Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1as7XCVv3XOW7mLwvW8VMOS4qHA.roa
File: 1as7XCVv3XOW7mLwvW8VMOS4qHA.roa (raw, json)
Hash identifier: 3vpTGr6ilVDmUquLkx6ye65e7XnGg7Ff73kHhKKGa0A=
Subject key identifier: D5:AB:3B:5C:25:6F:DD:73:96:EE:62:F0:BD:6F:15:30:E4:B8:A8:70
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01921EB2D502626A7A3ABA5CEB5F09C21EC4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1as7XCVv3XOW7mLwvW8VMOS4qHA.roa
Signing time: Mon 23 Sep 2024 11:44:49 +0000
ROA not before: Mon 23 Sep 2024 11:44:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44948
IP address blocks: 45.131.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Oct 2024 10:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:b2:d5:02:62:6a:7a:3a:ba:5c:eb:5f:09:c2:1e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 23 11:44:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5ab3b5c256fdd7396ee62f0bd6f1530e4b8a870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:3a:b6:b0:34:b5:84:f9:28:78:f5:78:24:
8c:a9:94:0d:a9:f1:e8:71:27:7c:8a:d8:01:ed:15:
d9:d6:eb:5e:60:19:c4:62:09:9d:f1:98:e4:95:5e:
09:cd:13:0e:3c:b6:2a:13:63:7c:e2:83:1a:1d:2d:
3d:35:36:33:a2:67:50:09:52:0b:2a:d9:ad:c8:35:
5f:bb:d9:1d:50:52:bf:2d:ec:40:39:93:b3:b7:70:
38:ff:c5:38:87:4d:b2:d7:2f:95:83:bc:57:fc:6d:
4c:b8:c5:83:c4:5b:82:63:d3:1b:6f:4e:bd:04:a1:
0d:95:41:1b:fa:63:bb:b4:e4:9f:e3:b7:a0:3e:02:
57:f4:63:d7:38:b6:14:76:2e:a9:bc:b9:52:45:62:
a4:01:2e:be:f8:da:91:de:49:cc:e0:30:87:54:fa:
79:bb:ec:ca:a1:99:2b:21:14:7c:2f:35:3b:01:9c:
51:55:47:36:d5:e2:65:fe:57:3d:ab:01:09:68:d6:
d1:6d:6b:fa:c3:38:74:d1:65:90:e3:3f:02:56:65:
c9:8a:29:b1:8b:6e:84:8a:30:c7:9b:cb:25:f2:e2:
40:06:90:04:ca:8d:73:ad:4f:0c:83:00:8c:fb:97:
dc:79:12:e6:85:16:35:f0:0a:f1:b6:95:8b:55:54:
a4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AB:3B:5C:25:6F:DD:73:96:EE:62:F0:BD:6F:15:30:E4:B8:A8:70
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1as7XCVv3XOW7mLwvW8VMOS4qHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.184.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:9f:53:11:18:43:df:c9:4d:d5:c9:52:e0:fb:37:4d:65:b9:
05:62:dc:27:ce:ee:30:0b:1d:08:f8:4b:f2:b9:7a:b0:58:c6:
0a:70:7d:32:d2:bd:66:31:58:19:a0:02:aa:b5:23:0e:52:04:
75:29:3b:32:29:b5:90:d9:35:d9:2d:9a:86:e7:0a:8d:76:1c:
fa:e0:71:99:ad:1f:f4:7f:7f:a1:b4:66:07:02:64:43:a6:89:
3a:5e:1a:a9:3e:f6:e1:ee:a6:b1:ab:82:01:6a:a8:7e:d1:93:
86:cf:6e:d1:b1:5b:e8:25:da:38:a7:06:89:42:08:60:94:67:
ad:d3:0f:3c:50:c0:a7:7b:42:5d:16:10:fa:0e:ad:48:1b:13:
70:17:80:9f:42:24:a7:da:3b:a6:59:39:84:38:88:9f:58:5b:
5a:1a:4d:2b:a5:c5:38:40:b2:71:04:07:5f:2a:c7:4b:05:03:
56:8d:5c:dc:9e:d6:bd:d7:ff:cd:a5:9b:ba:26:72:14:39:5b:
56:c3:76:57:11:ad:52:0c:b0:4a:cb:36:fa:ed:58:f5:9c:3f:
1e:3b:d8:37:09:a8:b7:2e:15:48:1c:94:28:cf:c0:5a:bb:5c:
a7:15:b3:2c:f2:05:61:9e:be:e3:3d:bd:cb:40:68:ff:93:af:
92:3d:53:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIestUCYmp6Orpc618Jwh7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTIzMTE0NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWFiM2I1YzI1NmZkZDczOTZlZTYyZjBiZDZmMTUzMGU0YjhhODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD06trA0tYT5KHj1eCSMqZQNqfHo
cSd8itgB7RXZ1uteYBnEYgmd8ZjklV4JzRMOPLYqE2N84oMaHS09NTYzomdQCVIL
KtmtyDVfu9kdUFK/LexAOZOzt3A4/8U4h02y1y+Vg7xX/G1MuMWDxFuCY9Mbb069
BKENlUEb+mO7tOSf47egPgJX9GPXOLYUdi6pvLlSRWKkAS6++NqR3knM4DCHVPp5
u+zKoZkrIRR8LzU7AZxRVUc21eJl/lc9qwEJaNbRbWv6wzh00WWQ4z8CVmXJiimx
i26EijDHm8sl8uJABpAEyo1zrU8MgwCM+5fceRLmhRY18ArxtpWLVVSkMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWrO1wlb91zlu5i8L1vFTDkuKhwMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMWFzN1hDVnYzWE9XN21Md3ZXOFZNT1M0cUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYO4MA0G
CSqGSIb3DQEBCwUAA4IBAQAdn1MRGEPfyU3VyVLg+zdNZbkFYtwnzu4wCx0I+Evy
uXqwWMYKcH0y0r1mMVgZoAKqtSMOUgR1KTsyKbWQ2TXZLZqG5wqNdhz64HGZrR/0
f3+htGYHAmRDpok6XhqpPvbh7qaxq4IBaqh+0ZOGz27RsVvoJdo4pwaJQghglGet
0w88UMCne0JdFhD6Dq1IGxNwF4CfQiSn2jumWTmEOIifWFtaGk0rpcU4QLJxBAdf
KsdLBQNWjVzcnta91//NpZu6JnIUOVtWw3ZXEa1SDLBKyzb67Vj1nD8eO9g3Cai3
LhVIHJQoz8Bau1ynFbMs8gVhnr7jPb3LQGj/k6+SPVOk
-----END CERTIFICATE-----
Generated at Tue Oct 1 12:15:56 2024 by rpki-client on console-fra.rpki-client.org