Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7e7ee7-1bd4-4435-871f-6cf8e567ff1c/1/1-YbcpIyJM5UMg35Hp7JS9fBN_ek.roa
File: 1-YbcpIyJM5UMg35Hp7JS9fBN_ek.roa (raw, json)
Hash identifier: 2e9hI5O3FZx7PiFrqdx4NuKPuhnx4J3h8t6g6dQhNv8=
Subject key identifier: F9:86:DC:A4:8C:89:33:95:0C:83:7E:47:A7:B2:52:F5:F0:4D:FD:E9
Certificate issuer: /CN=b4d73a6ad77a8f859b403db2ce715e82d1cf32fe
Certificate serial: 01857203455BE1F77761563C66A360B81400
Authority key identifier: B4:D7:3A:6A:D7:7A:8F:85:9B:40:3D:B2:CE:71:5E:82:D1:CF:32:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNc6atd6j4WbQD2yznFegtHPMv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/7e7ee7-1bd4-4435-871f-6cf8e567ff1c/1/1-YbcpIyJM5UMg35Hp7JS9fBN_ek.roa
Signing time: Mon 02 Jan 2023 10:24:54 +0000
ROA not before: Mon 02 Jan 2023 10:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12586
IP address blocks: 45.146.136.0/22 maxlen: 24
2a0f:3000::/29 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:45:5b:e1:f7:77:61:56:3c:66:a3:60:b8:14:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4d73a6ad77a8f859b403db2ce715e82d1cf32fe
Validity
Not Before: Jan 2 10:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f986dca48c8933950c837e47a7b252f5f04dfde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0e:11:89:b1:b1:39:3b:50:e5:82:80:e3:25:
76:56:71:8d:34:62:15:a2:04:1e:ba:55:8d:6a:ff:
1e:64:8f:48:f8:1b:bf:3c:bb:5e:43:b0:4f:8c:f1:
f3:15:62:24:ec:ea:94:79:4b:76:d9:19:06:54:c2:
45:c3:60:e8:5d:5c:7f:3e:0e:71:c7:b0:e4:8c:30:
58:d5:05:2b:9a:d4:5c:5f:69:19:75:9d:cf:ca:b5:
1f:88:db:ee:70:89:86:f8:fa:70:68:d7:28:c5:00:
fb:a3:69:50:1c:50:4c:1b:c5:13:4d:16:70:55:93:
b1:6c:24:6b:9d:08:8d:92:59:e6:c6:be:68:53:d7:
d1:a8:62:60:b3:07:e8:04:6e:f7:f9:f6:6e:14:12:
4b:9a:dc:04:82:0d:5a:18:a1:7b:71:3a:f7:ef:e3:
6e:82:7c:8e:da:de:44:48:8b:a5:06:c5:7a:c4:a8:
26:dd:2b:be:eb:7f:2e:d3:e4:48:eb:8d:55:0a:2c:
64:27:be:f5:58:b3:8e:cb:86:99:c8:d8:89:60:37:
21:55:6b:53:54:c3:0c:73:e4:3c:d6:1f:d5:dc:a6:
3a:27:8d:34:cc:79:5d:8b:4c:77:26:a0:62:65:c0:
c2:39:5f:59:2c:e7:45:dc:85:00:8d:fe:91:1d:66:
b4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:86:DC:A4:8C:89:33:95:0C:83:7E:47:A7:B2:52:F5:F0:4D:FD:E9
X509v3 Authority Key Identifier:
keyid:B4:D7:3A:6A:D7:7A:8F:85:9B:40:3D:B2:CE:71:5E:82:D1:CF:32:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNc6atd6j4WbQD2yznFegtHPMv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7e7ee7-1bd4-4435-871f-6cf8e567ff1c/1/1-YbcpIyJM5UMg35Hp7JS9fBN_ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7e7ee7-1bd4-4435-871f-6cf8e567ff1c/1/tNc6atd6j4WbQD2yznFegtHPMv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.136.0/22
IPv6:
2a0f:3000::/29
Signature Algorithm: sha256WithRSAEncryption
1f:a0:e2:9b:f2:95:85:db:a8:93:ab:e0:f2:1e:44:0e:ee:11:
cd:60:0e:03:0e:bf:11:60:27:b4:c6:ed:a9:5d:71:cb:53:f2:
4f:b2:da:6f:03:66:ee:ea:51:b0:91:5d:35:ba:c7:72:65:db:
9c:59:c6:14:3b:c4:65:09:3a:40:d0:88:73:d3:76:05:47:e2:
cd:29:fb:4d:bb:92:07:39:78:75:8a:ac:d3:8a:06:42:e2:0d:
11:1f:30:a4:90:aa:41:83:13:d5:29:98:e2:ee:14:f6:81:64:
2d:29:91:20:a5:58:81:d7:a1:25:e9:8c:36:20:26:9d:16:46:
2e:49:2c:e2:a1:81:6d:35:f9:af:a2:4a:28:14:ea:6e:26:ca:
6e:87:fc:19:59:51:82:45:dc:2f:95:9a:0a:9d:c9:01:03:67:
38:cf:25:95:19:0c:a5:70:b8:41:f2:06:ef:c1:8d:6a:5b:54:
08:36:a2:4c:93:f4:33:bf:3c:7f:19:de:cc:42:6d:f6:12:ec:
7d:f9:22:b4:f6:4d:ba:89:ae:8d:69:22:2e:a4:93:36:f9:cf:
b6:0f:29:cf:44:04:33:f6:82:ef:5f:f6:d4:19:7c:cf:41:c5:
85:ed:d8:2a:df:99:46:70:39:48:01:68:12:c9:11:ec:14:69:
16:15:a6:7b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVyA0Vb4fd3YVY8ZqNguBQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDczYTZhZDc3YThmODU5YjQwM2RiMmNlNzE1ZTgyZDFj
ZjMyZmUwHhcNMjMwMTAyMTAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg2ZGNhNDhjODkzMzk1MGM4MzdlNDdhN2IyNTJmNWYwNGRmZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ4RibGxOTtQ5YKA4yV2VnGNNGIV
ogQeulWNav8eZI9I+Bu/PLteQ7BPjPHzFWIk7OqUeUt22RkGVMJFw2DoXVx/Pg5x
x7DkjDBY1QUrmtRcX2kZdZ3PyrUfiNvucImG+PpwaNcoxQD7o2lQHFBMG8UTTRZw
VZOxbCRrnQiNklnmxr5oU9fRqGJgswfoBG73+fZuFBJLmtwEgg1aGKF7cTr37+Nu
gnyO2t5ESIulBsV6xKgm3Su+638u0+RI641VCixkJ771WLOOy4aZyNiJYDchVWtT
VMMMc+Q81h/V3KY6J400zHldi0x3JqBiZcDCOV9ZLOdF3IUAjf6RHWa0IQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPmG3KSMiTOVDIN+R6eyUvXwTf3pMB8GA1UdIwQY
MBaAFLTXOmrXeo+Fm0A9ss5xXoLRzzL+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5jNmF0ZDZqNFdiUUQyeXpuRmVndEhQTXY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83ZTdlZTctMWJkNC00NDM1LTg3MWYt
NmNmOGU1NjdmZjFjLzEvMS1ZYmNwSXlKTTVVTWczNUhwN0pTOWZCTl9lay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvN2U3ZWU3LTFiZDQtNDQzNS04NzFmLTZjZjhlNTY3ZmYx
Yy8xL3ROYzZhdGQ2ajRXYlFEMnl6bkZlZ3RIUE12NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2SiDAN
BAIAAjAHAwUDKg8wADANBgkqhkiG9w0BAQsFAAOCAQEAH6Dim/KVhduok6vg8h5E
Du4RzWAOAw6/EWAntMbtqV1xy1PyT7LabwNm7upRsJFdNbrHcmXbnFnGFDvEZQk6
QNCIc9N2BUfizSn7TbuSBzl4dYqs04oGQuINER8wpJCqQYMT1SmY4u4U9oFkLSmR
IKVYgdehJemMNiAmnRZGLkks4qGBbTX5r6JKKBTqbibKbof8GVlRgkXcL5WaCp3J
AQNnOM8llRkMpXC4QfIG78GNaltUCDaiTJP0M788fxnezEJt9hLsffkitPZNuomu
jWkiLqSTNvnPtg8pz0QEM/aC71/21Bl8z0HFhe3YKt+ZRnA5SAFoEskR7BRpFhWm
ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org