Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/sGQClI8yv33uYUqh8A3-0u0YekY.roa
File: sGQClI8yv33uYUqh8A3-0u0YekY.roa (raw, json)
Hash identifier: 9p0GoacewGB5hRrHXcDuCTdS3hXAq6rfpxgt6Y8uMYk=
Subject key identifier: B0:64:02:94:8F:32:BF:7D:EE:61:4A:A1:F0:0D:FE:D2:ED:18:7A:46
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 018CE0673076B0E639644627EF2AEA8ECBE9
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/sGQClI8yv33uYUqh8A3-0u0YekY.roa
Signing time: Sat 06 Jan 2024 20:11:48 +0000
ROA not before: Sat 06 Jan 2024 20:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.150.51.0/24 maxlen: 24
45.150.50.0/24 maxlen: 24
94.199.7.0/24 maxlen: 24
45.150.48.0/24 maxlen: 24
45.150.49.0/24 maxlen: 24
5.181.15.0/24 maxlen: 24
5.181.14.0/24 maxlen: 24
5.181.12.0/24 maxlen: 24
5.181.13.0/24 maxlen: 24
45.159.181.0/24 maxlen: 24
45.159.180.0/24 maxlen: 24
45.159.183.0/24 maxlen: 24
45.159.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jul 2024 17:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e0:67:30:76:b0:e6:39:64:46:27:ef:2a:ea:8e:cb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Jan 6 20:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b06402948f32bf7dee614aa1f00dfed2ed187a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ab:e9:6d:a1:de:53:4f:d4:45:83:8d:6f:d4:
f0:77:4b:fe:6c:d3:53:29:e7:fd:3a:cc:c6:2d:20:
74:83:a6:ed:7d:6e:30:74:96:22:46:a4:56:c1:e0:
6b:d8:9a:96:f6:fb:2f:d5:27:9a:a3:a3:f5:b7:46:
9c:a0:78:2d:5a:1f:a1:9a:65:fa:6a:21:7c:8e:28:
0a:ea:c5:de:1f:bd:5b:82:13:1c:af:f1:6a:7c:e6:
d5:8f:05:d1:76:a0:27:05:8f:3a:e0:4d:81:4e:d5:
62:4f:97:ad:41:ef:fa:6e:30:ab:f4:2b:dd:ef:68:
b9:4f:0d:97:dc:f4:33:ea:72:27:5e:bd:ce:07:01:
65:59:60:a0:b4:62:63:2c:73:9f:48:98:9e:df:b5:
e1:16:c1:c6:57:20:5c:a9:4a:9b:eb:b9:7b:bf:fd:
ca:0b:df:85:32:4d:dc:05:ad:90:3b:2c:57:59:4d:
bc:b1:68:47:7e:70:14:76:20:ff:63:2a:36:f9:a9:
b6:45:5b:85:bc:81:70:7c:dd:65:6f:78:4c:e8:ed:
50:71:f5:1b:63:cf:31:db:cb:21:91:7b:c5:d9:5c:
7e:c4:99:74:b3:83:d1:c0:21:b9:1b:0e:ba:2c:6f:
1b:28:fd:46:3d:42:c6:ab:f3:57:29:f7:55:a9:a9:
aa:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:64:02:94:8F:32:BF:7D:EE:61:4A:A1:F0:0D:FE:D2:ED:18:7A:46
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/sGQClI8yv33uYUqh8A3-0u0YekY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.12.0/22
45.150.48.0/22
45.159.180.0/22
94.199.7.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2b:98:78:28:08:57:c0:dd:d5:c4:8d:fa:fd:03:08:dd:d6:
6e:69:81:97:7f:49:06:92:77:58:04:45:b2:4e:1f:b9:f6:07:
3d:76:58:1b:39:24:f2:6d:dd:67:ba:29:30:57:c9:78:58:41:
03:8a:b8:56:f5:f0:29:eb:cf:d7:17:83:4d:8b:7c:43:69:51:
68:cf:9a:a6:d8:3e:be:ea:4a:0f:b8:19:72:1a:b9:8a:f5:5a:
ea:a0:bb:a8:99:7c:4d:9a:96:52:f3:94:b2:2b:eb:5e:f1:79:
1b:94:82:49:0b:eb:ed:4f:79:f9:1d:ac:9e:c7:9a:8e:c6:cf:
ec:97:9e:68:ec:5d:4c:c8:bc:d5:61:50:6e:31:66:37:bf:ba:
f1:bd:13:6c:20:24:e6:29:52:36:7b:61:5d:de:80:b9:aa:6b:
d7:54:27:1e:62:59:d8:05:3c:35:ab:24:a9:35:b4:6d:64:fe:
bc:c7:81:78:7c:76:98:a3:97:8d:ba:08:ac:35:b3:de:76:31:
20:d8:ca:5a:43:b2:a1:79:d6:7c:60:6e:0f:cb:71:74:7f:12:
23:43:7a:8c:a2:f5:0c:28:dc:04:f7:21:4d:99:c7:90:af:74:
48:20:6d:6a:fc:67:f5:50:80:ef:31:22:03:9f:ac:ad:54:96:
9e:cf:be:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzgZzB2sOY5ZEYn7yrqjsvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjQwMTA2MjAxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY0MDI5NDhmMzJiZjdkZWU2MTRhYTFmMDBkZmVkMmVkMTg3YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnavpbaHeU0/URYONb9Twd0v+bNNT
Kef9OszGLSB0g6btfW4wdJYiRqRWweBr2JqW9vsv1Seao6P1t0acoHgtWh+hmmX6
aiF8jigK6sXeH71bghMcr/FqfObVjwXRdqAnBY864E2BTtViT5etQe/6bjCr9Cvd
72i5Tw2X3PQz6nInXr3OBwFlWWCgtGJjLHOfSJie37XhFsHGVyBcqUqb67l7v/3K
C9+FMk3cBa2QOyxXWU28sWhHfnAUdiD/Yyo2+am2RVuFvIFwfN1lb3hM6O1QcfUb
Y88x28shkXvF2Vx+xJl0s4PRwCG5Gw66LG8bKP1GPULGq/NXKfdVqamqTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLBkApSPMr997mFKofAN/tLtGHpGMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvc0dRQ2xJOHl2MzN1WVVxaDhBMy0wdTBZZWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbUMAwQC
LZYwAwQCLZ+0AwQAXscHMA0GCSqGSIb3DQEBCwUAA4IBAQAjK5h4KAhXwN3VxI36
/QMI3dZuaYGXf0kGkndYBEWyTh+59gc9dlgbOSTybd1nuikwV8l4WEEDirhW9fAp
68/XF4NNi3xDaVFoz5qm2D6+6koPuBlyGrmK9VrqoLuomXxNmpZS85SyK+te8Xkb
lIJJC+vtT3n5Hayex5qOxs/sl55o7F1MyLzVYVBuMWY3v7rxvRNsICTmKVI2e2Fd
3oC5qmvXVCceYlnYBTw1qySpNbRtZP68x4F4fHaYo5eNugisNbPedjEg2MpaQ7Kh
edZ8YG4Py3F0fxIjQ3qMovUMKNwE9yFNmceQr3RIIG1q/Gf1UIDvMSIDn6ytVJae
z74d
-----END CERTIFICATE-----
Generated at Thu Jul 18 21:13:13 2024 by rpki-client on console-ams.rpki-client.org