Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f6d2dd-03a7-4f1f-b890-cd9ff0552f92/1/hPm9GRZvmSAtqXzt1iedrt2nzh8.roa
File: hPm9GRZvmSAtqXzt1iedrt2nzh8.roa (raw, json)
Hash identifier: idY0dzljgCQ556bXoATIxPNITKKKhOK2KTSVY0QE+Ig=
Subject key identifier: 84:F9:BD:19:16:6F:99:20:2D:A9:7C:ED:D6:27:9D:AE:DD:A7:CE:1F
Certificate issuer: /CN=b9f4779575cb9bf058243287e98234deca911fc9
Certificate serial: 01856E267EC91BE17F95FD3253459B28B066
Authority key identifier: B9:F4:77:95:75:CB:9B:F0:58:24:32:87:E9:82:34:DE:CA:91:1F:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufR3lXXLm_BYJDKH6YI03sqRH8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f6d2dd-03a7-4f1f-b890-cd9ff0552f92/1/hPm9GRZvmSAtqXzt1iedrt2nzh8.roa
Signing time: Sun 01 Jan 2023 16:24:54 +0000
ROA not before: Sun 01 Jan 2023 16:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208675
IP address blocks: 45.89.138.0/24 maxlen: 24
45.89.136.0/24 maxlen: 24
45.89.139.0/24 maxlen: 24
45.89.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:7e:c9:1b:e1:7f:95:fd:32:53:45:9b:28:b0:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9f4779575cb9bf058243287e98234deca911fc9
Validity
Not Before: Jan 1 16:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84f9bd19166f99202da97cedd6279daedda7ce1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:58:8f:c9:b5:79:40:d5:2d:77:d3:dd:0a:
6f:1e:80:4d:0b:1e:6c:6f:84:a9:66:8d:95:02:56:
2b:d4:24:ca:8e:72:e0:17:c2:2e:19:f2:b0:27:88:
6f:65:69:64:83:40:4c:e1:04:cc:86:c7:3d:24:d8:
75:f3:6f:10:a7:18:e4:bf:19:90:a9:a7:8f:d2:46:
dd:97:a3:0a:a5:37:c0:a0:56:31:72:08:6d:14:6a:
54:55:fe:19:cb:cc:b9:1d:fc:4e:e3:b1:50:4a:95:
8e:49:c3:e8:ab:25:a2:b3:1a:ca:c0:64:05:5a:50:
84:4f:9b:f3:70:38:0c:1b:84:db:2b:21:e0:94:77:
d4:11:14:50:f3:01:2f:ee:37:5b:5e:41:e9:aa:c7:
cd:dd:c4:1f:82:4c:c8:c1:2d:c5:72:57:3e:0c:a5:
9a:b5:30:8b:ed:7d:06:28:50:2b:3c:53:cf:83:ed:
d3:de:59:29:64:dc:b8:53:d4:7f:af:06:3c:76:86:
05:b9:4d:1a:a7:48:bb:56:f9:40:7d:5b:4a:ec:73:
7f:10:54:a4:ae:47:a4:9c:06:e2:03:ec:0f:8f:a5:
b9:db:ba:49:1a:30:b9:7a:0e:6c:35:3b:1e:63:37:
86:ca:29:b9:d0:2c:b9:aa:6d:0b:93:c5:46:7c:61:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F9:BD:19:16:6F:99:20:2D:A9:7C:ED:D6:27:9D:AE:DD:A7:CE:1F
X509v3 Authority Key Identifier:
keyid:B9:F4:77:95:75:CB:9B:F0:58:24:32:87:E9:82:34:DE:CA:91:1F:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufR3lXXLm_BYJDKH6YI03sqRH8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f6d2dd-03a7-4f1f-b890-cd9ff0552f92/1/hPm9GRZvmSAtqXzt1iedrt2nzh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f6d2dd-03a7-4f1f-b890-cd9ff0552f92/1/ufR3lXXLm_BYJDKH6YI03sqRH8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.136.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:fc:16:08:eb:c5:19:72:1e:06:2c:fe:b5:cd:99:c4:05:39:
77:fe:d3:41:0d:09:3b:7f:08:ea:a2:09:2f:d1:bf:fb:89:f5:
09:fc:61:6c:b6:c1:cc:d1:dd:f0:f5:e5:6a:a9:cd:71:9b:50:
da:93:5d:dd:79:b8:a0:d7:5e:64:44:08:fe:ea:6e:c8:6a:2e:
e4:e1:53:c3:ff:f6:76:e5:2c:e3:4d:0d:43:6e:9a:d6:d0:eb:
12:f5:33:88:d9:6d:0a:c5:4d:f9:16:f5:1f:9e:04:55:9c:08:
1f:30:d1:cd:98:7f:22:cc:af:ee:67:15:86:42:f8:1b:a5:06:
d0:d4:8a:be:d8:56:36:b5:14:b9:a3:db:44:c3:55:ba:2a:df:
4f:69:2e:0f:f5:b7:f5:ae:19:b6:05:25:50:c9:3f:49:ce:e9:
f0:dc:f6:a6:b0:24:ec:a7:73:ca:4c:07:a8:a3:1e:cc:ad:8a:
53:8a:e3:a0:cc:13:6e:c0:b3:f0:db:ae:31:dc:6e:77:4d:f0:
4f:f4:8f:8f:d2:63:5b:e0:ad:74:23:24:86:8b:de:a7:08:78:
fd:fd:c3:56:4c:98:ab:f6:be:ef:9b:ae:9e:af:4e:aa:44:f5:
13:51:3b:8b:f7:5f:b4:4a:a7:03:2c:b7:4d:73:15:a5:58:39:
04:af:7c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJn7JG+F/lf0yU0WbKLBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjQ3Nzk1NzVjYjliZjA1ODI0MzI4N2U5ODIzNGRlY2E5
MTFmYzkwHhcNMjMwMTAxMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY5YmQxOTE2NmY5OTIwMmRhOTdjZWRkNjI3OWRhZWRkYTdjZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmJYj8m1eUDVLXfT3QpvHoBNCx5s
b4SpZo2VAlYr1CTKjnLgF8IuGfKwJ4hvZWlkg0BM4QTMhsc9JNh1828QpxjkvxmQ
qaeP0kbdl6MKpTfAoFYxcghtFGpUVf4Zy8y5HfxO47FQSpWOScPoqyWisxrKwGQF
WlCET5vzcDgMG4TbKyHglHfUERRQ8wEv7jdbXkHpqsfN3cQfgkzIwS3Fclc+DKWa
tTCL7X0GKFArPFPPg+3T3lkpZNy4U9R/rwY8doYFuU0ap0i7VvlAfVtK7HN/EFSk
rkeknAbiA+wPj6W527pJGjC5eg5sNTseYzeGyim50Cy5qm0Lk8VGfGF4xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIT5vRkWb5kgLal87dYnna7dp84fMB8GA1UdIwQY
MBaAFLn0d5V1y5vwWCQyh+mCNN7KkR/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZSM2xYWExtX0JZSkRLSDZZSTAzc3FSSDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mNmQyZGQtMDNhNy00ZjFmLWI4OTAt
Y2Q5ZmYwNTUyZjkyLzEvaFBtOUdSWnZtU0F0cVh6dDFpZWRydDJuemg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mNmQyZGQtMDNhNy00ZjFmLWI4OTAtY2Q5ZmYwNTUyZjky
LzEvdWZSM2xYWExtX0JZSkRLSDZZSTAzc3FSSDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVmIMA0G
CSqGSIb3DQEBCwUAA4IBAQAN/BYI68UZch4GLP61zZnEBTl3/tNBDQk7fwjqogkv
0b/7ifUJ/GFstsHM0d3w9eVqqc1xm1Dak13debig115kRAj+6m7Iai7k4VPD//Z2
5SzjTQ1DbprW0OsS9TOI2W0KxU35FvUfngRVnAgfMNHNmH8izK/uZxWGQvgbpQbQ
1Iq+2FY2tRS5o9tEw1W6Kt9PaS4P9bf1rhm2BSVQyT9Jzunw3PamsCTsp3PKTAeo
ox7MrYpTiuOgzBNuwLPw264x3G53TfBP9I+P0mNb4K10IySGi96nCHj9/cNWTJir
9r7vm66er06qRPUTUTuL91+0SqcDLLdNcxWlWDkEr3wV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org