Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vju5CtJqCZGnFS6tsfAQ-9yoC7k.roa
File: vju5CtJqCZGnFS6tsfAQ-9yoC7k.roa (raw, json)
Hash identifier: z1sFHZooXG4aVVezr7XMIUyH9w+vtcgqE0OSvS0gRZo=
Subject key identifier: BE:3B:B9:0A:D2:6A:09:91:A7:15:2E:AD:B1:F0:10:FB:DC:A8:0B:B9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185749AD51B7A01E5B5CF5CF4D91CCAD974
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vju5CtJqCZGnFS6tsfAQ-9yoC7k.roa
Signing time: Mon 02 Jan 2023 22:29:42 +0000
ROA not before: Mon 02 Jan 2023 22:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202827
IP address blocks: 45.148.117.0/24 maxlen: 24
2a0e:b107:1ce1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jan 2023 02:07:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:74:9a:d5:1b:7a:01:e5:b5:cf:5c:f4:d9:1c:ca:d9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 22:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be3bb90ad26a0991a7152eadb1f010fbdca80bb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:c6:7c:01:23:2b:bf:8b:c1:53:d8:31:b9:
88:cc:96:c5:6a:22:ce:18:b1:66:c0:c1:fd:d2:55:
ea:f5:16:b2:2e:40:da:44:15:29:ab:34:1a:74:d6:
3c:bf:2d:49:c8:24:84:34:4c:a8:04:54:ca:1e:26:
d2:07:fd:af:99:09:78:0f:c8:c9:81:13:e9:d1:17:
6c:0c:60:a2:df:6e:3b:94:53:16:69:35:ef:ee:17:
64:4f:f9:5f:e9:d3:a7:20:56:8f:dd:16:7c:59:99:
b7:f6:9d:da:51:e5:74:f5:21:cb:8a:fa:d7:ac:e2:
7e:3c:e2:91:74:0d:06:d2:a0:24:e6:5d:f7:5f:f2:
6e:d8:89:d0:b9:75:22:71:00:c5:c8:72:ed:4f:f0:
04:43:91:43:5d:57:70:c8:3c:98:5f:90:4c:f2:ed:
77:21:dd:22:86:d9:e3:79:2f:67:35:8b:97:3d:56:
59:83:d6:99:e1:2d:1c:59:8c:22:de:e2:a4:77:02:
30:11:65:4a:f7:07:bc:67:3b:e4:03:a8:17:9b:1d:
1d:47:f5:6b:36:8c:88:db:ec:29:6e:1a:73:b7:59:
bf:86:2e:22:a4:6d:d2:70:86:3d:90:4d:39:88:d6:
c1:54:3e:e5:b5:8c:d6:8a:2a:c4:87:8b:ae:1d:92:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3B:B9:0A:D2:6A:09:91:A7:15:2E:AD:B1:F0:10:FB:DC:A8:0B:B9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vju5CtJqCZGnFS6tsfAQ-9yoC7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.117.0/24
IPv6:
2a0e:b107:1ce1::/48
Signature Algorithm: sha256WithRSAEncryption
09:7f:8d:fb:97:5b:2f:10:42:cf:20:6f:48:90:1c:c6:bd:ec:
26:a4:f1:dd:5b:d3:6a:47:81:d8:71:0a:c1:66:7e:35:c5:38:
20:43:d5:15:88:ae:94:b7:97:51:2a:93:d0:4b:30:a3:f4:e6:
eb:09:03:30:ad:4f:88:d8:9e:61:06:0d:f8:b6:0b:64:8d:f9:
21:b9:1e:d6:e9:4f:61:d0:47:fe:ab:7b:99:78:47:08:ad:12:
48:1e:65:f6:ee:ff:9d:60:32:bb:83:95:e3:8c:cc:f5:96:c9:
f4:b4:41:9e:81:15:7e:a7:a5:81:1a:ab:c4:e4:1b:00:c0:ea:
c2:f3:84:8a:a1:e9:b3:d9:16:66:53:65:ac:2e:b1:3a:75:74:
80:b7:31:bb:5c:85:c8:7b:d1:d3:dc:6b:ca:15:ea:da:ad:37:
f8:01:e3:3c:72:d0:c1:f7:28:fa:51:a6:e3:46:2d:ab:ed:52:
a1:4e:8f:03:7b:04:f9:e2:21:a3:a8:14:e6:3c:37:3d:25:de:
bb:8a:98:71:03:22:55:1f:d7:52:b9:37:27:94:fb:68:89:73:
1d:4f:e9:e4:15:a0:13:08:19:ba:fe:66:69:bc:d7:79:d7:3a:
8b:15:cf:22:57:7f:40:9a:65:e8:a7:1c:4a:80:80:b5:83:b3:
31:4f:15:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV0mtUbegHltc9c9Nkcytl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMjIyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNiYjkwYWQyNmEwOTkxYTcxNTJlYWRiMWYwMTBmYmRjYTgwYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjD7GfAEjK7+LwVPYMbmIzJbFaiLO
GLFmwMH90lXq9RayLkDaRBUpqzQadNY8vy1JyCSENEyoBFTKHibSB/2vmQl4D8jJ
gRPp0RdsDGCi3247lFMWaTXv7hdkT/lf6dOnIFaP3RZ8WZm39p3aUeV09SHLivrX
rOJ+POKRdA0G0qAk5l33X/Ju2InQuXUicQDFyHLtT/AEQ5FDXVdwyDyYX5BM8u13
Id0ihtnjeS9nNYuXPVZZg9aZ4S0cWYwi3uKkdwIwEWVK9we8ZzvkA6gXmx0dR/Vr
NoyI2+wpbhpzt1m/hi4ipG3ScIY9kE05iNbBVD7ltYzWiirEh4uuHZK4QQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL47uQrSagmRpxUurbHwEPvcqAu5MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdmp1NUN0SnFDWkduRlM2dHNmQVEtOXlvQzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR1MA8E
AgACMAkDBwAqDrEHHOEwDQYJKoZIhvcNAQELBQADggEBAAl/jfuXWy8QQs8gb0iQ
HMa97Cak8d1b02pHgdhxCsFmfjXFOCBD1RWIrpS3l1Eqk9BLMKP05usJAzCtT4jY
nmEGDfi2C2SN+SG5HtbpT2HQR/6re5l4RwitEkgeZfbu/51gMruDleOMzPWWyfS0
QZ6BFX6npYEaq8TkGwDA6sLzhIqh6bPZFmZTZawusTp1dIC3Mbtchch70dPca8oV
6tqtN/gB4zxy0MH3KPpRpuNGLavtUqFOjwN7BPniIaOoFOY8Nz0l3ruKmHEDIlUf
11K5NyeU+2iJcx1P6eQVoBMIGbr+Zmm813nXOosVzyJXf0CaZeinHEqAgLWDszFP
FRw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org