Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/_2NHv-XGdTXfpa1GuQ8YQworzZo.roa
File: _2NHv-XGdTXfpa1GuQ8YQworzZo.roa (raw, json)
Hash identifier: otnwIE59fhXC1vZxItSsq3ew/WE+Z/pDWE4BMFdZdTk=
Subject key identifier: FF:63:47:BF:E5:C6:75:35:DF:A5:AD:46:B9:0F:18:43:0A:2B:CD:9A
Certificate issuer: /CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Certificate serial: 0185708CB6EFFB6DAA0D7C9C216AD82B9591
Authority key identifier: E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/_2NHv-XGdTXfpa1GuQ8YQworzZo.roa
Signing time: Mon 02 Jan 2023 03:35:48 +0000
ROA not before: Mon 02 Jan 2023 03:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35131
IP address blocks: 45.145.24.0/24 maxlen: 24
45.145.24.0/23 maxlen: 23
45.145.24.0/22 maxlen: 22
45.145.25.0/24 maxlen: 24
45.145.26.0/23 maxlen: 23
45.145.26.0/24 maxlen: 24
45.145.27.0/24 maxlen: 24
2a00:e280::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b6:ef:fb:6d:aa:0d:7c:9c:21:6a:d8:2b:95:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Validity
Not Before: Jan 2 03:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6347bfe5c67535dfa5ad46b90f18430a2bcd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:78:71:66:11:db:dc:13:bb:bd:5b:38:35:
96:75:a3:14:e7:8a:28:b4:7a:47:a0:b0:8b:34:35:
54:16:d8:61:2c:4b:8b:ae:25:76:81:2f:24:42:c9:
ce:03:c9:20:35:57:b0:ed:0a:67:bf:c7:b0:61:97:
45:bb:d5:a8:70:ca:97:d9:63:11:df:65:6d:46:b6:
0f:48:f9:ab:a3:bc:b9:5a:3e:c2:33:f7:bb:d4:13:
f6:a2:2b:87:0b:c2:e4:17:c6:c0:2a:77:a7:a3:65:
f5:ce:cc:56:1f:4b:9a:25:e5:16:60:4b:08:93:9a:
c9:f8:49:73:ee:e6:9b:68:f8:c2:a1:7a:74:de:f4:
2e:6f:84:28:73:49:25:ec:af:59:b2:a2:2c:33:ad:
da:1a:4e:57:04:98:90:5d:8d:c4:16:db:8b:4b:03:
b0:c5:36:43:b6:49:bf:6b:3a:64:c7:77:b3:9a:93:
46:10:31:7a:79:6b:83:a2:48:af:33:a2:af:d6:65:
c3:db:01:3b:56:cd:92:f5:0c:9f:e4:9e:88:cb:e9:
5b:70:20:af:03:dd:3a:c9:d7:db:d2:d2:97:b9:00:
ab:15:36:4e:d5:e7:09:c8:af:e8:d9:ed:b7:c2:25:
92:f1:76:75:1c:f9:69:8b:7d:3e:15:dc:10:67:96:
be:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:47:BF:E5:C6:75:35:DF:A5:AD:46:B9:0F:18:43:0A:2B:CD:9A
X509v3 Authority Key Identifier:
keyid:E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/_2NHv-XGdTXfpa1GuQ8YQworzZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/5fbO0n_GD5APrBt1HbHuS_eFqrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.24.0/22
IPv6:
2a00:e280::/32
Signature Algorithm: sha256WithRSAEncryption
88:b1:ca:45:52:d4:6c:71:21:f4:dd:d6:49:df:2c:7f:d1:66:
37:63:ef:c8:73:ee:26:68:90:a5:83:b2:49:b4:20:05:0c:0b:
ce:87:be:04:b5:89:5e:e6:93:0a:85:3c:ff:33:3d:bc:21:9f:
b3:58:e5:3c:08:4e:3c:83:20:c5:83:23:7d:e1:a8:3b:b4:1c:
1a:6f:93:64:f2:bc:f4:bc:58:49:05:b1:67:22:02:77:35:e9:
03:ad:1c:80:8b:33:16:40:89:06:7a:fe:2e:21:a9:8f:7f:39:
45:60:9d:80:fb:ca:9e:bc:94:52:a0:06:35:de:28:92:2a:63:
74:43:a7:0e:83:2d:36:29:b0:17:99:40:1d:0d:ff:da:66:ef:
f2:24:e9:cd:c3:7c:86:bc:5c:4f:af:68:83:da:46:1e:c0:a8:
7c:07:80:d6:43:ae:f9:85:de:52:b1:85:3c:2c:f1:7b:ff:6c:
14:3d:68:4e:90:c6:47:6c:61:ac:2c:3b:45:cb:9d:fa:4b:08:
f5:3d:96:10:5b:a7:9f:98:f3:c0:55:80:67:e8:ff:f1:1e:00:
e8:32:fa:9a:d9:57:db:80:2d:9d:48:17:fe:36:b5:49:da:1b:
f0:aa:db:6c:6d:b6:0b:8e:78:82:a8:f7:f5:fd:ac:57:7b:0d:
ab:70:a3:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjLbv+22qDXycIWrYK5WRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZjZjZWQyN2ZjNjBmOTAwZmFjMWI3NTFkYjFlZTRiZjc4
NWFhYjMwHhcNMjMwMTAyMDMzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYzNDdiZmU1YzY3NTM1ZGZhNWFkNDZiOTBmMTg0MzBhMmJjZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYt4cWYR29wTu71bODWWdaMU54oo
tHpHoLCLNDVUFthhLEuLriV2gS8kQsnOA8kgNVew7Qpnv8ewYZdFu9WocMqX2WMR
32VtRrYPSPmro7y5Wj7CM/e71BP2oiuHC8LkF8bAKneno2X1zsxWH0uaJeUWYEsI
k5rJ+Elz7uabaPjCoXp03vQub4Qoc0kl7K9ZsqIsM63aGk5XBJiQXY3EFtuLSwOw
xTZDtkm/azpkx3ezmpNGEDF6eWuDokivM6Kv1mXD2wE7Vs2S9Qyf5J6Iy+lbcCCv
A906ydfb0tKXuQCrFTZO1ecJyK/o2e23wiWS8XZ1HPlpi30+FdwQZ5a+JwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP9jR7/lxnU136WtRrkPGEMKK82aMB8GA1UdIwQY
MBaAFOX2ztJ/xg+QD6wbdR2x7kv3haqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWZiTzBuX0dENUFQckJ0MUhiSHVTX2VGcXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9mMzlhMTctODM4Ny00ZmJhLTllZDAt
M2VhZDc3OTIwNzNjLzEvXzJOSHYtWEdkVFhmcGExR3VROFlRd29yelpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9mMzlhMTctODM4Ny00ZmJhLTllZDAtM2VhZDc3OTIwNzNj
LzEvNWZiTzBuX0dENUFQckJ0MUhiSHVTX2VGcXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZEYMA0E
AgACMAcDBQAqAOKAMA0GCSqGSIb3DQEBCwUAA4IBAQCIscpFUtRscSH03dZJ3yx/
0WY3Y+/Ic+4maJClg7JJtCAFDAvOh74EtYle5pMKhTz/Mz28IZ+zWOU8CE48gyDF
gyN94ag7tBwab5Nk8rz0vFhJBbFnIgJ3NekDrRyAizMWQIkGev4uIamPfzlFYJ2A
+8qevJRSoAY13iiSKmN0Q6cOgy02KbAXmUAdDf/aZu/yJOnNw3yGvFxPr2iD2kYe
wKh8B4DWQ675hd5SsYU8LPF7/2wUPWhOkMZHbGGsLDtFy536Swj1PZYQW6efmPPA
VYBn6P/xHgDoMvqa2VfbgC2dSBf+NrVJ2hvwqttsbbYLjniCqPf1/axXew2rcKN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org