Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hXEGsl5qQzAA1qUdQtNGBqiww10.roa
File: hXEGsl5qQzAA1qUdQtNGBqiww10.roa (raw, json)
Hash identifier: VhmT0oyWxTqRPxA05l/SiDGCzCOgHGrb6X/m2cHTsoM=
Subject key identifier: 85:71:06:B2:5E:6A:43:30:00:D6:A5:1D:42:D3:46:06:A8:B0:C3:5D
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018EC459F0B0DBE53902A1AD63B19160ED46
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hXEGsl5qQzAA1qUdQtNGBqiww10.roa
Signing time: Tue 09 Apr 2024 19:33:32 +0000
ROA not before: Tue 09 Apr 2024 19:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196695
IP address blocks: 45.147.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 18:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:59:f0:b0:db:e5:39:02:a1:ad:63:b1:91:60:ed:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 9 19:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=857106b25e6a433000d6a51d42d34606a8b0c35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:71:24:e3:1e:58:4e:50:40:9c:a2:7e:df:b0:
d6:c4:2d:64:67:1a:ba:7f:70:ba:1c:95:2f:93:05:
1e:45:d3:b0:46:43:91:31:0b:c0:f0:22:bc:ef:af:
f2:b4:3f:25:75:30:a2:89:93:21:10:44:f3:ac:06:
76:96:cf:2f:25:39:93:80:a6:c9:84:1d:44:1f:41:
fa:eb:4b:06:94:9e:06:4d:9d:9a:a2:fc:d9:6f:47:
b2:e7:e8:81:91:e6:4b:ea:50:98:35:6e:c7:5c:c4:
3e:8b:55:d2:57:d4:f0:c1:c7:06:c8:f8:e9:0a:68:
53:83:9e:63:e5:06:e2:38:1c:af:03:c6:7f:71:a2:
65:f5:01:c1:db:5c:f9:31:fc:e0:ed:f9:e2:ef:94:
0e:ae:bd:bf:ef:f8:24:ec:67:29:fe:42:ed:29:cf:
55:16:43:69:1d:47:83:01:ae:35:97:d8:72:4a:99:
9f:82:80:98:a2:ed:f7:73:b8:66:e8:e7:ce:1e:2d:
79:d4:ee:0e:51:a9:f0:fd:e7:25:01:0a:3e:49:46:
95:7f:a9:5d:8d:be:41:27:a5:bf:bd:8e:23:01:07:
23:54:d1:50:08:97:b7:76:2a:24:5e:9e:f5:7e:e6:
4e:58:2c:b4:5a:be:5c:ff:b9:e8:89:49:ee:2f:08:
c9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:71:06:B2:5E:6A:43:30:00:D6:A5:1D:42:D3:46:06:A8:B0:C3:5D
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hXEGsl5qQzAA1qUdQtNGBqiww10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.3.0/24
Signature Algorithm: sha256WithRSAEncryption
13:29:33:dc:6c:95:46:c1:30:dd:4d:e2:aa:2d:a0:c2:3a:4f:
cc:c0:54:68:ab:76:f4:e6:51:32:21:0e:01:12:72:9c:3d:94:
c6:de:9f:99:92:f8:76:8b:35:f6:df:eb:69:60:da:d1:b1:b4:
e6:c9:a6:45:54:09:2b:b6:e8:7f:55:09:96:1e:36:b3:db:79:
f8:16:76:8b:52:18:d2:4a:e0:d5:4e:2d:98:e0:82:ab:27:a5:
ba:93:78:f3:68:19:4d:52:a0:cb:52:8c:4f:d4:35:e2:03:93:
31:ec:73:74:cc:11:fc:d5:5f:e2:fd:10:af:43:0b:6e:72:e2:
ab:00:9a:dd:ea:13:e4:69:62:46:88:3b:6b:69:17:fb:3a:88:
bb:86:94:ba:4a:75:b1:d5:89:49:3c:ce:46:e3:81:1e:e5:3d:
cb:c4:31:6a:6f:3b:41:42:2b:94:39:4d:2c:83:92:ed:1b:62:
fc:fc:e7:c3:de:74:df:df:2b:e9:30:7e:a0:1b:70:bf:d0:fe:
da:0b:6a:bc:46:9a:77:bc:d4:0c:ac:b8:c7:b3:a4:06:58:43:
be:b3:04:09:89:1e:a8:25:7e:01:fb:52:0e:0c:f8:2b:0f:cd:
63:e0:66:01:9d:50:74:c2:17:8a:d2:e6:92:1c:e4:a9:f2:fa:
0e:fe:fc:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7EWfCw2+U5AqGtY7GRYO1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwNDA5MTkzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcxMDZiMjVlNmE0MzMwMDBkNmE1MWQ0MmQzNDYwNmE4YjBjMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHEk4x5YTlBAnKJ+37DWxC1kZxq6
f3C6HJUvkwUeRdOwRkORMQvA8CK876/ytD8ldTCiiZMhEETzrAZ2ls8vJTmTgKbJ
hB1EH0H660sGlJ4GTZ2aovzZb0ey5+iBkeZL6lCYNW7HXMQ+i1XSV9TwwccGyPjp
CmhTg55j5QbiOByvA8Z/caJl9QHB21z5Mfzg7fni75QOrr2/7/gk7Gcp/kLtKc9V
FkNpHUeDAa41l9hySpmfgoCYou33c7hm6OfOHi151O4OUanw/eclAQo+SUaVf6ld
jb5BJ6W/vY4jAQcjVNFQCJe3diokXp71fuZOWCy0Wr5c/7noiUnuLwjJ+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVxBrJeakMwANalHULTRgaosMNdMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvaFhFR3NsNXFRekFBMXFVZFF0TkdCcWl3dzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMDMA0G
CSqGSIb3DQEBCwUAA4IBAQATKTPcbJVGwTDdTeKqLaDCOk/MwFRoq3b05lEyIQ4B
EnKcPZTG3p+Zkvh2izX23+tpYNrRsbTmyaZFVAkrtuh/VQmWHjaz23n4FnaLUhjS
SuDVTi2Y4IKrJ6W6k3jzaBlNUqDLUoxP1DXiA5Mx7HN0zBH81V/i/RCvQwtucuKr
AJrd6hPkaWJGiDtraRf7Ooi7hpS6SnWx1YlJPM5G44Ee5T3LxDFqbztBQiuUOU0s
g5LtG2L8/OfD3nTf3yvpMH6gG3C/0P7aC2q8Rpp3vNQMrLjHs6QGWEO+swQJiR6o
JX4B+1IODPgrD81j4GYBnVB0wheK0uaSHOSp8voO/vxw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org