Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/4hD2T7zxCk4os88x2UN2yjvKMFE.roa
File: 4hD2T7zxCk4os88x2UN2yjvKMFE.roa (raw, json)
Hash identifier: uZVB5BX5aXVrFKJb6Psg5dbm7+D8OJNpbAfzfTG5op0=
Subject key identifier: E2:10:F6:4F:BC:F1:0A:4E:28:B3:CF:31:D9:43:76:CA:3B:CA:30:51
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185727A3F02C08B0CD5337DFE702C5A67B5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/4hD2T7zxCk4os88x2UN2yjvKMFE.roa
Signing time: Mon 02 Jan 2023 12:34:52 +0000
ROA not before: Mon 02 Jan 2023 12:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201691
IP address blocks: 45.146.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:3f:02:c0:8b:0c:d5:33:7d:fe:70:2c:5a:67:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e210f64fbcf10a4e28b3cf31d94376ca3bca3051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f1:fb:62:e7:62:3e:33:5e:42:17:87:e5:2f:
33:e1:5a:63:01:4d:db:63:b2:22:f2:5b:6d:d6:0c:
9d:2c:e5:a3:cc:71:cc:42:50:99:73:2c:91:56:48:
ee:15:80:f6:c2:c1:5a:13:48:ff:e0:a9:bb:f5:0b:
66:d2:a7:11:b7:0f:c3:8b:ef:d6:7f:58:95:6a:52:
79:12:20:f3:86:af:af:af:fa:5c:9f:17:a5:4d:c3:
6c:f7:b4:cc:a1:01:13:19:c3:13:e2:46:4d:e2:6d:
ef:45:59:1b:99:2c:01:a0:4b:e4:9a:5a:3c:1d:c4:
3d:77:c8:0a:0a:b9:e1:b8:52:a3:b4:7f:4b:93:bc:
26:0f:f5:87:c6:9a:f2:21:8b:cd:af:f5:22:ec:06:
bb:bb:2d:ae:23:09:ca:65:35:66:22:10:fe:64:cb:
a8:ea:09:1e:88:3f:c5:5c:bd:93:77:6c:4f:fb:1d:
f7:b0:94:eb:55:bc:c2:d8:ea:4a:76:3f:09:d1:8e:
6b:fc:3a:82:f2:25:55:99:6c:3e:eb:33:28:77:cd:
c7:31:90:5f:07:17:b3:d8:c3:6c:1e:97:57:76:02:
a0:fa:f5:d0:72:b8:67:07:c5:22:8f:ea:bf:5e:c6:
d4:77:22:49:0d:fa:2c:e7:a3:fd:1b:ff:c5:9d:cf:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:10:F6:4F:BC:F1:0A:4E:28:B3:CF:31:D9:43:76:CA:3B:CA:30:51
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/4hD2T7zxCk4os88x2UN2yjvKMFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:86:fe:6c:38:96:80:3d:a1:88:e3:73:66:a3:1c:13:5b:01:
cb:09:bb:51:2f:a0:ed:4c:df:35:4c:aa:94:7a:23:f8:08:86:
6d:5e:1f:40:e8:8f:b4:85:4c:21:cd:4d:30:21:e2:ac:a9:f3:
23:d6:b2:ca:26:9c:69:19:9e:27:55:d0:8e:3e:cc:71:25:11:
90:55:77:b5:62:ce:b0:0f:7a:18:34:6f:67:a0:a3:ce:15:5a:
53:8b:86:c0:0f:43:ba:a3:df:51:24:f2:7c:5a:2a:bd:9b:a8:
c8:3b:c0:76:4c:7b:40:2d:f8:b2:7b:21:37:04:22:12:c0:ad:
53:91:93:a5:03:48:21:39:a4:70:d4:c9:a2:85:a5:cd:82:61:
ad:93:0e:c5:03:4f:31:3a:5b:6e:99:f7:92:a3:e5:ca:b4:96:
47:26:80:9a:5e:99:bf:5e:91:5c:7f:02:28:2f:30:4c:2c:f1:
dc:1c:ba:e5:db:24:e9:c0:16:58:e3:f0:19:3d:ba:87:b3:2c:
12:ad:b8:c5:0f:9a:41:4f:cb:88:bc:b0:ce:2c:b7:8e:00:48:
8d:59:11:e9:dc:79:0b:f1:33:8a:c4:be:da:e4:52:e8:b4:4c:
20:7a:32:43:01:0a:05:0f:f0:e2:0f:fe:f7:76:fb:ea:d6:b3:
ed:56:9a:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyej8CwIsM1TN9/nAsWme1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTAyMTIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjEwZjY0ZmJjZjEwYTRlMjhiM2NmMzFkOTQzNzZjYTNiY2EzMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/H7YudiPjNeQheH5S8z4VpjAU3b
Y7Ii8ltt1gydLOWjzHHMQlCZcyyRVkjuFYD2wsFaE0j/4Km79Qtm0qcRtw/Di+/W
f1iValJ5EiDzhq+vr/pcnxelTcNs97TMoQETGcMT4kZN4m3vRVkbmSwBoEvkmlo8
HcQ9d8gKCrnhuFKjtH9Lk7wmD/WHxpryIYvNr/Ui7Aa7uy2uIwnKZTVmIhD+ZMuo
6gkeiD/FXL2Td2xP+x33sJTrVbzC2OpKdj8J0Y5r/DqC8iVVmWw+6zMod83HMZBf
Bxez2MNsHpdXdgKg+vXQcrhnB8Uij+q/XsbUdyJJDfos56P9G//Fnc9TuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIQ9k+88QpOKLPPMdlDdso7yjBRMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNGhEMlQ3enhDazRvczg4eDJVTjJ5anZLTUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZLwMA0G
CSqGSIb3DQEBCwUAA4IBAQBshv5sOJaAPaGI43NmoxwTWwHLCbtRL6DtTN81TKqU
eiP4CIZtXh9A6I+0hUwhzU0wIeKsqfMj1rLKJpxpGZ4nVdCOPsxxJRGQVXe1Ys6w
D3oYNG9noKPOFVpTi4bAD0O6o99RJPJ8Wiq9m6jIO8B2THtALfiyeyE3BCISwK1T
kZOlA0ghOaRw1MmihaXNgmGtkw7FA08xOltumfeSo+XKtJZHJoCaXpm/XpFcfwIo
LzBMLPHcHLrl2yTpwBZY4/AZPbqHsywSrbjFD5pBT8uIvLDOLLeOAEiNWRHp3HkL
8TOKxL7a5FLotEwgejJDAQoFD/DiD/73dvvq1rPtVpr3
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:23 2024 by rpki-client on console-ams.rpki-client.org