Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-DlQGO8G9TB-kjxMPb0_8AO71BQ.roa
File: 1-DlQGO8G9TB-kjxMPb0_8AO71BQ.roa (raw, json)
Hash identifier: ubYXas5Gk+BLOIPXUdySBJmkz5RnYsJ6G61SY4lC8H8=
Subject key identifier: F8:39:50:18:EF:06:F5:30:7E:92:3C:4C:3D:BD:3F:F0:03:BB:D4:14
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018EC0E4A05605CBCCDAA7F66CA076C427C6
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-DlQGO8G9TB-kjxMPb0_8AO71BQ.roa
Signing time: Tue 09 Apr 2024 03:26:32 +0000
ROA not before: Tue 09 Apr 2024 03:26:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 67844
IP address blocks: 45.150.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 05:57:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:e4:a0:56:05:cb:cc:da:a7:f6:6c:a0:76:c4:27:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 9 03:26:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8395018ef06f5307e923c4c3dbd3ff003bbd414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:48:04:99:d3:a4:7f:46:90:7d:1e:c7:8d:c5:
4e:58:c4:36:35:8d:a1:82:15:96:2a:0f:b9:75:fd:
72:bb:51:41:4d:48:4c:53:21:5f:b3:7e:6c:e5:15:
16:28:d1:af:d0:99:68:d1:79:f5:2f:57:00:a7:55:
ec:5a:2a:a5:96:b6:55:c3:27:87:33:37:ef:78:3b:
a8:77:ff:4e:74:ff:fa:7d:15:35:cd:99:46:c6:66:
4c:ce:46:98:d7:fb:76:60:d0:3c:59:d7:1b:17:cf:
16:0b:ea:35:f8:ed:e0:fa:32:89:62:b9:ec:39:24:
7e:30:f1:a5:ec:44:85:7a:75:36:87:ec:b1:58:ce:
20:91:61:6f:8c:1b:0a:50:0c:2d:52:e0:50:dc:21:
e3:69:04:ba:74:82:ad:d9:18:a9:51:13:2d:55:ac:
55:b7:ba:e2:26:54:c0:f6:71:0d:dc:d1:49:2b:12:
40:03:a7:b4:7b:a6:12:d3:d7:18:9d:f6:08:0c:2b:
c6:1e:ae:7b:50:89:6e:39:0c:4d:d4:36:f0:fd:40:
cc:f7:10:b2:8b:d6:18:04:11:6c:ec:f7:80:3c:ab:
86:17:19:a4:63:bc:1b:98:04:b3:b3:4f:38:53:41:
47:cf:6b:c4:1d:62:0d:96:3b:7d:04:72:cc:ed:e0:
26:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:39:50:18:EF:06:F5:30:7E:92:3C:4C:3D:BD:3F:F0:03:BB:D4:14
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1-DlQGO8G9TB-kjxMPb0_8AO71BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.9.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:dc:45:be:84:46:bd:da:6a:2a:8d:c0:18:88:58:97:2a:1c:
8d:da:62:69:9d:a6:25:f1:cd:00:3d:2d:52:83:a6:97:9f:b4:
0d:b9:d9:50:d8:1d:e6:b6:73:cf:ff:f0:0b:27:76:b0:9c:8e:
d0:1f:e9:0d:a1:ce:36:32:8a:0c:31:5e:7e:6a:9c:54:4a:51:
60:3f:a2:c9:ae:c2:fe:bf:8f:e2:a6:7a:fb:d6:f1:49:7d:e2:
4b:a8:b9:b2:b1:ef:6a:3d:9b:87:f7:10:19:f7:11:73:08:b3:
f0:39:90:ae:ff:84:95:e0:a3:51:c6:75:85:8f:b2:a6:be:e0:
17:55:44:a0:62:d3:fe:ac:9e:e1:d1:ed:2f:6b:84:76:81:a4:
ff:6b:29:13:fa:35:ff:ef:27:b3:87:15:1d:4a:b7:7a:04:e4:
5e:00:83:ee:8a:5f:57:37:e3:e3:d6:a5:a4:2e:c4:2d:c9:73:
a5:1e:c0:9c:61:94:98:81:52:72:a6:c7:db:17:7b:cd:fb:c4:
2f:42:c6:4c:0c:65:b4:40:3d:66:90:b4:6a:f2:60:06:db:83:
f8:b1:4a:0d:ad:c6:4c:78:dd:f3:21:ac:3b:20:42:fa:c5:73:
df:29:a3:a9:d3:5f:3f:7a:6a:02:fd:79:a8:54:dc:50:18:32:
a8:30:33:88
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7A5KBWBcvM2qf2bKB2xCfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwNDA5MDMyNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODM5NTAxOGVmMDZmNTMwN2U5MjNjNGMzZGJkM2ZmMDAzYmJkNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokgEmdOkf0aQfR7HjcVOWMQ2NY2h
ghWWKg+5df1yu1FBTUhMUyFfs35s5RUWKNGv0Jlo0Xn1L1cAp1XsWiqllrZVwyeH
MzfveDuod/9OdP/6fRU1zZlGxmZMzkaY1/t2YNA8WdcbF88WC+o1+O3g+jKJYrns
OSR+MPGl7ESFenU2h+yxWM4gkWFvjBsKUAwtUuBQ3CHjaQS6dIKt2RipURMtVaxV
t7riJlTA9nEN3NFJKxJAA6e0e6YS09cYnfYIDCvGHq57UIluOQxN1Dbw/UDM9xCy
i9YYBBFs7PeAPKuGFxmkY7wbmASzs084U0FHz2vEHWINljt9BHLM7eAmrQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPg5UBjvBvUwfpI8TD29P/ADu9QUMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMS1EbFFHTzhHOVRCLWtqeE1QYjBfOEFPNzFCUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGIvZjI1ZDdjLTY2NzctNGZkYi04OThlLWVlNzQ2NTc1NGZm
Ni8xL0VhQVEtSG9FbTI0aHEtMmJRSmc3QlBQeHgtZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2WCTAN
BgkqhkiG9w0BAQsFAAOCAQEA5txFvoRGvdpqKo3AGIhYlyocjdpiaZ2mJfHNAD0t
UoOml5+0DbnZUNgd5rZzz//wCyd2sJyO0B/pDaHONjKKDDFefmqcVEpRYD+iya7C
/r+P4qZ6+9bxSX3iS6i5srHvaj2bh/cQGfcRcwiz8DmQrv+EleCjUcZ1hY+ypr7g
F1VEoGLT/qye4dHtL2uEdoGk/2spE/o1/+8ns4cVHUq3egTkXgCD7opfVzfj49al
pC7ELclzpR7AnGGUmIFScqbH2xd7zfvEL0LGTAxltEA9ZpC0avJgBtuD+LFKDa3G
THjd8yGsOyBC+sVz3ymjqdNfP3pqAv15qFTcUBgyqDAziA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 06:45:12 2024 by rpki-client on console-fra.rpki-client.org