Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vUngri3AC_3BVhU4nGSBAiNwXKs.roa
File: vUngri3AC_3BVhU4nGSBAiNwXKs.roa (raw, json)
Hash identifier: ao0hgNyP/yLGqISCMoRL9yLPORJ2TXGvBraYU3You28=
Subject key identifier: BD:49:E0:AE:2D:C0:0B:FD:C1:56:15:38:9C:64:81:02:23:70:5C:AB
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018D8936547C655A4727FD4A60585940CE80
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vUngri3AC_3BVhU4nGSBAiNwXKs.roa
Signing time: Thu 08 Feb 2024 14:54:15 +0000
ROA not before: Thu 08 Feb 2024 14:54:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 45.141.208.0/22 maxlen: 24
45.150.8.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 07:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:36:54:7c:65:5a:47:27:fd:4a:60:58:59:40:ce:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 8 14:54:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd49e0ae2dc00bfdc15615389c64810223705cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:2a:4c:67:be:b6:29:ea:d4:9f:0d:69:89:
9e:5b:97:03:2b:ad:02:f4:d0:0f:39:1d:a4:f1:31:
f8:7c:37:b7:b3:e6:ea:74:5b:28:3c:8b:4d:60:34:
76:1b:e2:8d:34:3d:c8:1a:38:9a:f2:aa:bf:d6:ba:
20:5a:d1:28:7d:77:87:75:9e:5e:8c:6f:bb:2a:f9:
f9:94:dd:63:2a:b5:59:84:56:78:21:63:6b:03:6b:
69:2e:e1:c0:bf:0c:3b:2e:ee:fa:b5:52:ae:4f:5b:
32:e0:be:2b:1e:b9:66:81:84:4d:1d:26:cd:0b:24:
6e:ec:32:3d:27:8f:4a:f7:c7:1e:2c:5e:d3:b3:f5:
49:c5:34:fd:db:e4:ce:37:ce:24:f2:20:25:e1:36:
0b:64:d5:2a:78:52:5d:5f:9b:13:c8:7d:d2:85:20:
23:f1:7d:1b:45:12:e6:3b:55:93:69:f5:23:67:a9:
0b:f2:82:77:75:97:c0:8b:19:02:57:bf:25:a3:f7:
21:c3:00:4b:74:06:52:ad:fd:2e:ef:b9:33:83:ea:
4b:bd:0b:4a:b2:23:ea:cc:06:5d:be:d5:75:a4:99:
52:c8:8b:6f:2e:45:36:33:1b:0d:18:18:64:10:15:
7a:88:66:c7:e9:84:4f:b3:d1:6d:49:f3:69:01:52:
6b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:49:E0:AE:2D:C0:0B:FD:C1:56:15:38:9C:64:81:02:23:70:5C:AB
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/vUngri3AC_3BVhU4nGSBAiNwXKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.208.0/22
45.150.8.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:d4:cd:dd:53:1e:f8:16:23:a3:03:55:10:93:2b:2e:59:24:
29:00:2d:bf:87:f3:a6:83:79:96:2a:f9:03:1b:a9:41:2b:bc:
80:48:7f:4d:15:df:81:f7:a9:23:bb:f6:14:91:b4:41:b4:bf:
09:cd:53:7b:5a:e7:23:16:2f:3c:c8:08:dd:fd:16:4d:c3:72:
39:38:17:ff:82:b4:a1:be:35:3c:22:93:29:0e:81:a7:05:7f:
5b:fd:13:0c:88:85:ec:fa:8f:1e:7d:46:5f:d6:58:58:5f:2e:
de:e2:8e:03:0f:35:55:8c:72:3b:07:53:5a:1a:e8:e1:57:d9:
62:e1:4c:1c:62:82:21:b2:a2:c5:df:5d:a8:d4:a4:da:0c:6a:
42:11:92:24:b5:ff:b0:53:11:99:98:7c:51:5a:a3:42:3e:2e:
f9:0d:3a:53:b0:01:a1:0c:57:b4:39:ea:b9:dd:7a:22:82:8d:
4c:f2:3d:99:30:05:f6:6b:00:f2:c3:58:27:5d:d9:d7:a8:66:
78:5d:5c:c9:1b:5d:30:3c:9c:9b:0a:66:1f:e3:1d:4d:2f:8e:
51:85:f6:81:d8:7e:2a:c7:1b:15:88:d5:6c:a6:a1:24:1f:1e:
a2:98:44:d9:45:85:6c:bf:fd:09:e8:66:c3:64:ac:66:86:cd:
e7:a7:0d:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2JNlR8ZVpHJ/1KYFhZQM6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMjA4MTQ1NDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ5ZTBhZTJkYzAwYmZkYzE1NjE1Mzg5YzY0ODEwMjIzNzA1Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsekqTGe+tinq1J8NaYmeW5cDK60C
9NAPOR2k8TH4fDe3s+bqdFsoPItNYDR2G+KNND3IGjia8qq/1rogWtEofXeHdZ5e
jG+7Kvn5lN1jKrVZhFZ4IWNrA2tpLuHAvww7Lu76tVKuT1sy4L4rHrlmgYRNHSbN
CyRu7DI9J49K98ceLF7Ts/VJxTT92+TON84k8iAl4TYLZNUqeFJdX5sTyH3ShSAj
8X0bRRLmO1WTafUjZ6kL8oJ3dZfAixkCV78lo/chwwBLdAZSrf0u77kzg+pLvQtK
siPqzAZdvtV1pJlSyItvLkU2MxsNGBhkEBV6iGbH6YRPs9FtSfNpAVJrQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL1J4K4twAv9wVYVOJxkgQIjcFyrMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvdlVuZ3JpM0FDXzNCVmhVNG5HU0JBaU53WEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY3QAwQC
LZYIMA0GCSqGSIb3DQEBCwUAA4IBAQB71M3dUx74FiOjA1UQkysuWSQpAC2/h/Om
g3mWKvkDG6lBK7yASH9NFd+B96kju/YUkbRBtL8JzVN7WucjFi88yAjd/RZNw3I5
OBf/grShvjU8IpMpDoGnBX9b/RMMiIXs+o8efUZf1lhYXy7e4o4DDzVVjHI7B1Na
GujhV9li4UwcYoIhsqLF312o1KTaDGpCEZIktf+wUxGZmHxRWqNCPi75DTpTsAGh
DFe0Oeq53Xoigo1M8j2ZMAX2awDyw1gnXdnXqGZ4XVzJG10wPJybCmYf4x1NL45R
hfaB2H4qxxsViNVspqEkHx6imETZRYVsv/0J6GbDZKxmhs3npw0F
-----END CERTIFICATE-----
Generated at Thu Feb 22 10:11:35 2024 by rpki-client on console-ams.rpki-client.org