Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/B_9BiS2Evo15nRUYfM9hqGQq7iQ.roa
File: B_9BiS2Evo15nRUYfM9hqGQq7iQ.roa (raw, json)
Hash identifier: 1M5vCH4b0LxpmeLWPtFs08xr5ICZ+w0X+khJsXJXcHc=
Subject key identifier: 07:FF:41:89:2D:84:BE:8D:79:9D:15:18:7C:CF:61:A8:64:2A:EE:24
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0192B40BAE27606EF6435454075F87856D83
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/B_9BiS2Evo15nRUYfM9hqGQq7iQ.roa
Signing time: Tue 22 Oct 2024 11:45:17 +0000
ROA not before: Tue 22 Oct 2024 11:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216314
IP address blocks: 45.43.157.0/24 maxlen: 24
216.173.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 10:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:0b:ae:27:60:6e:f6:43:54:54:07:5f:87:85:6d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 22 11:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07ff41892d84be8d799d15187ccf61a8642aee24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4f:1a:cc:7a:e1:eb:8e:2f:5f:84:ff:7d:16:
de:d0:bf:02:63:de:f6:49:65:1d:09:dc:30:92:ac:
81:82:90:47:75:a6:8d:6d:6c:b2:24:09:47:fd:09:
95:0d:bb:d7:0f:af:b0:35:26:d6:ba:66:67:27:8f:
b9:80:1f:15:ac:fd:b5:32:f3:b8:3c:e2:84:3d:fc:
be:a9:c8:59:a5:dc:73:e3:b1:f9:31:3f:d4:16:77:
5e:bd:5e:ea:47:ee:7c:c4:9b:9f:32:4e:37:5d:07:
9d:94:81:70:a1:46:9c:f0:c2:e2:9e:ef:03:f1:36:
f8:76:ea:4a:f0:7b:1b:6d:50:a6:de:0a:6f:31:6a:
37:bf:a2:17:0e:0c:bb:d0:b6:e3:75:43:ed:e5:98:
42:9a:74:3e:df:90:5c:fb:d4:79:96:e4:74:4c:cd:
71:d5:7e:9b:ae:43:d8:a9:8f:37:0d:3e:b9:91:fc:
9b:bf:20:55:1b:66:04:ab:61:bf:b1:5c:65:5e:5a:
21:44:47:12:0c:4d:0a:84:20:45:5b:1d:bd:a9:e0:
b5:38:50:25:3f:1a:94:1c:23:a0:1b:2f:58:8d:69:
4c:10:2e:a7:f5:9b:ad:da:d7:51:78:06:66:63:f4:
11:48:10:2d:fa:67:6d:c1:07:b2:61:3e:78:6e:bd:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:FF:41:89:2D:84:BE:8D:79:9D:15:18:7C:CF:61:A8:64:2A:EE:24
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/B_9BiS2Evo15nRUYfM9hqGQq7iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.157.0/24
216.173.100.0/24
Signature Algorithm: sha256WithRSAEncryption
83:25:ec:60:46:75:24:a0:c1:80:ab:5d:2d:d2:66:0e:6d:69:
f9:10:82:66:fd:b3:63:95:d7:9d:a0:17:34:2f:20:58:a0:8a:
bc:09:8f:b6:9e:3c:ca:9b:72:c3:db:8e:54:63:e1:1f:43:25:
23:68:42:43:17:70:ce:24:81:ef:6d:7f:c0:7e:ee:6f:0c:3f:
90:9b:f2:a5:1d:72:70:fd:29:95:4f:f4:06:ec:46:40:6e:ed:
75:62:29:d1:c5:69:4a:a5:f7:32:51:1f:ff:2a:cc:9a:29:06:
07:85:28:45:bc:eb:1a:a9:74:51:a9:fa:ee:84:97:11:ab:b8:
a1:83:04:a8:5b:5d:9d:67:c4:1d:69:3e:7b:e2:d9:55:65:e4:
e6:77:35:73:e6:13:e5:f8:35:cd:78:7c:01:cf:56:92:71:d4:
cd:87:04:18:3a:50:27:0a:88:b4:9c:c2:ed:c0:cf:66:8a:9b:
d9:d3:7f:0b:48:1d:58:d2:53:24:a5:a0:2f:b6:81:e8:c2:2d:
1d:fa:ad:0b:f7:8a:b1:c9:99:11:7c:73:b1:b9:62:91:48:db:
9b:af:21:1d:b1:cf:3a:ef:ab:8b:13:9f:f7:60:a0:fd:76:0c:
f8:5b:fc:f4:d2:8a:6b:e7:91:27:74:cc:88:65:80:c7:64:f4:
8a:a7:f1:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK0C64nYG72Q1RUB1+HhW2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMDIyMTE0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2ZmNDE4OTJkODRiZThkNzk5ZDE1MTg3Y2NmNjFhODY0MmFlZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE8azHrh644vX4T/fRbe0L8CY972
SWUdCdwwkqyBgpBHdaaNbWyyJAlH/QmVDbvXD6+wNSbWumZnJ4+5gB8VrP21MvO4
POKEPfy+qchZpdxz47H5MT/UFndevV7qR+58xJufMk43XQedlIFwoUac8MLinu8D
8Tb4dupK8HsbbVCm3gpvMWo3v6IXDgy70LbjdUPt5ZhCmnQ+35Bc+9R5luR0TM1x
1X6brkPYqY83DT65kfybvyBVG2YEq2G/sVxlXlohREcSDE0KhCBFWx29qeC1OFAl
PxqUHCOgGy9YjWlMEC6n9Zut2tdReAZmY/QRSBAt+mdtwQeyYT54br2QowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAf/QYkthL6NeZ0VGHzPYahkKu4kMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQl85QmlTMkV2bzE1blJVWWZNOWhxR1FxN2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSudAwQA
2K1kMA0GCSqGSIb3DQEBCwUAA4IBAQCDJexgRnUkoMGAq10t0mYObWn5EIJm/bNj
ldedoBc0LyBYoIq8CY+2njzKm3LD245UY+EfQyUjaEJDF3DOJIHvbX/Afu5vDD+Q
m/KlHXJw/SmVT/QG7EZAbu11YinRxWlKpfcyUR//KsyaKQYHhShFvOsaqXRRqfru
hJcRq7ihgwSoW12dZ8QdaT574tlVZeTmdzVz5hPl+DXNeHwBz1aScdTNhwQYOlAn
Coi0nMLtwM9mipvZ038LSB1Y0lMkpaAvtoHowi0d+q0L94qxyZkRfHOxuWKRSNub
ryEdsc8676uLE5/3YKD9dgz4W/z00opr55EndMyIZYDHZPSKp/Ho
-----END CERTIFICATE-----
Generated at Thu Oct 24 12:49:06 2024 by rpki-client on console-ams.rpki-client.org