Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AxrHI8JunQIE_ueUVgLWzMaL0DU.roa
File: AxrHI8JunQIE_ueUVgLWzMaL0DU.roa (raw, json)
Hash identifier: 2339XZSRCHl7+eY85fT+VhAqVvSmQqKXsoTfu1fagWc=
Subject key identifier: 03:1A:C7:23:C2:6E:9D:02:04:FE:E7:94:56:02:D6:CC:C6:8B:D0:35
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018572BA2F91A468BBA4804E8D57AB3C23FA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AxrHI8JunQIE_ueUVgLWzMaL0DU.roa
Signing time: Mon 02 Jan 2023 13:44:42 +0000
ROA not before: Mon 02 Jan 2023 13:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 45.148.118.0/24 maxlen: 24
2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Jan 2023 16:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:2f:91:a4:68:bb:a4:80:4e:8d:57:ab:3c:23:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 13:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=031ac723c26e9d0204fee7945602d6ccc68bd035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:19:15:e4:2f:e5:4e:1d:5e:90:70:42:5c:
92:b4:0d:17:33:32:a0:57:3b:46:47:46:9c:76:fe:
2f:0a:ad:06:cc:6c:ae:d1:61:73:1f:72:94:23:5d:
6f:d2:0e:0f:7e:f4:ab:f8:4a:9f:af:e1:73:c7:31:
a5:e1:b2:5d:17:d8:30:31:ee:5c:2a:d0:19:7a:3c:
4d:e1:49:63:99:5c:9b:14:0e:b8:df:86:4b:7a:fc:
d1:29:bc:b8:f0:74:cf:c5:56:8a:e7:ec:87:40:f4:
59:e2:38:2b:c1:d2:0b:bd:24:42:84:2a:15:bf:b8:
38:aa:ed:d0:a4:64:03:78:4b:d5:ef:8a:1e:b3:9c:
e6:ff:5e:2e:35:66:d8:43:e3:ab:66:60:57:c5:34:
3a:80:d7:34:ad:9d:5b:78:19:14:39:ab:ab:46:c5:
f8:32:7a:54:89:0a:e9:47:a3:fe:32:73:f9:46:e3:
b0:4d:c8:a2:c8:81:79:42:bf:7b:23:49:4d:2e:a1:
f9:fc:54:82:b9:d3:ca:ea:0e:e7:a0:1a:27:c6:06:
ac:1d:29:60:18:c3:31:aa:ce:96:e2:6d:a4:e0:28:
7c:d9:cd:2c:31:ec:97:e0:46:06:9c:82:90:60:c7:
50:5e:6e:26:f1:e5:32:fb:31:29:47:1a:26:f1:52:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1A:C7:23:C2:6E:9D:02:04:FE:E7:94:56:02:D6:CC:C6:8B:D0:35
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/AxrHI8JunQIE_ueUVgLWzMaL0DU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/24
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
00:3d:6d:da:da:cc:aa:f2:07:6b:b4:36:b1:ff:a8:04:fc:41:
04:60:bc:b5:6d:ae:5d:ed:c7:5d:4d:31:2c:d6:b2:8c:5c:9b:
7c:9d:07:a1:29:c7:f7:ae:de:cd:10:bb:b1:4f:aa:d0:bb:f6:
f5:f7:f2:10:02:87:2a:c9:90:65:22:01:8c:b0:b1:7c:91:b8:
bd:34:12:c4:51:09:de:82:78:c7:0e:5f:38:33:d2:2b:2b:07:
10:ef:e8:dc:1d:70:1e:d4:ba:59:e1:ac:e8:bc:47:83:2c:eb:
18:04:10:b2:21:8f:0f:b1:4e:81:d8:20:a3:2f:0e:4f:00:6e:
f8:a6:ef:24:a5:27:db:0e:f9:57:89:fc:b9:86:ff:8a:d6:4e:
fa:cd:1b:cb:bb:e7:9c:9d:75:4f:61:34:b9:9f:e0:f9:1b:d9:
8f:40:0d:5a:a7:db:49:d4:b3:25:b9:ca:30:7c:1d:bd:30:a9:
8b:03:44:d8:9e:07:b5:24:8b:ab:00:bd:cf:8b:fe:e9:d9:7b:
9c:01:12:1e:92:0f:b6:73:cf:9d:42:75:85:57:46:a6:0d:e5:
b3:dc:91:29:95:ee:98:72:3c:ec:74:26:20:30:f2:fc:33:1b:
72:81:57:aa:4c:2f:c7:a0:33:50:db:89:9c:5e:92:8a:71:63:
ab:7a:bd:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyui+RpGi7pIBOjVerPCP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMTM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFhYzcyM2MyNmU5ZDAyMDRmZWU3OTQ1NjAyZDZjY2M2OGJkMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnsZFeQv5U4dXpBwQlyStA0XMzKg
VztGR0acdv4vCq0GzGyu0WFzH3KUI11v0g4PfvSr+Eqfr+FzxzGl4bJdF9gwMe5c
KtAZejxN4UljmVybFA6434ZLevzRKby48HTPxVaK5+yHQPRZ4jgrwdILvSRChCoV
v7g4qu3QpGQDeEvV74oes5zm/14uNWbYQ+OrZmBXxTQ6gNc0rZ1beBkUOaurRsX4
MnpUiQrpR6P+MnP5RuOwTciiyIF5Qr97I0lNLqH5/FSCudPK6g7noBonxgasHSlg
GMMxqs6W4m2k4Ch82c0sMeyX4EYGnIKQYMdQXm4m8eUy+zEpRxom8VKR7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAMaxyPCbp0CBP7nlFYC1szGi9A1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQXhySEk4SnVuUUlFX3VlVVZnTFd6TWFMMERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBAAA9bdrazKryB2u0NrH/
qAT8QQRgvLVtrl3tx11NMSzWsoxcm3ydB6Epx/eu3s0Qu7FPqtC79vX38hAChyrJ
kGUiAYywsXyRuL00EsRRCd6CeMcOXzgz0isrBxDv6NwdcB7UulnhrOi8R4Ms6xgE
ELIhjw+xToHYIKMvDk8Abvim7ySlJ9sO+VeJ/LmG/4rWTvrNG8u755yddU9hNLmf
4Pkb2Y9ADVqn20nUsyW5yjB8Hb0wqYsDRNieB7Uki6sAvc+L/unZe5wBEh6SD7Zz
z51CdYVXRqYN5bPckSmV7phyPOx0JiAw8vwzG3KBV6pML8egM1DbiZxekopxY6t6
vSc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:27 2024 by rpki-client on console-fra.rpki-client.org