Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/bI0ooL_0-HxPw_H9_SrRxH4tfkU.roa
File: bI0ooL_0-HxPw_H9_SrRxH4tfkU.roa (raw, json)
Hash identifier: vAdAKM8SGZhr5rVuUTc77geO9MuERJstNnnilCUhfaI=
Subject key identifier: 6C:8D:28:A0:BF:F4:F8:7C:4F:C3:F1:FD:FD:2A:D1:C4:7E:2D:7E:45
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018E1ACC4F6C44EB5ED54E6F3DA2D62E638A
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/bI0ooL_0-HxPw_H9_SrRxH4tfkU.roa
Signing time: Thu 07 Mar 2024 21:23:01 +0000
ROA not before: Thu 07 Mar 2024 21:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206296
IP address blocks: 45.65.104.0/21 maxlen: 21
80.240.184.0/22 maxlen: 22
185.189.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 14:04:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:cc:4f:6c:44:eb:5e:d5:4e:6f:3d:a2:d6:2e:63:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Mar 7 21:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c8d28a0bff4f87c4fc3f1fdfd2ad1c47e2d7e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:bf:66:fa:c0:6e:ba:51:79:a9:45:89:27:
06:47:b9:6d:87:6e:49:d8:f8:68:2a:67:1e:67:fd:
5c:56:d1:24:b9:7f:8b:91:44:a9:fb:76:19:0d:53:
7e:f5:60:a1:82:3d:31:f2:42:05:09:41:54:5c:1e:
51:2d:30:3b:bd:4b:e3:53:39:83:a9:e6:bf:5b:ca:
fe:75:d7:3c:e3:a4:1c:f7:82:90:3b:a2:35:2e:57:
cd:04:92:cb:42:e3:f7:d5:0d:c6:8b:29:e3:44:d3:
3a:ed:d4:51:bd:54:1b:e2:db:ae:b4:2e:a2:f0:a0:
78:72:7e:3e:7a:93:fc:34:2e:67:23:4f:05:3f:5d:
07:89:4e:cd:67:3a:32:84:1d:96:4e:91:f5:67:6f:
31:76:26:41:56:69:e4:29:fc:aa:00:2b:c6:d6:d3:
0a:c8:d8:ba:a8:97:b3:51:72:5d:ee:16:2d:32:7b:
34:61:a8:b5:99:2b:de:75:21:61:2c:b6:4b:06:2e:
d3:17:3f:a0:9d:1e:bb:de:6e:59:c1:2a:30:6e:e9:
82:dc:42:e0:5d:75:1f:86:1f:26:2f:b2:66:2b:8c:
d6:ed:43:37:a4:5d:26:55:5a:bb:ad:a4:a2:a9:c1:
f2:88:5e:81:92:86:ea:90:8c:e9:64:2a:38:bd:9c:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:8D:28:A0:BF:F4:F8:7C:4F:C3:F1:FD:FD:2A:D1:C4:7E:2D:7E:45
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/bI0ooL_0-HxPw_H9_SrRxH4tfkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.104.0/21
80.240.184.0/22
185.189.20.0/22
Signature Algorithm: sha256WithRSAEncryption
25:25:89:3c:47:45:a9:af:90:c4:08:46:78:17:6a:2d:bc:bc:
af:8f:2f:56:e5:f9:ce:5d:5d:1d:28:8c:5a:20:47:30:27:fc:
f7:25:8b:5f:58:ea:a8:04:15:80:c5:f0:46:bc:f2:c0:2b:33:
7a:31:25:80:2e:f3:94:d3:64:2f:8c:18:38:e0:21:35:10:5a:
2e:00:99:5f:5e:43:43:2c:dd:27:e6:a0:fe:64:2c:88:36:55:
2c:78:8f:35:64:47:93:8b:27:72:d6:f5:e8:2b:6e:5f:19:d0:
55:86:79:a4:77:5a:68:4d:1d:c4:dc:31:23:b0:14:bf:64:51:
21:9c:0b:fd:e8:7f:6d:e6:23:45:94:b8:bb:1d:4f:e4:94:bb:
aa:41:44:30:33:99:6a:80:d3:c6:25:4d:76:47:13:92:3d:5c:
52:d3:81:f5:cb:ba:60:50:fe:44:3b:ee:fb:fd:83:45:76:ff:
a4:a7:9a:7a:da:36:37:8c:79:0a:33:4f:61:4b:65:5e:29:d6:
3b:50:b1:68:15:a3:55:a0:f1:db:58:f3:12:bb:5d:2e:b5:52:
eb:0f:f9:10:d0:03:5c:a5:a4:19:c5:d4:78:6c:17:e5:21:44:
33:34:7d:9e:0e:26:39:48:eb:56:c9:48:d5:c6:df:fb:57:a3:
7c:5a:8f:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4azE9sROte1U5vPaLWLmOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMzA3MjEyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzhkMjhhMGJmZjRmODdjNGZjM2YxZmRmZDJhZDFjNDdlMmQ3ZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolS/ZvrAbrpRealFiScGR7lth25J
2PhoKmceZ/1cVtEkuX+LkUSp+3YZDVN+9WChgj0x8kIFCUFUXB5RLTA7vUvjUzmD
qea/W8r+ddc846Qc94KQO6I1LlfNBJLLQuP31Q3GiynjRNM67dRRvVQb4tuutC6i
8KB4cn4+epP8NC5nI08FP10HiU7NZzoyhB2WTpH1Z28xdiZBVmnkKfyqACvG1tMK
yNi6qJezUXJd7hYtMns0Yai1mSvedSFhLLZLBi7TFz+gnR673m5ZwSowbumC3ELg
XXUfhh8mL7JmK4zW7UM3pF0mVVq7raSiqcHyiF6BkobqkIzpZCo4vZyq3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyNKKC/9Ph8T8Px/f0q0cR+LX5FMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvYkkwb29MXzAtSHhQd19IOV9TclJ4SDR0ZmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLUFoAwQC
UPC4AwQCub0UMA0GCSqGSIb3DQEBCwUAA4IBAQAlJYk8R0Wpr5DECEZ4F2otvLyv
jy9W5fnOXV0dKIxaIEcwJ/z3JYtfWOqoBBWAxfBGvPLAKzN6MSWALvOU02QvjBg4
4CE1EFouAJlfXkNDLN0n5qD+ZCyINlUseI81ZEeTiydy1vXoK25fGdBVhnmkd1po
TR3E3DEjsBS/ZFEhnAv96H9t5iNFlLi7HU/klLuqQUQwM5lqgNPGJU12RxOSPVxS
04H1y7pgUP5EO+77/YNFdv+kp5p62jY3jHkKM09hS2VeKdY7ULFoFaNVoPHbWPMS
u10utVLrD/kQ0ANcpaQZxdR4bBflIUQzNH2eDiY5SOtWyUjVxt/7V6N8Wo+/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:13 2024 by rpki-client on console-ams.rpki-client.org