Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/amE-Z1bWVkfw8lAzvTbxuy0sVjI.roa
File: amE-Z1bWVkfw8lAzvTbxuy0sVjI.roa (raw, json)
Hash identifier: yXGX0ZBvBVbsy0OV2SnYYhoFFKxdF8UhRU5Lbx4VtQo=
Subject key identifier: 6A:61:3E:67:56:D6:56:47:F0:F2:50:33:BD:36:F1:BB:2D:2C:56:32
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018CE5B056EE8DA0DF79FFC0F6924E082335
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/amE-Z1bWVkfw8lAzvTbxuy0sVjI.roa
Signing time: Sun 07 Jan 2024 20:49:48 +0000
ROA not before: Sun 07 Jan 2024 20:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59651
IP address blocks: 45.143.4.0/24 maxlen: 24
45.143.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 16:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e5:b0:56:ee:8d:a0:df:79:ff:c0:f6:92:4e:08:23:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 7 20:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a613e6756d65647f0f25033bd36f1bb2d2c5632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:4b:eb:0f:cd:df:56:9c:ba:f1:ab:4b:ed:
91:e4:d7:d1:83:a7:bc:ab:31:6e:17:2a:64:27:25:
63:06:3a:1e:c2:73:19:b4:eb:ea:eb:b1:6f:9d:56:
8b:ad:14:a0:66:02:dd:f5:11:15:cd:e5:92:be:9a:
d4:dc:f2:7a:a1:fd:84:5f:b1:b8:11:cf:18:41:7c:
f4:de:ad:dd:c1:a3:35:95:6c:44:fd:82:28:30:b4:
55:79:2c:8e:c7:af:89:a3:b1:e5:66:14:e1:cb:c0:
90:e8:e9:2b:c4:0b:c9:f1:80:50:7d:6c:f3:4b:ac:
84:01:a9:e2:d9:c7:f1:9a:aa:a3:07:6f:29:d8:e9:
21:d4:50:35:6d:5a:41:14:8f:df:67:c5:ba:fe:ea:
c7:1f:5d:8b:38:d5:dd:95:bd:dd:aa:3b:80:07:0e:
c8:36:58:cc:fe:74:8d:9d:2e:76:8e:01:ad:10:cf:
8f:87:07:c9:68:97:8d:dd:c0:f1:5b:50:13:4e:e4:
3a:65:f4:de:40:c5:3d:7c:7c:49:81:89:7f:ab:24:
88:57:8e:aa:dd:89:ad:a6:e5:0c:77:4a:dc:35:92:
1a:44:40:99:0e:59:3f:9f:4e:65:c0:28:b6:f9:de:
0e:fc:12:ce:8d:37:0b:21:39:b0:db:46:56:d1:39:
13:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:61:3E:67:56:D6:56:47:F0:F2:50:33:BD:36:F1:BB:2D:2C:56:32
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/amE-Z1bWVkfw8lAzvTbxuy0sVjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.4.0/24
45.143.6.0/24
Signature Algorithm: sha256WithRSAEncryption
64:00:f4:a3:29:07:5a:28:f4:b6:27:fb:7f:18:3a:ed:3b:e5:
c2:d7:3f:6a:f6:f2:fd:3b:a6:df:45:46:cd:29:3b:6b:4c:97:
33:dc:12:2d:38:34:3d:9e:fd:87:c6:99:cf:4b:8d:0c:f6:91:
6a:cf:4e:70:5c:31:93:c4:7d:ce:98:6d:0e:1e:ce:cd:45:33:
1f:c4:99:02:6a:a2:26:6e:28:33:d4:f6:88:32:e6:ca:88:7d:
08:0b:2e:8f:28:f5:21:7e:d9:23:fb:52:31:23:66:41:fb:31:
e6:fb:f7:3d:8a:d4:c5:de:16:5a:3b:7a:15:be:3b:6e:7c:a5:
e6:d8:92:ff:31:4d:9f:32:13:aa:32:e8:aa:a9:93:64:67:42:
24:22:63:04:64:94:15:8e:22:4c:1b:c7:08:b1:4f:68:02:c8:
b7:ee:b9:72:37:bd:2d:a3:1e:9a:0f:85:a0:b7:67:5d:46:5d:
0c:99:a2:90:f0:c8:ae:dc:a0:18:d5:ce:ab:4c:c6:9e:f7:96:
95:1b:c5:d1:dc:e7:4e:0e:03:29:47:aa:97:7a:e6:d9:2d:14:
ac:21:b4:c4:bc:0b:0d:a8:38:49:6a:c2:b9:c7:de:b3:62:f0:
12:09:ae:7c:aa:66:5e:dc:90:1c:22:c3:2c:be:0a:0e:83:35:
cc:86:36:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzlsFbujaDfef/A9pJOCCM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjQwMTA3MjA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYxM2U2NzU2ZDY1NjQ3ZjBmMjUwMzNiZDM2ZjFiYjJkMmM1NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoJL6w/N31acuvGrS+2R5NfRg6e8
qzFuFypkJyVjBjoewnMZtOvq67FvnVaLrRSgZgLd9REVzeWSvprU3PJ6of2EX7G4
Ec8YQXz03q3dwaM1lWxE/YIoMLRVeSyOx6+Jo7HlZhThy8CQ6OkrxAvJ8YBQfWzz
S6yEAani2cfxmqqjB28p2Okh1FA1bVpBFI/fZ8W6/urHH12LONXdlb3dqjuABw7I
NljM/nSNnS52jgGtEM+PhwfJaJeN3cDxW1ATTuQ6ZfTeQMU9fHxJgYl/qySIV46q
3YmtpuUMd0rcNZIaRECZDlk/n05lwCi2+d4O/BLOjTcLITmw20ZW0TkTvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGphPmdW1lZH8PJQM7028bstLFYyMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL2FtRS1aMWJXVmtmdzhsQXp2VGJ4dXkwc1ZqSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtjwQD
BAAtjwYwDQYJKoZIhvcNAQELBQADggEBAGQA9KMpB1oo9LYn+38YOu075cLXP2r2
8v07pt9FRs0pO2tMlzPcEi04ND2e/YfGmc9LjQz2kWrPTnBcMZPEfc6YbQ4ezs1F
Mx/EmQJqoiZuKDPU9ogy5sqIfQgLLo8o9SF+2SP7UjEjZkH7Meb79z2K1MXeFlo7
ehW+O258pebYkv8xTZ8yE6oy6Kqpk2RnQiQiYwRklBWOIkwbxwixT2gCyLfuuXI3
vS2jHpoPhaC3Z11GXQyZopDwyK7coBjVzqtMxp73lpUbxdHc504OAylHqpd65tkt
FKwhtMS8Cw2oOElqwrnH3rNi8BIJrnyqZl7ckBwiwyy+Cg6DNcyGNs4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org