Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/kAv6ykyNImh1zesHOLU0-ZIliC0.roa
File: kAv6ykyNImh1zesHOLU0-ZIliC0.roa (raw, json)
Hash identifier: E5/GRwgSkiu2OGnrRKbC3cbF6zZMBsK9RJKJkdJs/Ts=
Subject key identifier: 90:0B:FA:CA:4C:8D:22:68:75:CD:EB:07:38:B5:34:F9:92:25:88:2D
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018CC9BCA26262EB050C96AD7133626994B5
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/kAv6ykyNImh1zesHOLU0-ZIliC0.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1149
IP address blocks: 145.100.118.0/23 maxlen: 24
2001:610:9000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 10:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a2:62:62:eb:05:0c:96:ad:71:33:62:69:94:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=900bfaca4c8d226875cdeb0738b534f99225882d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:49:86:47:5d:fd:fc:a2:ec:1d:56:87:73:5b:
b9:13:fa:fc:49:c7:10:0a:4f:f8:2c:b6:5a:41:b7:
9f:46:b8:e1:85:90:dd:d2:e8:ed:1e:46:b1:0f:d2:
52:35:42:58:a6:56:c4:d4:61:b8:56:b1:00:ee:0f:
5c:cb:d8:1b:bc:b4:0d:c2:05:b8:21:04:fa:41:7f:
e6:d4:bb:0f:88:69:79:ad:53:d3:04:2f:2c:87:15:
b3:90:13:e2:d1:bc:f4:d8:1c:ba:d0:f6:93:ed:d9:
c7:81:a0:58:c3:33:79:98:8a:f6:0d:d4:17:4b:07:
31:0e:fe:b1:03:5a:3b:3f:59:37:53:5e:42:c3:cb:
c4:51:16:7d:9f:66:5a:28:8b:fd:7e:9d:93:a0:4e:
7b:58:97:62:05:7c:f6:c9:a6:44:45:87:7a:da:2c:
a5:99:d6:4c:05:14:46:30:69:1d:7e:1b:46:6c:9e:
11:c1:3e:9e:39:bf:38:85:44:18:73:ce:78:58:b2:
bb:dd:b3:f1:02:d2:59:a2:58:3b:f0:33:cc:6a:31:
f0:aa:d2:ba:26:f8:d0:ad:0d:fa:27:c2:0a:39:b5:
d2:3e:13:86:1e:c1:82:ed:11:77:1d:2b:ac:f8:82:
0e:82:63:1e:c3:ff:54:34:32:10:4d:15:64:d7:3a:
57:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0B:FA:CA:4C:8D:22:68:75:CD:EB:07:38:B5:34:F9:92:25:88:2D
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/kAv6ykyNImh1zesHOLU0-ZIliC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.100.118.0/23
IPv6:
2001:610:9000::/40
Signature Algorithm: sha256WithRSAEncryption
38:8a:f8:53:2f:ca:3f:c9:e0:2d:ba:eb:9d:ff:60:aa:02:f4:
60:ae:60:df:67:0d:8c:2d:3b:d7:82:90:9b:bd:98:30:4f:20:
cc:ae:3d:a4:31:7e:7d:d5:20:50:97:70:3d:6b:f1:2a:84:81:
4a:f7:5f:d2:d9:52:d6:d0:1e:96:c8:9e:da:2c:9f:7f:f2:d4:
4f:15:17:11:38:98:84:9b:d2:e0:7c:e3:77:aa:df:f4:4e:2b:
f4:67:92:93:0a:12:5c:5d:e5:ff:ca:9b:e2:06:5e:6f:e2:17:
1a:97:d9:da:32:71:53:e5:cf:72:5a:34:47:e5:96:6c:dd:cc:
0e:2a:74:d2:48:ca:17:3a:4c:73:bc:b4:16:32:09:93:bc:5d:
c0:fd:cc:ac:3b:dd:51:41:58:2e:24:8a:e1:4e:59:b3:f2:65:
e1:29:6b:4f:62:21:fd:7b:0a:32:4d:7f:ef:ac:67:65:86:13:
79:1d:0e:26:a4:ca:c1:4f:b9:fd:11:b3:a8:44:16:2a:84:01:
bc:d2:04:90:17:1e:29:f1:b5:e2:be:66:89:c6:03:8a:d5:49:
13:fa:19:14:bf:f5:5d:47:51:3a:3c:82:22:a7:39:f1:2f:05:
80:1d:f4:36:a2:00:96:89:e6:4e:b8:19:f3:86:08:e5:2b:0b:
5c:d9:92:05
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJvKJiYusFDJatcTNiaZS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBiZmFjYTRjOGQyMjY4NzVjZGViMDczOGI1MzRmOTkyMjU4ODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEmGR139/KLsHVaHc1u5E/r8SccQ
Ck/4LLZaQbefRrjhhZDd0ujtHkaxD9JSNUJYplbE1GG4VrEA7g9cy9gbvLQNwgW4
IQT6QX/m1LsPiGl5rVPTBC8shxWzkBPi0bz02By60PaT7dnHgaBYwzN5mIr2DdQX
SwcxDv6xA1o7P1k3U15Cw8vEURZ9n2ZaKIv9fp2ToE57WJdiBXz2yaZERYd62iyl
mdZMBRRGMGkdfhtGbJ4RwT6eOb84hUQYc854WLK73bPxAtJZolg78DPMajHwqtK6
JvjQrQ36J8IKObXSPhOGHsGC7RF3HSus+IIOgmMew/9UNDIQTRVk1zpXbwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJAL+spMjSJodc3rBzi1NPmSJYgtMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEva0F2NnlreU5JbWgxemVzSE9MVTAtWklsaUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBkWR2MA4E
AgACMAgDBgAgAQYQkDANBgkqhkiG9w0BAQsFAAOCAQEAOIr4Uy/KP8ngLbrrnf9g
qgL0YK5g32cNjC0714KQm72YME8gzK49pDF+fdUgUJdwPWvxKoSBSvdf0tlS1tAe
lsie2iyff/LUTxUXETiYhJvS4Hzjd6rf9E4r9GeSkwoSXF3l/8qb4gZeb+IXGpfZ
2jJxU+XPclo0R+WWbN3MDip00kjKFzpMc7y0FjIJk7xdwP3MrDvdUUFYLiSK4U5Z
s/Jl4SlrT2Ih/XsKMk1/76xnZYYTeR0OJqTKwU+5/RGzqEQWKoQBvNIEkBceKfG1
4r5micYDitVJE/oZFL/1XUdROjyCIqc58S8FgB30NqIAlonmTrgZ84YI5SsLXNmS
BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org