Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/gCaic9Duzt4QTesO_UVJ1FwNFOg.roa
File: gCaic9Duzt4QTesO_UVJ1FwNFOg.roa (raw, json)
Hash identifier: yu7Eo+2Icp2n+khLlZ9TtRQwOIm+PQHIFGGsYaa4tRo=
Subject key identifier: 80:26:A2:73:D0:EE:CE:DE:10:4D:EB:0E:FD:45:49:D4:5C:0D:14:E8
Certificate issuer: /CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Certificate serial: 018CF190B11E1913370E071EEF6A0965FD48
Authority key identifier: 49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/gCaic9Duzt4QTesO_UVJ1FwNFOg.roa
Signing time: Wed 10 Jan 2024 04:10:40 +0000
ROA not before: Wed 10 Jan 2024 04:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51889
IP address blocks: 45.147.76.0/24 maxlen: 24
45.147.77.0/24 maxlen: 24
45.147.78.0/23 maxlen: 23
45.147.78.0/24 maxlen: 24
45.147.76.0/22 maxlen: 22
45.147.76.0/23 maxlen: 23
45.147.79.0/24 maxlen: 24
2a13:1740::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jan 2024 01:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:90:b1:1e:19:13:37:0e:07:1e:ef:6a:09:65:fd:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fe5b282b1c7db00f67bb4a13d9f79520508b7
Validity
Not Before: Jan 10 04:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8026a273d0eecede104deb0efd4549d45c0d14e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f9:77:b5:b8:e7:d6:0f:72:3c:a4:9c:cb:0c:
fb:55:0f:aa:90:48:60:70:d3:0a:55:3a:bd:eb:24:
72:02:e4:5a:63:06:6d:b9:12:02:88:d8:9d:00:4c:
5c:e0:5d:c1:72:e3:cc:0f:5e:1c:7d:67:d1:d7:05:
27:9f:23:c3:b0:0b:7a:ab:f1:cb:f7:c2:36:45:53:
bf:ed:0a:e6:55:4b:27:60:41:c2:69:a0:bf:f4:d7:
21:a6:ff:64:e6:77:27:66:57:b3:22:88:c9:d2:57:
61:65:cf:d2:cb:2a:60:fa:0c:22:c1:17:de:e9:75:
91:5e:f7:4d:3c:ff:83:34:f7:7f:de:8a:e3:4f:af:
e0:80:6a:da:ff:dd:6c:80:9d:d1:20:30:d6:38:76:
28:53:e7:68:ab:ae:ea:64:b8:de:0f:2e:6e:35:9c:
df:f6:61:8f:0d:b2:94:fa:7d:fa:97:3b:2d:4e:07:
b8:8e:27:88:2c:dd:ad:3d:cf:bc:fb:d2:0d:16:06:
43:8e:fd:39:7d:bc:21:b8:82:45:33:83:68:ee:70:
5f:93:06:b5:5c:49:cd:55:73:e3:10:77:29:a9:03:
83:ce:b0:2c:41:a5:44:f7:50:a1:3a:af:4d:37:d9:
ec:a9:45:db:58:a8:0b:5e:13:61:36:e5:b5:f9:bd:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:26:A2:73:D0:EE:CE:DE:10:4D:EB:0E:FD:45:49:D4:5C:0D:14:E8
X509v3 Authority Key Identifier:
keyid:49:8F:E5:B2:82:B1:C7:DB:00:F6:7B:B4:A1:3D:9F:79:52:05:08:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_lsoKxx9sA9nu0oT2feVIFCLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/gCaic9Duzt4QTesO_UVJ1FwNFOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/384f29-fd4d-436a-b85b-00403b64055a/1/SY_lsoKxx9sA9nu0oT2feVIFCLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.76.0/22
IPv6:
2a13:1740::/29
Signature Algorithm: sha256WithRSAEncryption
8b:90:b9:b1:e3:4c:42:b8:ef:19:27:45:a7:62:51:43:15:05:
2c:7d:81:cf:0d:18:c4:ed:47:f1:21:3b:58:5d:a2:b5:72:fc:
f3:62:af:db:f5:62:ef:7d:41:12:c7:1a:82:59:46:11:53:82:
f0:0c:7a:0c:8d:ee:f7:77:e4:58:5b:ad:a0:52:a3:c9:b4:f1:
da:cc:54:2b:80:46:f1:1e:d2:dd:0a:3a:25:75:d0:81:3c:9a:
2e:83:ec:71:26:89:81:f9:ae:b9:a6:02:64:74:c4:d4:b9:64:
90:02:2a:66:83:b2:7d:55:db:8c:60:cc:62:bc:04:a6:55:a6:
31:86:c9:87:2f:d2:9c:3f:ab:5b:69:a7:0b:07:fc:b8:6e:aa:
69:8c:e4:80:a9:63:f7:3b:58:32:fc:3d:88:bc:c9:6c:db:98:
ee:82:27:80:d8:6f:06:83:1b:60:c0:f3:7e:ea:e8:68:59:78:
0c:cf:16:12:b1:72:3f:d2:50:42:b8:52:80:81:c6:61:b5:2a:
a1:16:d6:f4:9e:a0:f3:5d:22:a6:d5:66:b5:66:6b:d1:4e:1f:
47:d1:83:e9:94:df:4b:8c:61:3e:f3:64:d0:f2:b2:26:f9:5a:
87:9d:c7:30:f3:a8:45:71:82:b1:e5:c2:10:75:78:9a:2c:ac:
6c:c6:45:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzxkLEeGRM3Dgce72oJZf1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OGZlNWIyODJiMWM3ZGIwMGY2N2JiNGExM2Q5Zjc5NTIw
NTA4YjcwHhcNMjQwMTEwMDQxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI2YTI3M2QwZWVjZWRlMTA0ZGViMGVmZDQ1NDlkNDVjMGQxNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvl3tbjn1g9yPKScywz7VQ+qkEhg
cNMKVTq96yRyAuRaYwZtuRICiNidAExc4F3BcuPMD14cfWfR1wUnnyPDsAt6q/HL
98I2RVO/7QrmVUsnYEHCaaC/9Nchpv9k5ncnZlezIojJ0ldhZc/Syypg+gwiwRfe
6XWRXvdNPP+DNPd/3orjT6/ggGra/91sgJ3RIDDWOHYoU+doq67qZLjeDy5uNZzf
9mGPDbKU+n36lzstTge4jieILN2tPc+8+9INFgZDjv05fbwhuIJFM4No7nBfkwa1
XEnNVXPjEHcpqQODzrAsQaVE91ChOq9NN9nsqUXbWKgLXhNhNuW1+b0OOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAmonPQ7s7eEE3rDv1FSdRcDRToMB8GA1UdIwQY
MBaAFEmP5bKCscfbAPZ7tKE9n3lSBQi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWIt
MDA0MDNiNjQwNTVhLzEvZ0NhaWM5RHV6dDRRVGVzT19VVkoxRndORk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zODRmMjktZmQ0ZC00MzZhLWI4NWItMDA0MDNiNjQwNTVh
LzEvU1lfbHNvS3h4OXNBOW51MG9UMmZlVklGQ0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZNMMA0E
AgACMAcDBQMqExdAMA0GCSqGSIb3DQEBCwUAA4IBAQCLkLmx40xCuO8ZJ0WnYlFD
FQUsfYHPDRjE7UfxITtYXaK1cvzzYq/b9WLvfUESxxqCWUYRU4LwDHoMje73d+RY
W62gUqPJtPHazFQrgEbxHtLdCjolddCBPJoug+xxJomB+a65pgJkdMTUuWSQAipm
g7J9VduMYMxivASmVaYxhsmHL9KcP6tbaacLB/y4bqppjOSAqWP3O1gy/D2IvMls
25jugieA2G8GgxtgwPN+6uhoWXgMzxYSsXI/0lBCuFKAgcZhtSqhFtb0nqDzXSKm
1Wa1ZmvRTh9H0YPplN9LjGE+82TQ8rIm+VqHnccw86hFcYKx5cIQdXiaLKxsxkXQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org