Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/IVHUNNiiJAXFi2dRpcj6-QybM0M.roa
File: IVHUNNiiJAXFi2dRpcj6-QybM0M.roa (raw, json)
Hash identifier: Tn5+4GUrL8dwh15lTTMhio1hBIpdVlRcSSI8RcpBy64=
Subject key identifier: 21:51:D4:34:D8:A2:24:05:C5:8B:67:51:A5:C8:FA:F9:0C:9B:33:43
Certificate issuer: /CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Certificate serial: 018CC2DB1C47DAAE2513394369272B400B64
Authority key identifier: 4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/IVHUNNiiJAXFi2dRpcj6-QybM0M.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201850
IP address blocks: 45.136.142.0/23 maxlen: 23
45.136.142.0/24 maxlen: 24
45.136.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 10:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1c:47:da:ae:25:13:39:43:69:27:2b:40:0b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a63dc6753a8cbd74b74452c1536f37d9c4dc70c
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2151d434d8a22405c58b6751a5c8faf90c9b3343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8f:8d:8d:b1:4a:2d:36:f1:af:6e:16:ca:91:
7c:ef:ef:b0:59:e0:db:bb:89:7e:46:e1:ee:e8:24:
3a:ec:d6:b7:f1:f8:78:41:ef:b1:1c:ed:6e:f0:25:
1c:de:51:e5:44:35:f0:6b:44:33:8b:b4:e0:d8:00:
ee:87:1e:fd:3b:0c:c2:cf:ea:86:ad:39:a4:ae:79:
98:c1:8e:55:63:a3:ab:9d:da:ff:02:99:52:f0:d5:
24:49:b2:92:9f:6c:28:e8:2c:cc:60:c9:33:1d:cb:
69:1d:a5:9f:3c:47:85:27:17:ae:8b:41:47:49:53:
05:8e:c1:4d:47:f5:af:51:cc:ba:47:21:57:ad:e9:
bc:41:35:96:a5:3e:b8:12:18:3d:af:17:7e:60:2e:
fa:be:5e:1b:c0:14:60:c9:42:37:a7:68:5a:49:65:
cf:02:a2:36:f3:82:c2:d4:02:1a:5b:0c:0f:2f:bb:
78:2f:7a:bf:d2:a1:c6:a5:b7:17:48:42:d6:29:bd:
2b:5b:c9:30:65:21:d8:89:1f:96:c7:ee:42:88:db:
16:4a:36:0e:33:c0:52:05:f8:49:51:99:15:44:3e:
47:79:a6:ef:5b:cc:6f:a9:ee:94:a0:04:51:ff:2f:
09:18:a7:8b:de:e5:f6:f8:1d:22:b8:74:50:5e:76:
70:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:51:D4:34:D8:A2:24:05:C5:8B:67:51:A5:C8:FA:F9:0C:9B:33:43
X509v3 Authority Key Identifier:
keyid:4A:63:DC:67:53:A8:CB:D7:4B:74:45:2C:15:36:F3:7D:9C:4D:C7:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/IVHUNNiiJAXFi2dRpcj6-QybM0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/4f0335-e860-4619-9380-e341b0f915d3/1/SmPcZ1Ooy9dLdEUsFTbzfZxNxww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.142.0/23
Signature Algorithm: sha256WithRSAEncryption
62:f5:b0:85:af:79:0d:94:49:49:5c:7a:ec:0f:14:d4:f8:33:
1a:dc:f3:a2:f8:6f:b4:6b:33:a5:27:53:48:1c:5b:ad:72:9e:
4c:28:1a:3d:9d:ad:5f:48:c3:eb:2c:62:c4:be:18:69:27:00:
90:e2:be:38:14:f5:15:53:0f:98:5a:c5:c6:e2:f2:30:d6:23:
ea:0c:20:f1:19:a0:6c:79:f0:15:fb:e0:30:ae:00:be:7b:a5:
67:7c:85:2c:3b:c0:ef:dc:34:6e:99:90:01:44:38:b6:b0:d7:
c5:7d:b9:c4:a3:91:d6:f4:11:b0:21:b0:47:8f:21:b6:f6:84:
84:4f:5b:dc:62:3e:6f:16:26:0f:6d:a3:36:ac:d5:df:83:58:
8d:4b:86:2d:92:56:ac:8a:5f:5e:d8:62:bf:83:33:61:a9:8d:
6a:34:9b:da:2a:29:15:55:8f:b4:80:f5:c2:b1:49:27:a0:5e:
c8:48:42:07:e4:99:6a:8e:c3:16:ad:41:1c:ed:7e:0f:e3:b7:
36:92:87:52:0c:5b:e6:a0:7d:aa:78:3b:ce:41:54:82:d4:fa:
f4:d5:7b:a9:f3:66:98:c7:98:f7:f3:f7:54:ac:ce:51:8d:1f:
9f:99:4b:d9:ca:12:f7:da:a8:89:e2:18:6d:77:d7:0c:dd:93:
79:1e:9c:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2xxH2q4lEzlDaScrQAtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjNkYzY3NTNhOGNiZDc0Yjc0NDUyYzE1MzZmMzdkOWM0
ZGM3MGMwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUxZDQzNGQ4YTIyNDA1YzU4YjY3NTFhNWM4ZmFmOTBjOWIzMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4+NjbFKLTbxr24WypF87++wWeDb
u4l+RuHu6CQ67Na38fh4Qe+xHO1u8CUc3lHlRDXwa0Qzi7Tg2ADuhx79OwzCz+qG
rTmkrnmYwY5VY6Orndr/AplS8NUkSbKSn2wo6CzMYMkzHctpHaWfPEeFJxeui0FH
SVMFjsFNR/WvUcy6RyFXrem8QTWWpT64Ehg9rxd+YC76vl4bwBRgyUI3p2haSWXP
AqI284LC1AIaWwwPL7t4L3q/0qHGpbcXSELWKb0rW8kwZSHYiR+Wx+5CiNsWSjYO
M8BSBfhJUZkVRD5HeabvW8xvqe6UoARR/y8JGKeL3uX2+B0iuHRQXnZwMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFR1DTYoiQFxYtnUaXI+vkMmzNDMB8GA1UdIwQY
MBaAFEpj3GdTqMvXS3RFLBU2832cTccMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAt
ZTM0MWIwZjkxNWQzLzEvSVZIVU5OaWlKQVhGaTJkUnBjajYtUXliTTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80ZjAzMzUtZTg2MC00NjE5LTkzODAtZTM0MWIwZjkxNWQz
LzEvU21QY1oxT295OWRMZEVVc0ZUYnpmWnhOeHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYiOMA0G
CSqGSIb3DQEBCwUAA4IBAQBi9bCFr3kNlElJXHrsDxTU+DMa3POi+G+0azOlJ1NI
HFutcp5MKBo9na1fSMPrLGLEvhhpJwCQ4r44FPUVUw+YWsXG4vIw1iPqDCDxGaBs
efAV++AwrgC+e6VnfIUsO8Dv3DRumZABRDi2sNfFfbnEo5HW9BGwIbBHjyG29oSE
T1vcYj5vFiYPbaM2rNXfg1iNS4Ytklasil9e2GK/gzNhqY1qNJvaKikVVY+0gPXC
sUknoF7ISEIH5JlqjsMWrUEc7X4P47c2kodSDFvmoH2qeDvOQVSC1Pr01Xup82aY
x5j38/dUrM5RjR+fmUvZyhL32qiJ4hhtd9cM3ZN5Hpx+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:25 2024 by rpki-client on console-ams.rpki-client.org