Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RPoftIpdvSDl-M9a5r_f13pONYk.roa
File: RPoftIpdvSDl-M9a5r_f13pONYk.roa (raw, json)
Hash identifier: hJMBEsXsqKzTxSY90jMo+pddtQb0qHngLUShMjB8WDs=
Subject key identifier: 44:FA:1F:B4:8A:5D:BD:20:E5:F8:CF:5A:E6:BF:DF:D7:7A:4E:35:89
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185736822023E053C6D4C0E477E11853CF9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RPoftIpdvSDl-M9a5r_f13pONYk.roa
Signing time: Mon 02 Jan 2023 16:54:42 +0000
ROA not before: Mon 02 Jan 2023 16:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202827
IP address blocks: 45.148.117.0/24 maxlen: 24
2a0e:b107:1ce1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Jan 2023 21:05:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:22:02:3e:05:3c:6d:4c:0e:47:7e:11:85:3c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 16:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44fa1fb48a5dbd20e5f8cf5ae6bfdfd77a4e3589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f8:e3:55:e4:84:97:3b:2a:f8:ba:3e:ce:41:
d3:31:89:7c:26:a0:94:c3:a7:45:fa:50:23:75:83:
55:6e:c9:3f:ef:c5:5f:63:ff:bf:ea:a2:20:4d:84:
2c:79:d1:65:b9:3d:ad:65:4f:1e:8e:f9:5e:2b:da:
ad:c5:5c:43:34:08:29:72:c0:71:8e:b5:f7:bc:73:
b4:f6:24:2f:30:85:a7:86:73:93:e4:0d:ca:e9:d9:
f6:8e:6f:91:d2:b0:2b:b7:86:cd:3b:fc:0c:9e:70:
2d:16:df:41:da:7a:b7:ba:d8:42:e4:a3:c7:56:a9:
24:3b:ff:de:c3:ba:d6:ac:6e:2f:84:16:83:bf:3e:
e9:34:61:e7:f1:3a:be:4a:e3:72:6e:05:ab:9d:65:
2a:9a:82:e6:ce:7e:05:f1:d6:15:60:2e:e9:86:73:
e9:ce:e8:3c:0d:37:a1:9f:52:5c:98:ca:58:97:e5:
f4:d2:67:d8:46:53:ab:5e:0c:c4:7e:e7:7b:ec:91:
d2:b0:e1:2d:c7:09:9f:73:86:23:76:0e:ff:3e:78:
51:ca:dc:c0:a9:93:29:5a:1b:5a:03:d5:5d:cf:33:
1d:47:ed:7c:0b:a4:d3:85:8d:0a:f8:de:40:0f:bc:
18:1a:b1:59:e6:33:c3:f6:0a:f5:7d:f0:8e:07:f1:
45:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FA:1F:B4:8A:5D:BD:20:E5:F8:CF:5A:E6:BF:DF:D7:7A:4E:35:89
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/RPoftIpdvSDl-M9a5r_f13pONYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.117.0/24
IPv6:
2a0e:b107:1ce1::/48
Signature Algorithm: sha256WithRSAEncryption
06:52:cb:fd:51:d6:da:87:67:e7:62:ef:97:7b:c4:b8:6d:c0:
de:c0:60:f8:ef:63:16:92:30:e9:6c:b3:21:cd:3f:ae:d1:8e:
dc:ce:cb:20:d0:0e:fe:ca:6e:69:a9:97:77:d6:27:92:dc:86:
49:55:a1:be:36:f0:3f:9c:7a:9a:2f:5e:a8:9b:4d:6f:93:76:
cb:f7:f2:b1:d1:82:a6:12:65:c5:5b:f6:d9:08:1a:70:8b:68:
03:72:fe:05:60:66:0e:75:2d:89:c9:7a:d6:c5:1d:ce:7b:6a:
3a:25:55:f5:04:5b:7b:ca:32:0c:cc:81:48:27:de:41:52:3a:
b3:2c:b2:40:a2:8f:8c:cc:5e:1e:e4:a2:9d:90:40:23:7d:b8:
89:10:16:3d:63:ec:9c:1b:92:07:6a:c6:7f:1a:f7:cf:58:2d:
dc:d8:81:3f:c1:1b:a9:80:09:bf:05:16:1b:42:89:68:3e:96:
7f:7f:c1:85:48:ab:79:08:5e:a0:05:15:f7:d8:7a:79:8a:57:
e0:17:c4:40:8d:e1:b7:3d:5b:6c:cd:67:1e:95:e0:f8:33:29:
1a:94:48:ee:64:f2:2f:e6:2d:ec:14:f0:41:63:22:00:aa:53:
83:f3:32:57:b9:7f:4f:eb:2b:c6:89:73:d4:0f:49:8d:4e:7a:
dd:a5:78:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzaCICPgU8bUwOR34RhTz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMTY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGZhMWZiNDhhNWRiZDIwZTVmOGNmNWFlNmJmZGZkNzdhNGUzNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/jjVeSElzsq+Lo+zkHTMYl8JqCU
w6dF+lAjdYNVbsk/78VfY/+/6qIgTYQsedFluT2tZU8ejvleK9qtxVxDNAgpcsBx
jrX3vHO09iQvMIWnhnOT5A3K6dn2jm+R0rArt4bNO/wMnnAtFt9B2nq3uthC5KPH
VqkkO//ew7rWrG4vhBaDvz7pNGHn8Tq+SuNybgWrnWUqmoLmzn4F8dYVYC7phnPp
zug8DTehn1JcmMpYl+X00mfYRlOrXgzEfud77JHSsOEtxwmfc4Yjdg7/PnhRytzA
qZMpWhtaA9VdzzMdR+18C6TThY0K+N5AD7wYGrFZ5jPD9gr1ffCOB/FFRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFET6H7SKXb0g5fjPWua/39d6TjWJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUlBvZnRJcGR2U0RsLU05YTVyX2YxM3BPTllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR1MA8E
AgACMAkDBwAqDrEHHOEwDQYJKoZIhvcNAQELBQADggEBAAZSy/1R1tqHZ+di75d7
xLhtwN7AYPjvYxaSMOlssyHNP67RjtzOyyDQDv7Kbmmpl3fWJ5LchklVob428D+c
epovXqibTW+Tdsv38rHRgqYSZcVb9tkIGnCLaANy/gVgZg51LYnJetbFHc57ajol
VfUEW3vKMgzMgUgn3kFSOrMsskCij4zMXh7kop2QQCN9uIkQFj1j7Jwbkgdqxn8a
989YLdzYgT/BG6mACb8FFhtCiWg+ln9/wYVIq3kIXqAFFffYenmKV+AXxECN4bc9
W2zNZx6V4PgzKRqUSO5k8i/mLewU8EFjIgCqU4PzMle5f0/rK8aJc9QPSY1Oet2l
eG4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:02 2024 by rpki-client on console-ams.rpki-client.org