Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTlXPFzbQv9RrTP7P_SDGBgtSE8.roa
File: iTlXPFzbQv9RrTP7P_SDGBgtSE8.roa (raw, json)
Hash identifier: 4+4tYlsKsYq9+LorinkllVvm/XkYquuz7Q6RnkyduxY=
Subject key identifier: 89:39:57:3C:5C:DB:42:FF:51:AD:33:FB:3F:F4:83:18:18:2D:48:4F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E7AEEE5431B21448EAA90F97AA9DCB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTlXPFzbQv9RrTP7P_SDGBgtSE8.roa
Signing time: Mon 02 Jan 2023 05:15:09 +0000
ROA not before: Mon 02 Jan 2023 05:15:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 45.148.118.0/24 maxlen: 24
2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Jan 2023 07:44:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:ae:ee:54:31:b2:14:48:ea:a9:0f:97:aa:9d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:15:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8939573c5cdb42ff51ad33fb3ff48318182d484f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:c9:5d:f8:d9:56:7a:78:c9:65:8f:e8:e7:
8f:4d:66:11:d0:2a:75:d1:12:3a:26:cc:00:ef:20:
91:82:1c:20:36:26:38:30:d7:75:39:3d:41:a6:ee:
d9:37:f2:8d:d2:40:77:9e:50:6d:3d:ea:41:e8:9e:
64:a2:ff:0c:4b:2b:c4:7e:7b:d5:18:e5:bb:e6:c6:
a8:69:05:9a:13:02:b8:c0:bb:de:85:06:62:ba:75:
64:53:46:f9:c7:d6:40:9b:b8:ba:27:51:b8:e1:bb:
55:c1:4c:74:cb:29:77:62:3e:d4:1f:3e:17:4f:05:
bd:ff:ea:aa:5b:85:d4:7a:03:1a:3c:d5:90:6e:5d:
15:09:ec:87:58:be:1e:df:b4:6a:18:08:62:f4:92:
b8:ad:ae:d1:94:24:ec:db:1d:1c:fc:02:4c:39:ee:
65:29:b6:e0:2b:4a:4b:f9:45:de:fb:60:26:c8:d4:
a2:7a:51:ab:36:33:ad:13:9f:b2:5a:80:4a:af:6f:
d9:16:97:8a:68:3c:0d:83:91:9b:a6:41:87:a8:e3:
0d:b8:e0:13:49:5e:90:55:30:8c:b2:9b:36:2a:90:
24:fb:56:f4:8e:d8:19:8c:80:6f:6e:f5:0e:4e:f7:
7d:97:56:09:03:9b:67:63:fa:37:8b:d3:b8:db:45:
0d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:39:57:3C:5C:DB:42:FF:51:AD:33:FB:3F:F4:83:18:18:2D:48:4F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iTlXPFzbQv9RrTP7P_SDGBgtSE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/24
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
a1:44:b4:96:4d:9c:4c:c7:20:35:d5:be:e7:25:1f:4f:9f:c7:
57:f9:de:b5:dc:56:d1:7f:ef:b8:a0:77:6c:73:b0:97:af:6b:
a3:b7:b7:80:13:fb:98:71:9f:92:04:fd:25:c5:ab:04:a2:0c:
5a:4d:5e:12:31:be:fd:86:8f:b2:4d:1e:4a:09:4c:cd:8a:ff:
87:ca:8b:cd:e0:57:d5:43:93:ac:71:3d:5d:e5:35:63:e2:e3:
e0:b7:43:0d:10:71:82:ea:c5:3e:ea:c1:6f:be:6d:6b:95:48:
61:b2:3e:ab:5f:cc:30:07:87:90:d3:3f:13:a2:e8:91:56:a9:
ca:58:ae:e0:7f:84:0d:12:48:f5:75:18:29:f2:61:bf:96:5d:
94:44:35:70:87:03:09:0f:d0:95:08:db:9b:81:7b:4e:44:29:
83:2a:36:0a:48:a2:fe:58:22:62:bc:d0:fc:7e:4c:b0:c3:81:
b3:22:f2:09:82:90:fa:71:56:fa:bf:53:5d:19:66:93:36:a4:
a4:a7:71:4c:1d:a2:b5:42:e7:9f:a8:3f:78:b9:68:3c:78:be:
db:5e:0f:a0:af:0f:94:1f:85:70:99:b6:85:6f:4e:74:88:84:
4b:1e:7e:a5:d0:7a:17:1f:8a:6f:f7:68:f3:15:8b:f5:3a:67:
fe:3d:2d:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw567uVDGyFEjqqQ+Xqp3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM5NTczYzVjZGI0MmZmNTFhZDMzZmIzZmY0ODMxODE4MmQ0ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmDJXfjZVnp4yWWP6OePTWYR0Cp1
0RI6JswA7yCRghwgNiY4MNd1OT1Bpu7ZN/KN0kB3nlBtPepB6J5kov8MSyvEfnvV
GOW75saoaQWaEwK4wLvehQZiunVkU0b5x9ZAm7i6J1G44btVwUx0yyl3Yj7UHz4X
TwW9/+qqW4XUegMaPNWQbl0VCeyHWL4e37RqGAhi9JK4ra7RlCTs2x0c/AJMOe5l
KbbgK0pL+UXe+2AmyNSielGrNjOtE5+yWoBKr2/ZFpeKaDwNg5GbpkGHqOMNuOAT
SV6QVTCMsps2KpAk+1b0jtgZjIBvbvUOTvd9l1YJA5tnY/o3i9O420UN5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIk5Vzxc20L/Ua0z+z/0gxgYLUhPMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVRsWFBGemJRdjlSclRQN1BfU0RHQmd0U0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBAKFEtJZNnEzHIDXVvucl
H0+fx1f53rXcVtF/77igd2xzsJeva6O3t4AT+5hxn5IE/SXFqwSiDFpNXhIxvv2G
j7JNHkoJTM2K/4fKi83gV9VDk6xxPV3lNWPi4+C3Qw0QcYLqxT7qwW++bWuVSGGy
PqtfzDAHh5DTPxOi6JFWqcpYruB/hA0SSPV1GCnyYb+WXZRENXCHAwkP0JUI25uB
e05EKYMqNgpIov5YImK80Px+TLDDgbMi8gmCkPpxVvq/U10ZZpM2pKSncUwdorVC
55+oP3i5aDx4vtteD6CvD5QfhXCZtoVvTnSIhEsefqXQehcfim/3aPMVi/U6Z/49
LR8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:10 2024 by rpki-client on console-ams.rpki-client.org