Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/D6tOGMGX3Jup6hnCrwVLx8YCDKQ.roa
File: D6tOGMGX3Jup6hnCrwVLx8YCDKQ.roa (raw, json)
Hash identifier: WrVSvaa3BZxAmMU9MGYVC/O2r2c+kgcMH8WC9Mqc4pU=
Subject key identifier: 0F:AB:4E:18:C1:97:DC:9B:A9:EA:19:C2:AF:05:4B:C7:C6:02:0C:A4
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018CC7947C9DE378F765EDB77BB815B8CFA4
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/D6tOGMGX3Jup6hnCrwVLx8YCDKQ.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 45.145.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 06:35:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7c:9d:e3:78:f7:65:ed:b7:7b:b8:15:b8:cf:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fab4e18c197dc9ba9ea19c2af054bc7c6020ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0b:f1:e5:d4:e4:56:a1:6e:ab:29:ad:c8:62:
87:2f:c7:d6:b8:75:c3:19:f7:80:51:f2:c2:af:8a:
4a:3f:04:fa:66:2b:53:af:5f:2a:42:7d:f9:ac:c7:
23:31:bc:ff:17:ed:e9:45:c7:63:a0:03:d8:44:04:
c2:db:df:6f:29:52:c5:b4:5b:c5:24:e7:a4:96:8f:
9c:13:40:1f:e1:3e:c9:e5:92:02:1b:6f:14:97:e6:
c0:d1:87:6f:17:81:36:a4:83:4e:27:c3:6f:9f:36:
52:14:6f:57:07:ee:4a:53:78:a6:02:3d:15:67:c4:
0f:15:9f:ac:f4:63:fc:35:4d:86:88:da:09:9d:2b:
36:a7:73:c7:84:83:20:d7:6d:dd:3f:90:6f:c3:bc:
bd:81:df:f5:b8:95:9d:d1:98:bf:b8:b7:29:52:15:
a2:94:4c:ec:a5:d4:3e:02:51:b6:3f:99:59:32:d9:
e5:ab:df:65:56:22:f3:fd:77:ef:da:06:20:a8:0a:
88:24:13:9d:d6:ca:f8:2b:23:94:27:5f:eb:80:06:
41:a3:bd:6d:23:09:ca:f4:09:0e:b6:f1:84:81:f1:
2b:e2:44:a0:6c:08:09:e7:86:ee:98:ec:cd:c4:25:
a0:e3:c4:42:b2:9f:c0:df:96:8e:5b:a7:55:ee:a4:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AB:4E:18:C1:97:DC:9B:A9:EA:19:C2:AF:05:4B:C7:C6:02:0C:A4
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/D6tOGMGX3Jup6hnCrwVLx8YCDKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.153.0/24
Signature Algorithm: sha256WithRSAEncryption
36:ed:83:39:11:f1:52:6e:51:42:f6:eb:c6:0b:c5:7f:a4:05:
da:9f:1b:fe:10:3f:0f:82:b2:6f:e8:d7:8f:1c:ae:f2:9a:8d:
7d:48:fa:92:08:45:90:f1:7b:bc:56:4e:03:f1:da:7e:a5:14:
95:91:2d:79:c3:f7:52:25:de:d7:22:63:0b:99:ea:c0:0e:d6:
48:a3:15:e2:a3:c5:c2:b4:b2:81:23:46:e0:ed:c6:71:52:b8:
e9:94:5a:0c:73:63:b9:ec:b3:f8:db:3d:86:c4:59:66:7a:b1:
df:55:64:5b:98:d4:db:c8:ed:77:94:a0:1a:2d:91:81:82:6e:
43:08:ec:8e:fd:9d:d4:c9:65:3c:e6:c8:49:a7:2a:a4:27:eb:
40:89:4e:e7:2f:2f:2d:cb:d2:31:29:84:b5:41:7a:7c:2f:da:
2c:b1:80:72:e6:94:38:33:e9:2f:ba:6e:6f:a1:ed:dd:af:f8:
99:47:71:1b:ef:32:84:1c:71:0f:8d:56:58:df:e1:70:30:a7:
76:87:6a:51:85:61:4c:6b:ae:d7:13:58:8c:3c:15:93:68:20:
47:23:83:de:b1:f3:ba:4e:ea:35:e4:7d:88:96:46:73:6e:15:
94:e2:33:06:e0:5a:4c:24:d6:f1:a9:de:85:2f:3b:50:da:4d:
33:87:31:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlHyd43j3Ze23e7gVuM+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFiNGUxOGMxOTdkYzliYTllYTE5YzJhZjA1NGJjN2M2MDIwY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAvx5dTkVqFuqymtyGKHL8fWuHXD
GfeAUfLCr4pKPwT6ZitTr18qQn35rMcjMbz/F+3pRcdjoAPYRATC299vKVLFtFvF
JOeklo+cE0Af4T7J5ZICG28Ul+bA0YdvF4E2pINOJ8NvnzZSFG9XB+5KU3imAj0V
Z8QPFZ+s9GP8NU2GiNoJnSs2p3PHhIMg123dP5Bvw7y9gd/1uJWd0Zi/uLcpUhWi
lEzspdQ+AlG2P5lZMtnlq99lViLz/Xfv2gYgqAqIJBOd1sr4KyOUJ1/rgAZBo71t
IwnK9AkOtvGEgfEr4kSgbAgJ54bumOzNxCWg48RCsp/A35aOW6dV7qR5AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+rThjBl9ybqeoZwq8FS8fGAgykMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvRDZ0T0dNR1gzSnVwNmhuQ3J3Vkx4OFlDREtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGZMA0G
CSqGSIb3DQEBCwUAA4IBAQA27YM5EfFSblFC9uvGC8V/pAXanxv+ED8PgrJv6NeP
HK7ymo19SPqSCEWQ8Xu8Vk4D8dp+pRSVkS15w/dSJd7XImMLmerADtZIoxXio8XC
tLKBI0bg7cZxUrjplFoMc2O57LP42z2GxFlmerHfVWRbmNTbyO13lKAaLZGBgm5D
COyO/Z3UyWU85shJpyqkJ+tAiU7nLy8ty9IxKYS1QXp8L9ossYBy5pQ4M+kvum5v
oe3dr/iZR3Eb7zKEHHEPjVZY3+FwMKd2h2pRhWFMa67XE1iMPBWTaCBHI4PesfO6
Tuo15H2IlkZzbhWU4jMG4FpMJNbxqd6FLztQ2k0zhzGk
-----END CERTIFICATE-----
Generated at Mon Jan 29 11:11:27 2024 by rpki-client on console-ams.rpki-client.org