Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NEkMpBDDgWbqjMV-8C5WYhZ-kQ0.roa
File: NEkMpBDDgWbqjMV-8C5WYhZ-kQ0.roa (raw, json)
Hash identifier: w3doWAgu8sEO32/d42d10cqRqjVNoS1eTx1KL3h3/I0=
Subject key identifier: 34:49:0C:A4:10:C3:81:66:EA:8C:C5:7E:F0:2E:56:62:16:7E:91:0D
Certificate issuer: /CN=661691ca9c58d0859b6b870230b0f581be66a58a
Certificate serial: 018C17A114DA92C197277E16B8B74CD9C105
Authority key identifier: 66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NEkMpBDDgWbqjMV-8C5WYhZ-kQ0.roa
Signing time: Tue 28 Nov 2023 20:31:21 +0000
ROA not before: Tue 28 Nov 2023 20:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46873
IP address blocks: 45.84.192.0/24 maxlen: 24
45.84.193.0/24 maxlen: 24
45.84.194.0/24 maxlen: 24
45.84.195.0/24 maxlen: 24
45.153.109.0/24 maxlen: 24
45.153.110.0/24 maxlen: 24
45.153.111.0/24 maxlen: 24
45.153.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:a1:14:da:92:c1:97:27:7e:16:b8:b7:4c:d9:c1:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661691ca9c58d0859b6b870230b0f581be66a58a
Validity
Not Before: Nov 28 20:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34490ca410c38166ea8cc57ef02e5662167e910d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:97:32:73:88:16:b4:7d:cc:f7:e0:68:04:8a:
8e:ba:95:67:37:e5:66:c9:e5:58:94:67:db:ad:5c:
f5:78:c2:51:e8:55:50:77:19:66:4b:54:80:84:d1:
99:37:52:38:05:fe:a4:6b:e0:44:f2:5a:dc:97:32:
14:11:99:1d:4f:46:4f:49:62:fd:d1:4e:70:64:59:
48:2a:ac:85:b9:1d:96:74:75:cb:55:b9:2a:f1:a7:
75:d2:29:77:36:1d:c9:aa:00:be:80:6b:87:7b:f1:
4d:18:fd:66:41:70:f6:f5:e7:79:a7:d8:e9:50:c8:
47:90:e0:77:93:42:19:2a:ca:70:24:fc:a7:3e:2f:
d5:ab:90:43:3d:53:b4:9a:aa:65:78:46:7b:58:72:
ef:aa:a7:82:7e:c0:6d:05:45:99:dd:db:86:31:4e:
62:34:97:0a:9a:fb:a2:cc:51:5e:ee:ec:7e:bf:34:
22:16:2b:f2:87:a4:da:53:5c:51:ca:31:e4:2b:bd:
5f:50:ac:2d:24:01:8e:44:13:c3:b8:f9:e5:1e:65:
d5:55:4d:53:c7:a5:2c:b0:6c:93:fe:cf:16:69:1f:
4f:b9:fc:8b:80:ad:77:6f:b3:e0:b0:11:27:d3:ca:
4e:b5:e0:eb:e9:f0:80:ca:d6:e5:f4:b0:81:5c:90:
47:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:49:0C:A4:10:C3:81:66:EA:8C:C5:7E:F0:2E:56:62:16:7E:91:0D
X509v3 Authority Key Identifier:
keyid:66:16:91:CA:9C:58:D0:85:9B:6B:87:02:30:B0:F5:81:BE:66:A5:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhaRypxY0IWba4cCMLD1gb5mpYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/NEkMpBDDgWbqjMV-8C5WYhZ-kQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8f0259-9bc8-4fdc-926d-1a80daffd796/1/ZhaRypxY0IWba4cCMLD1gb5mpYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.192.0/22
45.153.108.0/22
Signature Algorithm: sha256WithRSAEncryption
07:c1:a5:74:59:a5:9d:4c:1d:c9:00:b7:06:3c:2f:9b:64:ca:
87:a7:ed:f2:80:f3:11:88:12:c5:b9:1b:09:1a:93:2a:d1:18:
e7:45:43:de:5b:e5:4e:5f:4e:ea:15:5a:2a:0b:4f:30:65:76:
e1:ad:f9:4e:da:49:96:f4:f1:47:19:df:a3:af:f8:f2:8a:2c:
38:7f:6a:0b:64:9a:c1:e6:ac:0a:ef:ef:a7:ea:b3:0e:7d:eb:
ea:a6:85:a4:be:b8:a6:1a:04:e9:80:af:6e:78:d2:6d:25:cb:
62:60:ef:f7:c7:e6:21:ae:4c:b5:43:95:3e:30:73:de:cc:0d:
e2:8e:e7:87:aa:67:15:f9:1a:1f:a1:dc:d3:4c:6d:02:01:32:
23:3f:94:5b:55:6d:4a:bd:70:3d:bc:45:58:53:6c:16:ce:3a:
b7:aa:3f:a7:16:5b:e6:45:47:e6:c7:81:fd:4a:cb:a4:e0:80:
98:ee:59:a9:6b:6a:86:ff:d5:71:7e:3c:47:f6:4e:bd:57:af:
c7:c5:aa:ae:60:5c:ad:c8:53:3b:42:bc:af:ed:7f:63:99:1e:
d3:50:89:8d:7c:09:5f:a7:9d:03:2e:2c:29:e6:89:78:53:54:
64:32:05:87:7e:2e:62:9b:97:d3:2d:62:5d:b6:8c:0f:c7:2f:
3c:2b:e0:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwXoRTaksGXJ34WuLdM2cEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTY5MWNhOWM1OGQwODU5YjZiODcwMjMwYjBmNTgxYmU2
NmE1OGEwHhcNMjMxMTI4MjAzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ5MGNhNDEwYzM4MTY2ZWE4Y2M1N2VmMDJlNTY2MjE2N2U5MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5cyc4gWtH3M9+BoBIqOupVnN+Vm
yeVYlGfbrVz1eMJR6FVQdxlmS1SAhNGZN1I4Bf6ka+BE8lrclzIUEZkdT0ZPSWL9
0U5wZFlIKqyFuR2WdHXLVbkq8ad10il3Nh3JqgC+gGuHe/FNGP1mQXD29ed5p9jp
UMhHkOB3k0IZKspwJPynPi/Vq5BDPVO0mqpleEZ7WHLvqqeCfsBtBUWZ3duGMU5i
NJcKmvuizFFe7ux+vzQiFivyh6TaU1xRyjHkK71fUKwtJAGORBPDuPnlHmXVVU1T
x6UssGyT/s8WaR9PufyLgK13b7PgsBEn08pOteDr6fCAytbl9LCBXJBHqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDRJDKQQw4Fm6ozFfvAuVmIWfpENMB8GA1UdIwQY
MBaAFGYWkcqcWNCFm2uHAjCw9YG+ZqWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQt
MWE4MGRhZmZkNzk2LzEvTkVrTXBCRERnV2Jxak1WLThDNVdZaFota1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84ZjAyNTktOWJjOC00ZmRjLTkyNmQtMWE4MGRhZmZkNzk2
LzEvWmhhUnlweFkwSVdiYTRjQ01MRDFnYjVtcFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVTAAwQC
LZlsMA0GCSqGSIb3DQEBCwUAA4IBAQAHwaV0WaWdTB3JALcGPC+bZMqHp+3ygPMR
iBLFuRsJGpMq0RjnRUPeW+VOX07qFVoqC08wZXbhrflO2kmW9PFHGd+jr/jyiiw4
f2oLZJrB5qwK7++n6rMOfevqpoWkvrimGgTpgK9ueNJtJctiYO/3x+Yhrky1Q5U+
MHPezA3ijueHqmcV+RofodzTTG0CATIjP5RbVW1KvXA9vEVYU2wWzjq3qj+nFlvm
RUfmx4H9Ssuk4ICY7lmpa2qG/9VxfjxH9k69V6/HxaquYFytyFM7Qryv7X9jmR7T
UImNfAlfp50DLiwp5ol4U1RkMgWHfi5im5fTLWJdtowPxy88K+D9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:12 2024 by rpki-client on console-ams.rpki-client.org