Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/dA_mwnwClxNhC8eOgvGBjI2xtJw.roa
File: dA_mwnwClxNhC8eOgvGBjI2xtJw.roa (raw, json)
Hash identifier: Bm3DLF3P3iCMXUyft0e3M4orgxAwU5XAWw6yTx+gTTU=
Subject key identifier: 74:0F:E6:C2:7C:02:97:13:61:0B:C7:8E:82:F1:81:8C:8D:B1:B4:9C
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 018B1B907D109CFB90236D35047668CA5FE8
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/dA_mwnwClxNhC8eOgvGBjI2xtJw.roa
Signing time: Tue 10 Oct 2023 21:48:55 +0000
ROA not before: Tue 10 Oct 2023 21:48:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.150.51.0/24 maxlen: 24
45.150.50.0/24 maxlen: 24
94.199.7.0/24 maxlen: 24
45.150.48.0/24 maxlen: 24
45.150.49.0/24 maxlen: 24
5.181.15.0/24 maxlen: 24
5.181.14.0/24 maxlen: 24
5.181.12.0/24 maxlen: 24
5.181.13.0/24 maxlen: 24
45.159.181.0/24 maxlen: 24
45.159.180.0/24 maxlen: 24
45.159.183.0/24 maxlen: 24
45.159.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:90:7d:10:9c:fb:90:23:6d:35:04:76:68:ca:5f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Oct 10 21:48:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=740fe6c27c029713610bc78e82f1818c8db1b49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:14:69:28:89:e0:7a:04:76:18:25:9b:50:c7:
1d:87:c6:67:01:c5:ae:c4:9a:83:a7:00:36:f8:f7:
d8:ba:58:82:a6:38:ce:e0:ac:4a:eb:8a:dc:f8:0d:
19:13:9f:8a:4a:db:f7:c6:06:de:72:a6:e5:7b:6b:
f4:57:15:67:c9:ad:80:e6:c9:ce:bd:d1:71:0c:d1:
c3:65:e1:8d:ef:03:18:0e:30:8c:ae:08:af:70:1c:
19:d1:06:ac:e2:a1:cf:35:d0:c0:c2:8a:0f:78:73:
cd:52:db:e9:50:1d:79:2e:89:df:e3:85:80:a9:31:
72:79:45:cd:28:17:05:5e:91:54:77:f8:66:af:29:
35:d2:49:51:c4:d0:59:6d:70:60:a5:ce:77:3d:18:
d9:59:0e:e6:2b:63:5b:fa:56:fd:22:d6:d3:d4:69:
2b:97:ee:6d:58:2d:4d:6e:d4:5c:09:9a:82:90:e7:
58:e0:39:30:df:28:7b:56:c8:89:08:5e:1a:e9:e2:
12:85:74:59:19:a2:46:70:ca:44:9f:a2:7b:ac:ab:
6f:33:8c:82:a0:6b:d8:83:d8:5a:27:08:ec:96:f6:
29:3f:28:4d:10:12:cb:2f:e9:af:b5:b2:dc:f9:0c:
3d:6a:ee:03:cf:ac:a1:f7:7d:ca:bc:f7:43:43:3c:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0F:E6:C2:7C:02:97:13:61:0B:C7:8E:82:F1:81:8C:8D:B1:B4:9C
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/dA_mwnwClxNhC8eOgvGBjI2xtJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.12.0/22
45.150.48.0/22
45.159.180.0/22
94.199.7.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:d1:db:d5:2f:c7:da:2c:fc:04:78:00:ee:39:eb:8c:5f:b1:
2d:d7:61:5a:07:69:bf:40:b3:d2:38:90:73:f4:2c:b2:94:38:
56:ad:97:06:a3:ff:a4:41:0a:a3:d0:73:96:17:9c:e5:cd:b4:
d9:f0:da:54:fb:16:9b:ee:8e:ee:11:fe:a4:1d:11:49:7f:f6:
bb:54:bc:14:ae:14:d4:6c:65:94:f7:43:45:10:bb:8d:65:a0:
ff:81:2e:f7:71:64:80:38:80:5d:da:71:e0:6a:f1:40:84:08:
4f:72:68:d5:66:ac:e6:b9:1e:72:86:6d:7d:08:56:0e:35:ba:
48:ce:20:44:18:07:e0:50:7b:55:4a:47:7d:e6:fa:3d:f7:14:
4c:52:41:a2:c8:9a:0a:f3:90:09:81:97:c5:a8:79:c3:02:47:
fd:d3:6d:12:12:96:be:ff:0d:b5:a2:37:ce:a4:0f:30:28:7b:
98:6c:bb:4c:89:cc:75:74:71:45:ce:70:c1:80:a6:bf:1b:53:
d2:bf:f6:b5:d3:66:b7:15:21:43:2a:da:d9:0b:c7:c1:3b:4b:
46:16:a3:d7:26:0d:e5:db:42:eb:a9:1d:b6:04:6c:3b:6c:c1:
72:9d:ce:1b:22:66:0b:d4:26:c7:c8:5e:2b:4c:a8:5b:3f:88:
5f:aa:3e:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsbkH0QnPuQI201BHZoyl/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjMxMDEwMjE0ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBmZTZjMjdjMDI5NzEzNjEwYmM3OGU4MmYxODE4YzhkYjFiNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohRpKIngegR2GCWbUMcdh8ZnAcWu
xJqDpwA2+PfYuliCpjjO4KxK64rc+A0ZE5+KStv3xgbecqble2v0VxVnya2A5snO
vdFxDNHDZeGN7wMYDjCMrgivcBwZ0Qas4qHPNdDAwooPeHPNUtvpUB15Lonf44WA
qTFyeUXNKBcFXpFUd/hmryk10klRxNBZbXBgpc53PRjZWQ7mK2Nb+lb9ItbT1Gkr
l+5tWC1NbtRcCZqCkOdY4Dkw3yh7VsiJCF4a6eIShXRZGaJGcMpEn6J7rKtvM4yC
oGvYg9haJwjslvYpPyhNEBLLL+mvtbLc+Qw9au4Dz6yh933KvPdDQzyXiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQP5sJ8ApcTYQvHjoLxgYyNsbScMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvZEFfbXdud0NseE5oQzhlT2d2R0JqSTJ4dEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbUMAwQC
LZYwAwQCLZ+0AwQAXscHMA0GCSqGSIb3DQEBCwUAA4IBAQA+0dvVL8faLPwEeADu
OeuMX7Et12FaB2m/QLPSOJBz9CyylDhWrZcGo/+kQQqj0HOWF5zlzbTZ8NpU+xab
7o7uEf6kHRFJf/a7VLwUrhTUbGWU90NFELuNZaD/gS73cWSAOIBd2nHgavFAhAhP
cmjVZqzmuR5yhm19CFYONbpIziBEGAfgUHtVSkd95vo99xRMUkGiyJoK85AJgZfF
qHnDAkf9020SEpa+/w21ojfOpA8wKHuYbLtMicx1dHFFznDBgKa/G1PSv/a102a3
FSFDKtrZC8fBO0tGFqPXJg3l20LrqR22BGw7bMFync4bImYL1CbHyF4rTKhbP4hf
qj5Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:12 2024 by rpki-client on console-ams.rpki-client.org