Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4iVfQ9AI8cJlblGLZTSMDSwqmsQ.roa
File: 4iVfQ9AI8cJlblGLZTSMDSwqmsQ.roa (raw, json)
Hash identifier: 7ja/NEOr1OoXVVg6zOIERxIUq/ITsF7W6BlOlsdUcm8=
Subject key identifier: E2:25:5F:43:D0:08:F1:C2:65:6E:51:8B:65:34:8C:0D:2C:2A:9A:C4
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018E795C721DC8C39FDF112A7446C3F99FDD
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4iVfQ9AI8cJlblGLZTSMDSwqmsQ.roa
Signing time: Tue 26 Mar 2024 06:04:45 +0000
ROA not before: Tue 26 Mar 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57604
IP address blocks: 45.141.208.0/22 maxlen: 24
45.150.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 06 Apr 2024 08:41:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:5c:72:1d:c8:c3:9f:df:11:2a:74:46:c3:f9:9f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Mar 26 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2255f43d008f1c2656e518b65348c0d2c2a9ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:09:15:08:ae:1f:c3:4c:85:a7:8d:b3:0e:e2:
af:3e:42:08:b7:72:fe:7b:1f:b1:bc:a0:6f:0f:97:
95:70:d9:0f:77:ad:ac:d1:7d:8c:d9:de:66:ab:fc:
dc:f4:1a:a0:95:4f:e9:5b:14:4a:d5:bc:39:bb:5a:
62:d4:8d:b8:dd:c8:96:27:27:08:42:a0:4f:c2:60:
ec:18:3b:62:9d:91:4a:6a:30:a8:f6:7f:a1:39:ca:
13:e9:0a:59:85:52:1f:e7:62:87:7f:38:96:f0:7e:
e8:1a:32:23:33:54:ba:2e:61:02:44:4a:f8:54:21:
f6:64:b8:42:73:fa:a0:d9:ab:ac:a2:c7:70:ae:71:
96:9a:9f:39:82:d0:d8:91:48:06:32:4c:96:0e:ed:
24:2e:ec:8f:93:e3:f0:03:71:56:a0:34:33:d5:9b:
2f:40:3e:4d:9b:57:a2:df:1d:62:eb:81:a4:52:ab:
a9:27:aa:8d:84:7c:71:4e:2d:de:f2:7f:db:b1:3b:
f1:ba:21:a8:78:b5:5c:a8:68:ee:ca:8d:84:6f:55:
ac:b5:f8:4c:62:a0:c6:64:83:bc:18:82:ed:bd:e1:
77:0b:da:6b:9e:b8:8b:16:47:78:6f:c7:f5:f5:fa:
ba:cb:8d:68:7a:55:20:ca:21:cf:da:20:eb:2c:78:
ad:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:25:5F:43:D0:08:F1:C2:65:6E:51:8B:65:34:8C:0D:2C:2A:9A:C4
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4iVfQ9AI8cJlblGLZTSMDSwqmsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.208.0/22
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
27:2d:47:f9:b2:b6:5a:ea:c3:8e:63:e7:ff:26:33:95:a9:b3:
65:fe:b9:51:da:90:5d:56:2d:8e:41:d8:12:02:4e:2c:8d:03:
e9:7b:d0:5f:54:d4:0e:9c:c4:f5:4d:90:f9:ff:89:d4:6e:ae:
d5:01:3e:5f:87:7c:d0:d9:fb:01:b1:30:e1:ac:71:81:86:c7:
07:ad:2c:a3:18:0e:09:db:4a:81:fa:39:bc:3a:fe:6a:00:b1:
f5:dd:72:3f:18:f9:20:e4:75:a8:fd:13:47:e5:86:d9:94:39:
18:3b:15:67:fd:cf:06:a3:73:1e:4c:ac:8f:77:3f:ac:73:9d:
63:e5:42:d2:20:b2:3f:d0:3c:fb:30:94:8b:b2:81:45:de:16:
f7:b7:21:92:ec:8b:87:d1:fb:e6:b0:24:6c:ee:4d:02:99:d2:
10:5f:86:93:c8:23:37:0c:9d:d2:f5:78:dd:a9:55:5c:4d:09:
48:bc:dc:c3:7e:fe:19:f6:68:86:1b:c7:4c:0f:6a:85:43:96:
12:4f:12:ee:eb:82:6a:c4:6f:41:5e:9e:b9:91:74:d4:62:2e:
30:cd:4c:8e:21:7b:ea:c3:5c:0f:65:43:6b:6d:6f:8f:9d:60:
f8:13:d0:d1:aa:2a:b5:e7:1f:2e:36:24:44:9a:8d:cd:a5:73:
9a:b6:7e:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY55XHIdyMOf3xEqdEbD+Z/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMzI2MDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjI1NWY0M2QwMDhmMWMyNjU2ZTUxOGI2NTM0OGMwZDJjMmE5YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wkVCK4fw0yFp42zDuKvPkIIt3L+
ex+xvKBvD5eVcNkPd62s0X2M2d5mq/zc9BqglU/pWxRK1bw5u1pi1I243ciWJycI
QqBPwmDsGDtinZFKajCo9n+hOcoT6QpZhVIf52KHfziW8H7oGjIjM1S6LmECREr4
VCH2ZLhCc/qg2ausosdwrnGWmp85gtDYkUgGMkyWDu0kLuyPk+PwA3FWoDQz1Zsv
QD5Nm1ei3x1i64GkUqupJ6qNhHxxTi3e8n/bsTvxuiGoeLVcqGjuyo2Eb1WstfhM
YqDGZIO8GILtveF3C9prnriLFkd4b8f19fq6y41oelUgyiHP2iDrLHit+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOIlX0PQCPHCZW5Ri2U0jA0sKprEMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvNGlWZlE5QUk4Y0psYmxHTFpUU01EU3dxbXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQAnLUf5srZa6sOOY+f/JjOVqbNl/rlR2pBd
Vi2OQdgSAk4sjQPpe9BfVNQOnMT1TZD5/4nUbq7VAT5fh3zQ2fsBsTDhrHGBhscH
rSyjGA4J20qB+jm8Ov5qALH13XI/GPkg5HWo/RNH5YbZlDkYOxVn/c8Go3MeTKyP
dz+sc51j5ULSILI/0Dz7MJSLsoFF3hb3tyGS7IuH0fvmsCRs7k0CmdIQX4aTyCM3
DJ3S9XjdqVVcTQlIvNzDfv4Z9miGG8dMD2qFQ5YSTxLu64JqxG9BXp65kXTUYi4w
zUyOIXvqw1wPZUNrbW+PnWD4E9DRqiq15x8uNiREmo3NpXOatn6n
-----END CERTIFICATE-----
Generated at Sat Apr 6 09:53:18 2024 by rpki-client on console-ams.rpki-client.org