Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Kn8YGVs5XMKY24_aMIr-ihAgE34.roa
File: Kn8YGVs5XMKY24_aMIr-ihAgE34.roa (raw, json)
Hash identifier: GjosgrNiSYF5eV8BtPLu3Zn575txDS0ia2I/tNk4NXI=
Subject key identifier: 2A:7F:18:19:5B:39:5C:C2:98:DB:8F:DA:30:8A:FE:8A:10:20:13:7E
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018D1383B12B5B30AEC0D6CD51B42683DD80
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Kn8YGVs5XMKY24_aMIr-ihAgE34.roa
Signing time: Tue 16 Jan 2024 18:23:33 +0000
ROA not before: Tue 16 Jan 2024 18:23:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59651
IP address blocks: 45.143.5.0/24 maxlen: 24
45.143.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 19:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:83:b1:2b:5b:30:ae:c0:d6:cd:51:b4:26:83:dd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 16 18:23:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a7f18195b395cc298db8fda308afe8a1020137e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:56:b3:75:e1:8f:26:68:98:80:37:7f:bb:9d:
18:b8:65:33:af:00:e7:85:97:3d:22:e5:55:23:3e:
c1:34:13:b4:bb:ca:98:5c:f2:39:81:27:46:69:f6:
d4:1a:0c:50:04:4d:f4:c3:96:ff:d6:c6:f3:bd:5e:
98:ae:9c:c9:c2:e1:36:d0:03:ae:f2:0a:11:c9:c6:
25:13:d6:01:1c:e6:b6:66:34:b1:85:d9:c7:68:6f:
a2:da:ae:be:92:1a:ac:12:eb:1b:24:6e:a5:2d:fe:
77:e1:1b:c4:b8:bc:50:34:93:3f:18:6f:4d:a5:d8:
0d:53:c7:ce:bc:55:8d:6e:4b:1b:e4:14:04:3b:87:
ef:4e:38:b1:cf:88:1c:40:ed:9a:ff:13:be:9a:c4:
8f:dc:df:f3:f1:90:70:2a:d3:bc:a5:e2:db:0c:97:
60:f7:97:82:45:df:a3:41:93:65:f9:9e:95:29:7e:
1e:fa:a1:6f:82:dc:79:5b:74:bd:ab:11:6d:8a:78:
ac:2d:a2:15:6e:3a:1d:b7:60:47:fd:dd:3e:90:bf:
b8:91:7e:b6:f7:6a:35:48:2b:ce:00:53:33:f9:4f:
eb:24:4a:b1:04:2c:37:dd:ee:1a:8f:57:8e:de:78:
5b:14:6d:40:34:a9:05:3f:66:ba:a0:b8:f4:e3:18:
1f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7F:18:19:5B:39:5C:C2:98:DB:8F:DA:30:8A:FE:8A:10:20:13:7E
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/Kn8YGVs5XMKY24_aMIr-ihAgE34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.5.0-45.143.6.255
Signature Algorithm: sha256WithRSAEncryption
64:2d:b7:4d:ba:67:04:e5:d6:c8:7a:48:cf:5d:a5:bb:36:1a:
d3:e1:ef:b2:d9:e9:8c:b3:d0:d7:3c:36:bc:93:f4:5a:89:84:
a6:06:1c:14:02:d0:84:80:61:84:53:ed:49:b3:e4:ba:3b:1f:
c8:43:d3:fb:d7:bc:d9:d1:a3:43:e0:25:6c:f6:60:84:d2:89:
47:67:0e:b9:fe:21:1b:3d:fd:85:6a:38:f0:5c:17:4a:05:64:
cb:a0:3d:5c:cd:e5:98:da:1d:6e:2c:db:82:cd:a9:35:5c:93:
82:25:40:97:50:11:58:03:03:5d:e3:f1:1f:cd:10:d0:2b:70:
14:22:78:89:ba:79:d2:38:2c:44:e3:24:91:e7:df:dd:56:cf:
1d:ae:05:56:73:0c:d3:a1:50:56:f1:86:1b:a9:48:34:8c:da:
86:e1:7e:69:6a:d2:08:97:0e:25:12:dc:65:84:96:e0:17:c7:
48:30:31:46:57:6f:c8:d5:1b:e4:c4:a7:fb:c0:8d:64:b3:b5:
8f:86:8e:d1:21:19:af:39:74:73:57:f8:07:8c:1d:08:cd:5d:
69:a8:a0:1e:3e:61:b2:81:79:89:0b:27:90:06:38:f9:a2:01:
d1:00:b7:1d:44:92:23:ae:39:e9:d4:c5:15:35:e3:d6:09:59:
96:40:a1:f2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAY0Tg7ErWzCuwNbNUbQmg92AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjQwMTE2MTgyMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdmMTgxOTViMzk1Y2MyOThkYjhmZGEzMDhhZmU4YTEwMjAxMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFazdeGPJmiYgDd/u50YuGUzrwDn
hZc9IuVVIz7BNBO0u8qYXPI5gSdGafbUGgxQBE30w5b/1sbzvV6YrpzJwuE20AOu
8goRycYlE9YBHOa2ZjSxhdnHaG+i2q6+khqsEusbJG6lLf534RvEuLxQNJM/GG9N
pdgNU8fOvFWNbksb5BQEO4fvTjixz4gcQO2a/xO+msSP3N/z8ZBwKtO8peLbDJdg
95eCRd+jQZNl+Z6VKX4e+qFvgtx5W3S9qxFtinisLaIVbjodt2BH/d0+kL+4kX62
92o1SCvOAFMz+U/rJEqxBCw33e4aj1eO3nhbFG1ANKkFP2a6oLj04xgfMQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFCp/GBlbOVzCmNuP2jCK/ooQIBN+MB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL0tuOFlHVnM1WE1LWTI0X2FNSXItaWhBZ0UzNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEAC2P
BQMEAC2PBjANBgkqhkiG9w0BAQsFAAOCAQEAZC23TbpnBOXWyHpIz12luzYa0+Hv
stnpjLPQ1zw2vJP0WomEpgYcFALQhIBhhFPtSbPkujsfyEPT+9e82dGjQ+AlbPZg
hNKJR2cOuf4hGz39hWo48FwXSgVky6A9XM3lmNodbizbgs2pNVyTgiVAl1ARWAMD
XePxH80Q0CtwFCJ4ibp50jgsROMkkeff3VbPHa4FVnMM06FQVvGGG6lINIzahuF+
aWrSCJcOJRLcZYSW4BfHSDAxRldvyNUb5MSn+8CNZLO1j4aO0SEZrzl0c1f4B4wd
CM1daaigHj5hsoF5iQsnkAY4+aIB0QC3HUSSI6456dTFFTXj1glZlkCh8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:14 2024 by rpki-client on console-ams.rpki-client.org