Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/_dPWIe8QKLfMpIe14DRlPCptTh4.roa
File: _dPWIe8QKLfMpIe14DRlPCptTh4.roa (raw, json)
Hash identifier: unvguN+6TrSmmDf/xMMP6Kyc5meRWN+2oA+6//akfRk=
Subject key identifier: FD:D3:D6:21:EF:10:28:B7:CC:A4:87:B5:E0:34:65:3C:2A:6D:4E:1E
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 018C97077883528F1D81CA52E144331EA465
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/_dPWIe8QKLfMpIe14DRlPCptTh4.roa
Signing time: Sat 23 Dec 2023 14:14:58 +0000
ROA not before: Sat 23 Dec 2023 14:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197730
IP address blocks: 45.152.87.0/24 maxlen: 32
45.145.5.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:07:78:83:52:8f:1d:81:ca:52:e1:44:33:1e:a4:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Dec 23 14:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdd3d621ef1028b7cca487b5e034653c2a6d4e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d7:10:01:ff:d2:ae:66:1d:87:0f:87:55:3c:
40:5a:78:8f:e3:6f:e1:06:66:e6:86:2e:c7:b2:e4:
3f:90:af:72:1f:99:41:7d:d7:03:65:be:a7:38:33:
5f:9e:94:e9:c1:c6:5c:11:b9:b3:36:fd:5c:dd:c2:
1b:ba:cf:91:ed:2d:cd:47:1d:d7:9a:f0:3e:a7:35:
7a:4a:42:da:cf:9e:93:b3:85:3d:60:ef:51:14:34:
6f:dc:44:0b:16:1a:d5:4d:91:c6:b5:97:1b:15:ce:
30:f1:cf:50:5f:78:7f:1b:e6:d1:3d:63:94:32:59:
6d:43:1a:a8:47:48:cc:4b:60:44:ce:ae:0c:9e:f7:
9c:52:80:4a:2b:63:63:25:29:56:de:88:3a:dc:c6:
e4:a6:f7:53:b0:1e:e0:54:ca:a1:5c:09:e5:c3:2a:
53:b9:8d:2e:b3:8f:49:dd:58:39:d8:7d:6b:85:74:
ec:27:a0:c8:3f:54:9b:32:61:d5:5c:8e:14:11:10:
a3:00:ba:b1:71:81:2f:e4:53:a5:f8:64:9e:b7:4b:
c8:2f:59:40:88:40:46:8f:5d:45:21:7f:86:a4:18:
8b:2f:ae:ee:d2:f9:34:bf:39:36:29:1a:bb:74:9c:
e0:0e:5f:41:09:a6:b1:6b:12:f6:6d:4e:9d:b7:17:
86:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D3:D6:21:EF:10:28:B7:CC:A4:87:B5:E0:34:65:3C:2A:6D:4E:1E
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/_dPWIe8QKLfMpIe14DRlPCptTh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.5.0/24
45.152.87.0/24
Signature Algorithm: sha256WithRSAEncryption
42:e6:c9:1e:b4:44:94:48:3d:74:74:77:0f:4c:ce:39:15:62:
be:e0:88:11:7a:e2:28:b1:c9:17:7d:52:cd:8f:5d:ce:1f:89:
a2:9a:dc:09:1d:fd:e4:63:ea:78:78:67:19:6d:d1:dc:a8:c0:
d6:9d:c9:64:29:fd:38:43:3d:ac:f6:18:25:56:a6:7b:cd:b7:
cb:75:ab:35:ef:3e:d3:da:76:26:43:8d:26:66:30:29:1f:49:
ae:5e:29:ca:5d:52:cd:d3:4b:8f:cf:06:50:a3:49:bc:af:5e:
1a:e5:65:ac:bc:2f:e7:f5:c3:0a:9c:9b:9a:de:4a:a5:51:5c:
ec:8f:72:54:ad:c0:37:6a:49:f4:02:51:c1:8e:b2:e3:a9:2b:
07:e5:f9:20:1e:16:96:56:6f:2a:2b:78:72:86:aa:34:2b:94:
50:7a:85:b3:54:d1:1d:09:3e:d3:d5:ce:1d:1f:83:1f:7d:86:
c0:f3:e9:81:99:2e:79:cf:b4:d7:e1:55:e4:88:bc:07:92:00:
b8:f6:c7:9d:20:15:f0:a2:52:1f:b7:96:11:54:c6:ab:80:66:
7d:23:81:4d:bf:c9:43:12:c8:4b:74:cd:60:8b:f9:09:48:70:
f1:95:85:51:96:94:0f:06:ab:08:c0:8e:58:6e:ad:1f:d1:74:
e9:e9:fb:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyXB3iDUo8dgcpS4UQzHqRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjMxMjIzMTQxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQzZDYyMWVmMTAyOGI3Y2NhNDg3YjVlMDM0NjUzYzJhNmQ0ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9cQAf/SrmYdhw+HVTxAWniP42/h
Bmbmhi7HsuQ/kK9yH5lBfdcDZb6nODNfnpTpwcZcEbmzNv1c3cIbus+R7S3NRx3X
mvA+pzV6SkLaz56Ts4U9YO9RFDRv3EQLFhrVTZHGtZcbFc4w8c9QX3h/G+bRPWOU
MlltQxqoR0jMS2BEzq4MnvecUoBKK2NjJSlW3og63MbkpvdTsB7gVMqhXAnlwypT
uY0us49J3Vg52H1rhXTsJ6DIP1SbMmHVXI4UERCjALqxcYEv5FOl+GSet0vIL1lA
iEBGj11FIX+GpBiLL67u0vk0vzk2KRq7dJzgDl9BCaaxaxL2bU6dtxeGJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP3T1iHvECi3zKSHteA0ZTwqbU4eMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvX2RQV0llOFFLTGZNcEllMTREUmxQQ3B0VGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZEFAwQA
LZhXMA0GCSqGSIb3DQEBCwUAA4IBAQBC5sketESUSD10dHcPTM45FWK+4IgReuIo
sckXfVLNj13OH4mimtwJHf3kY+p4eGcZbdHcqMDWnclkKf04Qz2s9hglVqZ7zbfL
das17z7T2nYmQ40mZjApH0muXinKXVLN00uPzwZQo0m8r14a5WWsvC/n9cMKnJua
3kqlUVzsj3JUrcA3akn0AlHBjrLjqSsH5fkgHhaWVm8qK3hyhqo0K5RQeoWzVNEd
CT7T1c4dH4MffYbA8+mBmS55z7TX4VXkiLwHkgC49sedIBXwolIft5YRVMargGZ9
I4FNv8lDEshLdM1gi/kJSHDxlYVRlpQPBqsIwI5Ybq0f0XTp6fuO
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:16 2024 by rpki-client on console-ams.rpki-client.org