Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/bo96SfDwcWVPyx0_rO9J4rTRixg.roa
File: bo96SfDwcWVPyx0_rO9J4rTRixg.roa (raw, json)
Hash identifier: qisvXcehsxb2nPmrby0E5PyuqZ1bsNhHPPK5y6spDPg=
Subject key identifier: 6E:8F:7A:49:F0:F0:71:65:4F:CB:1D:3F:AC:EF:49:E2:B4:D1:8B:18
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018D53EE417CE6E187EE8E1B31A98B58C2BD
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/bo96SfDwcWVPyx0_rO9J4rTRixg.roa
Signing time: Mon 29 Jan 2024 06:35:39 +0000
ROA not before: Mon 29 Jan 2024 06:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.145.153.0/24 maxlen: 24
45.145.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 13:15:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:ee:41:7c:e6:e1:87:ee:8e:1b:31:a9:8b:58:c2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Jan 29 06:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e8f7a49f0f071654fcb1d3facef49e2b4d18b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:32:a9:31:70:4f:21:cd:5f:50:8c:f2:4c:03:
29:f8:6a:27:e9:8e:09:a3:45:6e:e0:89:42:cb:3b:
4e:b7:10:b9:25:6b:68:7a:d6:1a:73:35:86:3a:1d:
37:29:12:34:03:54:3e:da:ad:48:54:75:49:89:32:
e4:c3:c0:4d:5e:97:93:7a:ad:73:6c:99:67:4d:c1:
4b:8f:fc:a4:1c:36:ac:87:b1:5e:ac:26:98:9d:12:
5b:aa:3c:02:c3:69:cf:97:a6:f4:c2:f6:db:84:f5:
f4:fb:32:c3:7b:18:9b:fe:53:38:7a:25:56:0f:58:
c7:8d:c8:5b:3a:bc:47:58:dd:ee:8d:39:92:08:df:
b3:65:53:85:90:3e:03:b9:60:4e:29:7c:7c:dc:62:
8b:b6:a2:6b:bc:29:79:56:da:ea:1b:3b:9b:8c:84:
96:44:be:48:d3:55:d6:da:9f:da:b3:13:8f:cb:47:
d1:35:4c:da:1a:c7:d1:d4:db:41:87:e7:52:46:49:
85:9f:e0:f6:b2:03:31:5b:73:c0:3b:46:ef:2f:c6:
9f:4f:dc:2e:1e:21:93:2d:0f:5d:2f:ff:f1:46:bc:
50:8f:b7:0e:b5:b6:fa:3f:c8:17:cf:41:82:70:5a:
ad:18:13:3f:28:1c:02:3d:72:a1:40:b3:dc:b1:41:
a1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8F:7A:49:F0:F0:71:65:4F:CB:1D:3F:AC:EF:49:E2:B4:D1:8B:18
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/bo96SfDwcWVPyx0_rO9J4rTRixg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.153.0-45.145.155.255
Signature Algorithm: sha256WithRSAEncryption
07:d4:76:e7:5c:a2:b5:84:11:65:4c:0a:5f:e1:65:0b:6f:0c:
fa:e7:9c:c6:6a:33:ad:0d:66:84:52:d4:39:97:06:65:42:bf:
71:b0:d6:3a:fe:8d:48:65:10:94:d0:5a:23:4f:35:1d:f9:22:
06:78:51:4d:10:dc:38:ab:af:85:2a:ab:26:40:a0:b0:3c:9f:
4f:49:6c:94:20:e9:c7:3b:54:a9:a2:7f:87:bc:27:38:7a:09:
8d:7e:1c:3d:69:22:a1:33:6b:b3:43:e1:93:2b:0e:e7:fd:fc:
a8:c9:0f:3b:53:61:c7:d7:f6:ec:37:3e:43:61:ad:59:60:77:
7f:c2:00:29:17:1a:ce:7a:1f:72:c7:40:8f:e0:c1:b4:6e:9c:
ed:f2:b3:97:d3:a3:85:b0:87:c7:b8:50:5b:1f:5f:8f:27:22:
54:7e:d5:97:3c:5f:e6:45:08:1f:de:74:7c:e1:d3:fc:85:04:
39:21:08:bd:31:9e:a1:a8:3d:58:35:0a:50:93:07:d8:b0:95:
e3:4a:0d:f2:14:74:24:9b:25:e8:fd:64:e4:67:21:a8:f5:23:
20:9f:df:d1:d5:2c:77:02:90:07:2b:67:f5:36:80:a8:0c:6d:
d5:0f:3f:fc:da:f8:07:ac:e6:b9:7a:8f:0b:2f:fb:69:1d:fa:
77:34:34:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY1T7kF85uGH7o4bMamLWMK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQwMTI5MDYzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThmN2E0OWYwZjA3MTY1NGZjYjFkM2ZhY2VmNDllMmI0ZDE4YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jKpMXBPIc1fUIzyTAMp+Gon6Y4J
o0Vu4IlCyztOtxC5JWtoetYaczWGOh03KRI0A1Q+2q1IVHVJiTLkw8BNXpeTeq1z
bJlnTcFLj/ykHDash7FerCaYnRJbqjwCw2nPl6b0wvbbhPX0+zLDexib/lM4eiVW
D1jHjchbOrxHWN3ujTmSCN+zZVOFkD4DuWBOKXx83GKLtqJrvCl5VtrqGzubjISW
RL5I01XW2p/asxOPy0fRNUzaGsfR1NtBh+dSRkmFn+D2sgMxW3PAO0bvL8afT9wu
HiGTLQ9dL//xRrxQj7cOtbb6P8gXz0GCcFqtGBM/KBwCPXKhQLPcsUGhWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFG6Peknw8HFlT8sdP6zvSeK00YsYMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvYm85NlNmRHdjV1ZQeXgwX3JPOUo0clRSaXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtkZkD
BAItkZgwDQYJKoZIhvcNAQELBQADggEBAAfUdudcorWEEWVMCl/hZQtvDPrnnMZq
M60NZoRS1DmXBmVCv3Gw1jr+jUhlEJTQWiNPNR35IgZ4UU0Q3Dirr4UqqyZAoLA8
n09JbJQg6cc7VKmif4e8Jzh6CY1+HD1pIqEza7ND4ZMrDuf9/KjJDztTYcfX9uw3
PkNhrVlgd3/CACkXGs56H3LHQI/gwbRunO3ys5fTo4Wwh8e4UFsfX48nIlR+1Zc8
X+ZFCB/edHzh0/yFBDkhCL0xnqGoPVg1ClCTB9iwleNKDfIUdCSbJej9ZORnIaj1
IyCf39HVLHcCkAcrZ/U2gKgMbdUPP/za+Aes5rl6jwsv+2kd+nc0NGs=
-----END CERTIFICATE-----
Generated at Tue Jan 30 17:11:05 2024 by rpki-client on console-ams.rpki-client.org