B73
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/a6y-5kjx5ufJPmFMa0Wtw4acTJk.roa
Signing time: Wed 16 Aug 2023 21:08:24 +0000
ROA not before: Wed 16 Aug 2023 21:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.89.31.0/24 maxlen: 24
45.89.28.0/24 maxlen: 24
45.89.29.0/24 maxlen: 24
45.89.30.0/24 maxlen: 24
193.160.102.0/24 maxlen: 24
193.160.113.0/24 maxlen: 24
193.160.130.0/24 maxlen: 24
193.160.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Sep 2023 15:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:2d:9f:23:f0:6b:f4:a3:ff:9d:02:a1:e3:56:3b:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Validity
Not Before: Aug 16 21:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bacbee648f1e6e7c93e614c6b45adc3869c4c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d6:df:6a:6b:98:15:36:da:fc:eb:65:96:45:
1b:29:cd:a7:59:07:4e:e9:64:6d:31:50:3d:42:a0:
3e:1e:14:99:b5:26:a6:d3:95:0b:2e:01:3b:3b:ed:
60:69:94:73:5f:ba:36:3f:e7:d5:30:a7:4f:79:1f:
c4:67:11:8c:49:33:9f:31:9e:74:17:24:41:f6:0c:
2b:8a:90:bc:72:f6:a4:c1:34:78:d6:8d:e6:d2:8e:
49:6d:a4:6b:09:85:3e:7f:f5:85:e3:80:91:b9:30:
9a:5f:b2:5e:70:e3:d9:94:46:ac:94:18:5b:26:e2:
7c:2f:53:2c:45:01:52:7f:42:ae:7f:e5:3b:e4:82:
c5:62:59:ea:ec:24:ed:5f:69:d1:fd:c1:5e:7e:2e:
0f:39:f9:0a:46:c6:72:d6:61:72:94:46:86:ba:da:
fd:60:87:83:65:79:21:2c:9b:ac:79:8a:48:8a:3d:
41:e3:2e:e4:0d:6a:b4:ff:c7:02:96:4d:97:e1:e7:
75:6d:d4:08:00:f3:df:59:4a:85:30:f4:5c:67:59:
65:7d:10:6a:22:9c:7e:e1:3c:af:fa:73:e4:0a:65:
7e:15:bc:f2:4e:bc:a6:3c:62:98:a7:9a:bf:78:d3:
49:63:cc:6a:28:50:e7:91:a0:e8:11:bf:4e:0b:b4:
62:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AC:BE:E6:48:F1:E6:E7:C9:3E:61:4C:6B:45:AD:C3:86:9C:4C:99
X509v3 Authority Key Identifier:
keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/a6y-5kjx5ufJPmFMa0Wtw4acTJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.28.0/22
193.160.102.0/24
193.160.113.0/24
193.160.130.0/24
193.160.136.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b8:6f:d1:bb:a8:75:4e:44:09:c2:39:80:a1:18:ca:e3:bf:
9e:e9:53:df:df:0a:da:87:e3:7e:16:5f:2e:33:4b:d4:27:66:
1c:16:7b:22:85:20:df:d5:98:3a:63:27:3e:97:27:b6:9f:c7:
17:74:ac:0e:91:8f:62:fe:db:64:ba:e6:41:13:17:cd:fa:62:
e7:f6:df:37:60:59:37:1e:71:4a:a2:7a:ff:b8:15:59:3b:2a:
24:e6:71:c3:95:9f:f8:b3:44:ae:03:0a:de:4f:53:6a:0f:7e:
28:f2:62:fc:9e:ca:01:b5:d0:f8:32:e0:65:ca:51:65:d6:96:
f8:02:e7:ba:9b:44:7d:4e:e9:b0:48:d0:2f:45:95:d2:13:19:
a7:ea:9c:ff:7d:68:1d:83:5a:fe:09:36:eb:38:1f:8e:21:0c:
8e:5e:61:a4:d9:98:c0:8a:66:cd:13:9d:3d:31:6d:d7:42:e7:
4a:17:fa:ec:fb:31:7a:b6:ad:4e:b5:89:08:cc:d1:30:1e:59:
71:94:d6:d4:2f:2e:5c:fd:1b:df:fb:af:95:c8:7e:37:91:59:
aa:fa:89:84:29:0e:99:47:e6:51:fb:dc:c8:53:93:71:08:b0:
f8:00:a2:c2:52:11:1b:50:94:47:52:93:e8:58:85:23:f9:53:
86:07:bd:68
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoALZ8j8Gv0o/+dAqHjVjtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjMwODE2MjEwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFjYmVlNjQ4ZjFlNmU3YzkzZTYxNGM2YjQ1YWRjMzg2OWM0Yzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNbfamuYFTba/OtllkUbKc2nWQdO
6WRtMVA9QqA+HhSZtSam05ULLgE7O+1gaZRzX7o2P+fVMKdPeR/EZxGMSTOfMZ50
FyRB9gwripC8cvakwTR41o3m0o5JbaRrCYU+f/WF44CRuTCaX7JecOPZlEaslBhb
JuJ8L1MsRQFSf0Kuf+U75ILFYlnq7CTtX2nR/cFefi4POfkKRsZy1mFylEaGutr9
YIeDZXkhLJuseYpIij1B4y7kDWq0/8cClk2X4ed1bdQIAPPfWUqFMPRcZ1llfRBq
Ipx+4Tyv+nPkCmV+FbzyTrymPGKYp5q/eNNJY8xqKFDnkaDoEb9OC7RiaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGusvuZI8ebnyT5hTGtFrcOGnEyZMB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvYTZ5LTVrang1dWZKUG1GTWEwV3R3NGFjVEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVkcAwQA
waBmAwQAwaBxAwQAwaCCAwQAwaCIMA0GCSqGSIb3DQEBCwUAA4IBAQA2uG/Ru6h1
TkQJwjmAoRjK47+e6VPf3wrah+N+Fl8uM0vUJ2YcFnsihSDf1Zg6Yyc+lye2n8cX
dKwOkY9i/ttkuuZBExfN+mLn9t83YFk3HnFKonr/uBVZOyok5nHDlZ/4s0SuAwre
T1NqD34o8mL8nsoBtdD4MuBlylFl1pb4Aue6m0R9TumwSNAvRZXSExmn6pz/fWgd
g1r+CTbrOB+OIQyOXmGk2ZjAimbNE509MW3XQudKF/rs+zF6tq1OtYkIzNEwHllx
lNbULy5c/Rvf+6+VyH43kVmq+omEKQ6ZR+ZR+9zIU5NxCLD4AKLCUhEbUJRHUpPo
WIUj+VOGB71o
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:11 2024 by rpki-client on console-ams.rpki-client.org