Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ktpUBUJii9B6jjRcBpUfgxozgWU.roa
File: ktpUBUJii9B6jjRcBpUfgxozgWU.roa (raw, json)
Hash identifier: yePo6eQREPHes5tTgivd7DJY3BagNtIIBR4HJMvD8XE=
Subject key identifier: 92:DA:54:05:42:62:8B:D0:7A:8E:34:5C:06:95:1F:83:1A:33:81:65
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186A2DE1C87C4C0661E5988C0F335445B6C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ktpUBUJii9B6jjRcBpUfgxozgWU.roa
Signing time: Thu 02 Mar 2023 15:08:30 +0000
ROA not before: Thu 02 Mar 2023 15:08:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 45.148.118.0/24 maxlen: 24
2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Apr 2023 10:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:de:1c:87:c4:c0:66:1e:59:88:c0:f3:35:44:5b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 2 15:08:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92da540542628bd07a8e345c06951f831a338165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b4:2c:ee:67:b1:55:7d:30:84:19:d3:80:7b:
e5:93:6d:a2:bf:f3:55:a6:06:11:18:a5:22:49:55:
25:d5:50:7b:b8:b1:8e:d2:18:cd:83:ba:53:62:70:
4c:12:b2:08:62:a6:69:9a:c7:f9:cf:e9:27:66:06:
55:59:7e:d9:59:c3:41:ed:54:5c:59:3f:19:3a:c5:
88:d6:6d:d2:21:a2:78:e7:64:e3:5e:69:5f:5c:09:
bb:36:7d:e7:93:f9:b8:70:89:bf:d1:c3:0e:ce:59:
cb:91:5a:6b:e7:85:92:02:d2:99:cb:49:f0:1b:f1:
4d:06:c4:d2:9d:68:cb:5b:db:dd:f0:22:1c:8e:34:
b3:df:5c:47:18:4a:37:d7:66:33:d5:03:69:0a:a0:
eb:f8:cb:f7:c8:6b:0f:18:8a:ad:07:5c:7f:92:85:
fd:bc:86:63:bf:61:03:16:71:95:23:f2:b2:7a:0e:
f0:cc:c4:0e:5b:8d:bd:c1:d2:4e:58:2a:cb:63:63:
38:27:f5:1a:74:89:d1:6c:a1:2d:f9:43:09:1a:da:
f6:d8:c1:be:53:c8:d6:71:db:3e:1a:fe:61:cd:30:
9e:c1:03:10:79:35:87:ff:61:4f:8b:b8:69:d5:2b:
4b:df:50:26:09:69:39:f0:18:08:bf:a1:a0:d4:cf:
6b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DA:54:05:42:62:8B:D0:7A:8E:34:5C:06:95:1F:83:1A:33:81:65
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ktpUBUJii9B6jjRcBpUfgxozgWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/24
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
14:c5:77:45:66:b0:70:df:6e:75:66:b0:5b:cf:05:ab:13:18:
2d:eb:d5:0f:d3:dd:db:2f:11:30:b3:51:5b:05:80:0c:83:52:
50:8c:a4:26:ba:34:d4:1b:00:f7:52:8b:9e:26:a9:98:e9:23:
59:46:2a:af:ab:3c:aa:16:ee:d7:61:dc:21:d8:88:94:fe:e3:
2a:15:52:6d:2d:bd:b3:f4:4e:3c:ad:8c:b8:8f:50:3f:c0:14:
0e:02:2b:c6:fc:55:cf:be:3c:28:dc:ba:e2:05:1c:9d:9f:a2:
85:6a:af:39:c3:f5:56:5d:3d:59:67:07:0c:cc:9a:e2:a2:48:
95:37:79:8e:89:f2:bf:a1:00:26:83:18:36:75:a6:40:9f:d8:
a3:2b:6d:a2:f4:66:2d:09:4a:4e:04:0f:4b:9e:4d:c6:ba:1b:
4d:ed:ef:8a:55:2f:1e:78:c2:a7:e5:4c:61:cc:0b:db:2c:b1:
3a:04:4e:d9:d3:53:b4:52:72:2d:97:6b:ff:a0:4b:88:bd:66:
86:d9:fd:e2:9d:f7:26:93:74:d5:f9:b9:3c:e1:8f:a8:4d:39:
08:fd:04:10:06:79:2a:88:41:63:1e:a9:f0:9f:eb:a7:46:81:
52:3c:5e:4a:be:c9:6c:28:fd:bb:d7:8a:1e:eb:a4:d9:22:d1:
5a:5d:3e:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYai3hyHxMBmHlmIwPM1RFtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAyMTUwODMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRhNTQwNTQyNjI4YmQwN2E4ZTM0NWMwNjk1MWY4MzFhMzM4MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrQs7mexVX0whBnTgHvlk22iv/NV
pgYRGKUiSVUl1VB7uLGO0hjNg7pTYnBMErIIYqZpmsf5z+knZgZVWX7ZWcNB7VRc
WT8ZOsWI1m3SIaJ452TjXmlfXAm7Nn3nk/m4cIm/0cMOzlnLkVpr54WSAtKZy0nw
G/FNBsTSnWjLW9vd8CIcjjSz31xHGEo312Yz1QNpCqDr+Mv3yGsPGIqtB1x/koX9
vIZjv2EDFnGVI/Kyeg7wzMQOW429wdJOWCrLY2M4J/UadInRbKEt+UMJGtr22MG+
U8jWcds+Gv5hzTCewQMQeTWH/2FPi7hp1StL31AmCWk58BgIv6Gg1M9rnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLaVAVCYovQeo40XAaVH4MaM4FlMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva3RwVUJVSmlpOUI2ampSY0JwVWZneG96Z1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBABTFd0VmsHDfbnVmsFvP
BasTGC3r1Q/T3dsvETCzUVsFgAyDUlCMpCa6NNQbAPdSi54mqZjpI1lGKq+rPKoW
7tdh3CHYiJT+4yoVUm0tvbP0TjytjLiPUD/AFA4CK8b8Vc++PCjcuuIFHJ2fooVq
rznD9VZdPVlnBwzMmuKiSJU3eY6J8r+hACaDGDZ1pkCf2KMrbaL0Zi0JSk4ED0ue
Tca6G03t74pVLx54wqflTGHMC9sssToETtnTU7RSci2Xa/+gS4i9ZobZ/eKd9yaT
dNX5uTzhj6hNOQj9BBAGeSqIQWMeqfCf66dGgVI8Xkq+yWwo/bvXih7rpNki0Vpd
Pmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:11 2024 by rpki-client on console-ams.rpki-client.org