Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/ofe_DHECZRmF6a-l9coKbDqQorg.roa
File: ofe_DHECZRmF6a-l9coKbDqQorg.roa (raw, json)
Hash identifier: goQPTyEJGwmbJXYGh4vfYxbAZNQcqX5RcevKkm7S3pI=
Subject key identifier: A1:F7:BF:0C:71:02:65:19:85:E9:AF:A5:F5:CA:0A:6C:3A:90:A2:B8
Certificate issuer: /CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Certificate serial: 0190309FC24B3CF130BE79A000600EA19622
Authority key identifier: 87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/ofe_DHECZRmF6a-l9coKbDqQorg.roa
Signing time: Wed 19 Jun 2024 13:11:34 +0000
ROA not before: Wed 19 Jun 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43602
IP address blocks: 45.133.12.0/23 maxlen: 23
45.133.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Jun 2024 08:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:9f:c2:4b:3c:f1:30:be:79:a0:00:60:0e:a1:96:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f4bc1bcc44f3e910070435dbded41b6e482e68
Validity
Not Before: Jun 19 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1f7bf0c7102651985e9afa5f5ca0a6c3a90a2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2a:a9:ed:fd:21:05:18:03:8e:a1:42:8d:12:
8a:b6:6f:ca:c1:e9:c3:4d:f9:e4:2b:e0:ee:c7:b1:
06:70:27:5c:3e:72:2e:11:56:f0:0e:1f:b1:51:f7:
40:76:3e:36:b5:dc:22:0a:27:59:4c:44:a5:0a:fd:
b9:9b:bf:4f:89:56:0f:70:d7:f2:a8:31:d1:35:7a:
c1:62:2e:25:10:b0:91:ae:90:0c:bb:97:66:76:f2:
48:b6:86:ab:c7:c6:3c:92:3e:a0:7e:df:53:26:4d:
2b:f7:4f:ab:9f:a9:1e:8b:dc:cb:dd:c9:d9:ff:f7:
97:ca:97:d2:d2:70:a9:90:a4:23:32:3e:31:98:88:
cb:af:ab:ba:2e:04:5e:58:6a:e9:80:15:e6:a3:27:
8d:df:66:e3:ed:57:0d:20:17:7b:6d:fd:5f:c4:0f:
9e:42:29:c7:df:c3:e4:ed:bd:9d:0e:44:2b:ff:70:
c5:68:6e:90:ec:14:57:49:13:61:2f:69:4f:b8:ad:
31:6d:4c:6d:3a:b8:c2:56:0f:51:f3:9c:9a:82:9c:
c4:f2:8c:11:b5:c8:d6:9f:3f:b6:56:c1:c0:0a:3a:
ba:42:87:58:eb:e7:61:77:10:2d:16:a9:19:78:d1:
fc:94:12:91:50:83:92:63:f7:9c:27:cc:ff:e1:c1:
ab:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F7:BF:0C:71:02:65:19:85:E9:AF:A5:F5:CA:0A:6C:3A:90:A2:B8
X509v3 Authority Key Identifier:
keyid:87:F4:BC:1B:CC:44:F3:E9:10:07:04:35:DB:DE:D4:1B:6E:48:2E:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_S8G8xE8-kQBwQ1297UG25ILmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/ofe_DHECZRmF6a-l9coKbDqQorg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0b5b6d-7f46-447a-8946-7e781680d1d2/1/h_S8G8xE8-kQBwQ1297UG25ILmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.12.0/23
45.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:a0:db:90:85:33:5d:cf:40:42:d1:3c:cb:cc:62:54:ba:2d:
75:f5:1e:51:8f:9e:5b:12:86:ec:cb:76:b0:a4:d9:b1:c3:d3:
2b:0e:60:b0:7c:d8:61:6d:b8:b9:ae:ab:ea:03:99:c0:68:48:
d2:c7:5b:52:94:ff:a4:00:52:69:7d:2b:89:7e:db:30:7b:42:
aa:d1:45:6f:8b:dc:de:fc:d0:2d:bc:ee:d0:29:2a:45:7d:80:
f5:d6:81:87:71:1a:bb:05:d9:68:b5:77:39:cd:6d:26:89:31:
a5:96:8e:77:72:b3:16:f3:be:3a:0d:0c:84:af:48:d1:ba:20:
99:ab:0e:f1:d3:f4:3c:94:21:d1:8c:e0:32:8f:3b:1b:72:23:
11:02:36:6a:ae:11:e2:55:ab:65:3f:a3:bc:c1:c8:88:f4:41:
04:a1:60:cf:25:88:14:13:c6:5f:54:22:0a:a7:0c:bc:f1:d1:
9f:ed:19:11:4d:bd:5b:75:f0:78:5e:55:a4:aa:55:ae:90:ba:
a8:90:61:67:6b:7e:77:65:bd:80:1a:19:95:04:cd:d6:ce:90:
1f:c7:6f:9a:8f:9d:76:b5:dd:55:1c:08:8b:96:4b:8d:81:98:
7f:03:03:5d:e2:28:60:c7:dd:93:a8:ce:ca:8c:a6:df:63:b4:
27:3c:4c:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAwn8JLPPEwvnmgAGAOoZYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjRiYzFiY2M0NGYzZTkxMDA3MDQzNWRiZGVkNDFiNmU0
ODJlNjgwHhcNMjQwNjE5MTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY3YmYwYzcxMDI2NTE5ODVlOWFmYTVmNWNhMGE2YzNhOTBhMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yqp7f0hBRgDjqFCjRKKtm/KwenD
TfnkK+Dux7EGcCdcPnIuEVbwDh+xUfdAdj42tdwiCidZTESlCv25m79PiVYPcNfy
qDHRNXrBYi4lELCRrpAMu5dmdvJItoarx8Y8kj6gft9TJk0r90+rn6kei9zL3cnZ
//eXypfS0nCpkKQjMj4xmIjLr6u6LgReWGrpgBXmoyeN32bj7VcNIBd7bf1fxA+e
QinH38Pk7b2dDkQr/3DFaG6Q7BRXSRNhL2lPuK0xbUxtOrjCVg9R85yagpzE8owR
tcjWnz+2VsHACjq6QodY6+dhdxAtFqkZeNH8lBKRUIOSY/ecJ8z/4cGrpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKH3vwxxAmUZhemvpfXKCmw6kKK4MB8GA1UdIwQY
MBaAFIf0vBvMRPPpEAcENdve1BtuSC5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYt
N2U3ODE2ODBkMWQyLzEvb2ZlX0RIRUNaUm1GNmEtbDljb0tiRHFRb3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYjViNmQtN2Y0Ni00NDdhLTg5NDYtN2U3ODE2ODBkMWQy
LzEvaF9TOEc4eEU4LWtRQndRMTI5N1VHMjVJTG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYUMAwQA
LYUPMA0GCSqGSIb3DQEBCwUAA4IBAQCLoNuQhTNdz0BC0TzLzGJUui119R5Rj55b
Eobsy3awpNmxw9MrDmCwfNhhbbi5rqvqA5nAaEjSx1tSlP+kAFJpfSuJftswe0Kq
0UVvi9ze/NAtvO7QKSpFfYD11oGHcRq7BdlotXc5zW0miTGllo53crMW8746DQyE
r0jRuiCZqw7x0/Q8lCHRjOAyjzsbciMRAjZqrhHiVatlP6O8wciI9EEEoWDPJYgU
E8ZfVCIKpwy88dGf7RkRTb1bdfB4XlWkqlWukLqokGFna353Zb2AGhmVBM3WzpAf
x2+aj512td1VHAiLlkuNgZh/AwNd4ihgx92TqM7KjKbfY7QnPEwY
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:21:02 2024 by rpki-client on console-fra.rpki-client.org