Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/2fWWqM-haUOzQAYL9LQcA9xtOuI.roa
File: 2fWWqM-haUOzQAYL9LQcA9xtOuI.roa (raw, json)
Hash identifier: t7bqZ6aCem8UsDpRJu/Vi1pH1fkZ6TfAesVB9ftDkZ0=
Subject key identifier: D9:F5:96:A8:CF:A1:69:43:B3:40:06:0B:F4:B4:1C:03:DC:6D:3A:E2
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 018FC4DE3BBC04767165066CC552B4E9CD94
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/2fWWqM-haUOzQAYL9LQcA9xtOuI.roa
Signing time: Wed 29 May 2024 15:00:49 +0000
ROA not before: Wed 29 May 2024 15:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 151.145.160.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 30 Jul 2024 18:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:de:3b:bc:04:76:71:65:06:6c:c5:52:b4:e9:cd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: May 29 15:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9f596a8cfa16943b340060bf4b41c03dc6d3ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:eb:fb:3b:65:82:32:9c:1b:f0:d3:09:ef:
cc:d5:95:a2:bc:87:38:1c:38:78:48:7b:9a:36:f8:
22:5d:f5:e7:45:7d:6b:ad:3d:54:7f:1d:8c:5c:8d:
07:b8:a8:d0:ac:31:67:4a:f2:8a:3d:85:86:e3:8e:
07:0a:b3:c4:33:82:4b:55:a7:8c:8d:29:69:b8:8d:
e2:1b:ca:c1:d2:0a:80:bf:b3:f7:78:b4:ac:a3:21:
c7:26:49:56:99:bd:f5:a5:52:6d:3c:78:56:e8:02:
ba:39:db:c6:3a:d3:57:f3:12:84:e0:8a:27:81:41:
1b:87:cf:5a:55:2b:0e:69:ff:64:0a:08:c5:4f:95:
d4:09:d0:c6:1d:be:a8:3a:ad:5d:6b:ea:74:16:2b:
8e:ae:18:3d:b1:94:62:ed:76:64:1f:af:c0:f2:1c:
55:a9:91:4f:bc:cb:c6:04:7f:47:81:b9:d5:43:db:
64:a7:22:51:39:42:c0:f5:7f:9e:55:35:6c:ad:fd:
a1:91:f9:9a:d2:2e:46:d8:79:45:32:29:ec:91:98:
67:7b:40:79:a2:44:0b:8d:a9:9d:7c:e0:3f:fc:61:
0f:d0:ec:5a:af:93:ca:29:c0:28:35:1e:90:14:69:
0f:ed:ea:43:f6:8b:f5:74:fd:ac:ed:9a:fe:83:11:
89:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F5:96:A8:CF:A1:69:43:B3:40:06:0B:F4:B4:1C:03:DC:6D:3A:E2
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/2fWWqM-haUOzQAYL9LQcA9xtOuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.145.160.0/19
Signature Algorithm: sha256WithRSAEncryption
b5:59:98:05:5b:88:47:d4:49:35:90:eb:d2:20:a9:12:6f:64:
5c:bf:f4:cc:3a:88:4b:bf:31:29:47:7b:ee:8c:61:38:2e:cc:
be:b6:95:fc:3a:d9:c6:4a:25:5d:14:3b:32:04:e7:81:e7:70:
5a:59:29:50:7b:bb:99:ff:b2:92:17:8f:22:42:26:5d:21:28:
20:84:12:66:80:40:45:48:da:0d:e1:41:57:73:43:dd:bb:0b:
6f:0e:a2:93:39:7a:be:63:80:a1:7d:e1:72:77:b7:b9:f0:03:
d0:3e:ef:f9:f0:63:78:68:b4:47:f3:9f:be:7f:44:7f:61:72:
01:be:f3:bb:2f:75:c9:04:7a:83:a4:6f:38:34:02:2d:d5:1e:
80:cf:f9:6a:a0:8a:71:57:72:a5:0f:fc:55:ea:96:cf:e3:44:
a9:d0:ac:d6:b2:ba:51:11:96:80:27:1d:72:ca:2c:c6:b0:83:
43:fa:bf:c6:90:3b:dd:18:a9:bd:ab:37:ef:57:77:35:b4:7e:
7c:d5:1a:ec:6e:6f:01:d0:b2:42:ef:8a:38:e8:f7:15:07:8d:
40:2d:02:7a:1b:fb:53:70:7f:2d:4b:01:09:40:57:24:23:8d:
3e:c5:b8:5c:74:0f:f3:4a:3b:66:fd:4d:bd:54:ea:f3:f8:db:
d0:39:4f:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/E3ju8BHZxZQZsxVK06c2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjQwNTI5MTUwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY1OTZhOGNmYTE2OTQzYjM0MDA2MGJmNGI0MWMwM2RjNmQzYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW7r+ztlgjKcG/DTCe/M1ZWivIc4
HDh4SHuaNvgiXfXnRX1rrT1Ufx2MXI0HuKjQrDFnSvKKPYWG444HCrPEM4JLVaeM
jSlpuI3iG8rB0gqAv7P3eLSsoyHHJklWmb31pVJtPHhW6AK6OdvGOtNX8xKE4Ion
gUEbh89aVSsOaf9kCgjFT5XUCdDGHb6oOq1da+p0FiuOrhg9sZRi7XZkH6/A8hxV
qZFPvMvGBH9HgbnVQ9tkpyJROULA9X+eVTVsrf2hkfma0i5G2HlFMinskZhne0B5
okQLjamdfOA//GEP0Oxar5PKKcAoNR6QFGkP7epD9ov1dP2s7Zr+gxGJxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNn1lqjPoWlDs0AGC/S0HAPcbTriMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvMmZXV3FNLWhhVU96UUFZTDlMUWNBOXh0T3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFl5GgMA0G
CSqGSIb3DQEBCwUAA4IBAQC1WZgFW4hH1Ek1kOvSIKkSb2Rcv/TMOohLvzEpR3vu
jGE4Lsy+tpX8OtnGSiVdFDsyBOeB53BaWSlQe7uZ/7KSF48iQiZdISgghBJmgEBF
SNoN4UFXc0PduwtvDqKTOXq+Y4ChfeFyd7e58APQPu/58GN4aLRH85++f0R/YXIB
vvO7L3XJBHqDpG84NAIt1R6Az/lqoIpxV3KlD/xV6pbP40Sp0KzWsrpREZaAJx1y
yizGsIND+r/GkDvdGKm9qzfvV3c1tH581Rrsbm8B0LJC74o46PcVB41ALQJ6G/tT
cH8tSwEJQFckI40+xbhcdA/zSjtm/U29VOrz+NvQOU/N
-----END CERTIFICATE-----
Generated at Tue Jul 30 19:32:45 2024 by rpki-client on console-fra.rpki-client.org