Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/9LAkAaaVfuEMP7uGz_Uv2snWTUI.roa
File: 9LAkAaaVfuEMP7uGz_Uv2snWTUI.roa (raw, json)
Hash identifier: k2fJtk0xxrN+OZ45TTjWlHE9cIIlFK/dplGH3jjcGns=
Subject key identifier: F4:B0:24:01:A6:95:7E:E1:0C:3F:BB:86:CF:F5:2F:DA:C9:D6:4D:42
Certificate issuer: /CN=3e19048348d7ecb9f1191080555bf4458a1a54e7
Certificate serial: 01856CEF38601A13712868A1D65E2ADCA9F0
Authority key identifier: 3E:19:04:83:48:D7:EC:B9:F1:19:10:80:55:5B:F4:45:8A:1A:54:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PhkEg0jX7LnxGRCAVVv0RYoaVOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/9LAkAaaVfuEMP7uGz_Uv2snWTUI.roa
Signing time: Sun 01 Jan 2023 10:44:54 +0000
ROA not before: Sun 01 Jan 2023 10:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209181
IP address blocks: 45.90.105.0/24 maxlen: 24
45.90.104.0/22 maxlen: 22
45.90.104.0/24 maxlen: 24
45.90.107.0/24 maxlen: 24
45.90.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:38:60:1a:13:71:28:68:a1:d6:5e:2a:dc:a9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e19048348d7ecb9f1191080555bf4458a1a54e7
Validity
Not Before: Jan 1 10:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4b02401a6957ee10c3fbb86cff52fdac9d64d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:06:6b:a8:0a:22:01:e2:ec:e3:b0:bd:ce:
11:6c:f0:e4:e2:97:5a:48:67:47:24:2c:3b:22:f6:
20:10:18:f6:0c:51:d9:d9:51:bf:d6:1a:29:cc:50:
55:ab:ca:80:32:4a:b5:11:1b:57:06:0d:8a:de:60:
3c:8a:99:45:30:2a:3f:88:37:bc:cb:30:25:48:87:
fb:57:bf:fa:bd:f0:55:3a:c1:2d:b8:98:3c:fc:f9:
0b:34:4d:50:6f:83:4c:52:2b:7d:9d:02:e3:b8:a4:
51:e2:79:36:48:ef:b8:55:3e:4d:04:a4:00:cd:7b:
e8:5b:24:8f:16:0d:d3:d1:85:d7:d6:d7:6d:12:32:
4b:63:86:34:42:cc:cb:d5:f6:83:45:c7:63:88:fe:
f6:38:59:bc:bd:12:c4:bd:a1:56:50:52:76:fe:4f:
60:a3:f8:60:63:f9:f5:b7:f3:df:14:45:33:8c:9c:
cb:56:50:8f:2f:0b:80:05:dc:b3:31:c6:09:87:54:
7e:01:64:cc:57:38:53:dd:c1:8d:2b:13:9a:9b:6f:
8f:65:15:bb:11:8a:0c:83:25:c1:fb:88:7e:3d:d3:
9a:ea:ad:22:6d:a9:3f:ab:02:07:15:93:e4:94:05:
59:72:30:a4:11:a6:9f:7e:23:cb:d5:65:ee:de:2e:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B0:24:01:A6:95:7E:E1:0C:3F:BB:86:CF:F5:2F:DA:C9:D6:4D:42
X509v3 Authority Key Identifier:
keyid:3E:19:04:83:48:D7:EC:B9:F1:19:10:80:55:5B:F4:45:8A:1A:54:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PhkEg0jX7LnxGRCAVVv0RYoaVOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/9LAkAaaVfuEMP7uGz_Uv2snWTUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/af262c-e2cd-4841-850f-02f35ad877f3/1/PhkEg0jX7LnxGRCAVVv0RYoaVOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.104.0/22
Signature Algorithm: sha256WithRSAEncryption
30:05:f1:3c:65:50:bc:e7:ef:4e:99:31:d2:3f:0d:16:7a:be:
ec:3d:cd:1d:b7:ab:75:47:9d:2b:41:1b:5f:18:72:6a:7f:8e:
d6:ba:f6:b2:e9:b2:6b:05:d8:dc:f7:d1:5d:5f:b2:5a:c4:c3:
6b:ff:06:e1:66:c8:28:e5:7f:65:b8:2a:fc:db:41:46:5a:01:
71:f3:80:4e:6a:fb:41:da:df:e1:ac:d3:fd:77:6a:91:22:9b:
a4:f5:db:43:50:d1:2f:69:7d:8a:6e:fc:5b:c4:c4:1f:92:78:
91:ad:ea:f2:c6:63:d5:3b:58:8e:bc:0c:78:d4:17:14:32:7a:
7b:87:e3:f2:e6:fc:68:ce:a1:b9:0c:8a:9c:83:8f:ff:a4:b4:
28:24:5e:9d:81:2b:d4:90:e2:99:7e:e2:10:a1:86:c5:73:30:
92:df:f0:60:4a:98:db:52:16:6d:c4:5b:6d:99:eb:c5:f6:0f:
58:96:95:fd:94:e2:11:fa:6a:9c:46:3e:36:eb:8a:0d:f6:78:
ae:a8:0f:63:62:9a:97:01:84:6a:42:42:a8:67:78:ce:da:16:
b8:89:f9:fe:5c:b3:22:ef:8c:f9:b1:59:61:1e:b5:8a:42:00:
0e:1b:77:ce:34:85:af:ef:b1:23:3d:82:ac:1b:36:5f:1a:be:
3a:4b:0b:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7zhgGhNxKGih1l4q3KnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMTkwNDgzNDhkN2VjYjlmMTE5MTA4MDU1NWJmNDQ1OGEx
YTU0ZTcwHhcNMjMwMTAxMTA0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIwMjQwMWE2OTU3ZWUxMGMzZmJiODZjZmY1MmZkYWM5ZDY0ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTYGa6gKIgHi7OOwvc4RbPDk4pda
SGdHJCw7IvYgEBj2DFHZ2VG/1hopzFBVq8qAMkq1ERtXBg2K3mA8iplFMCo/iDe8
yzAlSIf7V7/6vfBVOsEtuJg8/PkLNE1Qb4NMUit9nQLjuKRR4nk2SO+4VT5NBKQA
zXvoWySPFg3T0YXX1tdtEjJLY4Y0QszL1faDRcdjiP72OFm8vRLEvaFWUFJ2/k9g
o/hgY/n1t/PfFEUzjJzLVlCPLwuABdyzMcYJh1R+AWTMVzhT3cGNKxOam2+PZRW7
EYoMgyXB+4h+PdOa6q0ibak/qwIHFZPklAVZcjCkEaaffiPL1WXu3i6nowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSwJAGmlX7hDD+7hs/1L9rJ1k1CMB8GA1UdIwQY
MBaAFD4ZBINI1+y58RkQgFVb9EWKGlTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGhrRWcwalg3TG54R1JDQVZWdjBSWW9hVk9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hZjI2MmMtZTJjZC00ODQxLTg1MGYt
MDJmMzVhZDg3N2YzLzEvOUxBa0FhYVZmdUVNUDd1R3pfVXYyc25XVFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hZjI2MmMtZTJjZC00ODQxLTg1MGYtMDJmMzVhZDg3N2Yz
LzEvUGhrRWcwalg3TG54R1JDQVZWdjBSWW9hVk9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVpoMA0G
CSqGSIb3DQEBCwUAA4IBAQAwBfE8ZVC85+9OmTHSPw0Wer7sPc0dt6t1R50rQRtf
GHJqf47Wuvay6bJrBdjc99FdX7JaxMNr/wbhZsgo5X9luCr820FGWgFx84BOavtB
2t/hrNP9d2qRIpuk9dtDUNEvaX2KbvxbxMQfkniRreryxmPVO1iOvAx41BcUMnp7
h+Py5vxozqG5DIqcg4//pLQoJF6dgSvUkOKZfuIQoYbFczCS3/BgSpjbUhZtxFtt
mevF9g9YlpX9lOIR+mqcRj4264oN9niuqA9jYpqXAYRqQkKoZ3jO2ha4ifn+XLMi
74z5sVlhHrWKQgAOG3fONIWv77EjPYKsGzZfGr46Swvh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:07 2024 by rpki-client on console-ams.rpki-client.org