Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/rwTpSY3EEiAk1TO2d_oPeXSAEhw.roa
File: rwTpSY3EEiAk1TO2d_oPeXSAEhw.roa (raw, json)
Hash identifier: MXeROAMsIDczyOReTpw3mA3Myo2gBAU+rxCsa36qvt4=
Subject key identifier: AF:04:E9:49:8D:C4:12:20:24:D5:33:B6:77:FA:0F:79:74:80:12:1C
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 019300FDED7E2FCF658416C7A8AD94DF56CE
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/rwTpSY3EEiAk1TO2d_oPeXSAEhw.roa
Signing time: Wed 06 Nov 2024 10:21:01 +0000
ROA not before: Wed 06 Nov 2024 10:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.145.153.0/24 maxlen: 24
45.145.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 06:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:fd:ed:7e:2f:cf:65:84:16:c7:a8:ad:94:df:56:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Nov 6 10:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af04e9498dc4122024d533b677fa0f797480121c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:80:08:5e:00:9f:cc:5e:8e:30:35:5b:56:b9:
5c:c0:c0:56:d8:bc:00:d6:2b:66:ca:26:af:f9:71:
16:d1:19:22:28:be:6b:6c:bd:e0:b4:77:aa:08:47:
24:9f:ce:42:44:2c:10:a1:bb:75:c5:42:56:d1:73:
9c:82:d9:e0:75:fd:cb:26:8d:ce:72:8b:e1:68:11:
fa:35:88:2a:78:0d:e8:9a:e2:c4:d1:67:18:e9:9c:
43:bc:4d:3d:16:5b:71:24:ec:bc:07:a9:ea:73:de:
4c:d1:11:c0:78:c2:5c:2d:49:89:c1:f9:61:d6:b1:
02:73:f0:97:cc:0d:d8:e4:83:17:81:f7:a8:3b:40:
d9:4f:9d:23:fa:e5:49:10:75:95:82:7d:bd:64:f8:
3f:7b:80:e6:ad:47:0e:6f:a3:f2:09:e8:31:f6:8c:
d6:fc:77:53:63:8f:25:11:83:c7:e2:db:78:55:da:
8e:2e:9b:df:b7:e6:ff:9a:a5:87:db:65:d0:77:ae:
75:1a:df:2a:e1:06:c7:82:8e:bc:8f:fc:5d:70:52:
d3:f1:6f:3b:b2:34:25:85:de:62:f9:3d:85:09:4f:
76:f1:5b:a6:58:ba:54:88:46:2a:48:4f:9a:44:cb:
88:4d:5c:77:9b:ec:a9:54:c8:7d:e1:06:b3:1b:a8:
8f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:04:E9:49:8D:C4:12:20:24:D5:33:B6:77:FA:0F:79:74:80:12:1C
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/rwTpSY3EEiAk1TO2d_oPeXSAEhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.153.0-45.145.155.255
Signature Algorithm: sha256WithRSAEncryption
13:40:c8:16:5f:e9:41:fd:ac:10:66:0f:fb:73:b3:63:ee:2d:
e9:fd:c9:ec:63:7e:94:24:db:61:fc:97:a0:d0:9a:a4:b0:2f:
5b:c3:bb:5a:bf:82:a6:2b:f9:b7:e2:33:48:82:c2:ef:bb:3a:
6c:11:02:6d:a0:57:fb:c2:00:8b:57:5e:c4:06:ba:87:66:3c:
7a:37:63:c6:fd:ca:85:39:43:de:aa:19:df:37:c7:4c:c4:e1:
4d:fa:64:fd:bc:bb:c8:c3:1d:90:da:d8:9b:d8:e9:a7:dd:77:
43:9c:d3:9a:e2:18:2a:b0:9f:b6:91:87:2e:32:8d:a3:58:9b:
5c:6d:26:89:f6:44:42:f7:12:2d:9a:ab:62:56:ea:cc:7c:61:
8a:7c:db:5e:4b:03:7d:e2:b6:14:8b:79:be:ba:f0:d6:8d:1d:
55:ed:08:06:c5:70:37:2c:d4:6d:96:43:ca:70:35:6b:27:b9:
e2:20:2e:15:e6:cd:ae:34:d2:dc:f6:5b:f2:5b:eb:a7:bb:dc:
13:65:e0:b8:e5:75:0f:29:de:ff:cc:36:ec:53:af:20:ea:af:
a9:aa:4e:5e:e4:a7:ba:86:31:5d:67:3c:10:2d:76:8a:1c:0b:
14:21:c9:42:2a:2f:58:d8:2e:de:be:44:ba:91:6f:2a:05:40:
b0:24:21:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZMA/e1+L89lhBbHqK2U31bOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjQxMTA2MTAyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA0ZTk0OThkYzQxMjIwMjRkNTMzYjY3N2ZhMGY3OTc0ODAxMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YAIXgCfzF6OMDVbVrlcwMBW2LwA
1itmyiav+XEW0RkiKL5rbL3gtHeqCEckn85CRCwQobt1xUJW0XOcgtngdf3LJo3O
covhaBH6NYgqeA3omuLE0WcY6ZxDvE09FltxJOy8B6nqc95M0RHAeMJcLUmJwflh
1rECc/CXzA3Y5IMXgfeoO0DZT50j+uVJEHWVgn29ZPg/e4DmrUcOb6PyCegx9ozW
/HdTY48lEYPH4tt4VdqOLpvft+b/mqWH22XQd651Gt8q4QbHgo68j/xdcFLT8W87
sjQlhd5i+T2FCU928VumWLpUiEYqSE+aRMuITVx3m+ypVMh94QazG6iPTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK8E6UmNxBIgJNUztnf6D3l0gBIcMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvcndUcFNZM0VFaUFrMVRPMmRfb1BlWFNBRWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtkZkD
BAItkZgwDQYJKoZIhvcNAQELBQADggEBABNAyBZf6UH9rBBmD/tzs2PuLen9yexj
fpQk22H8l6DQmqSwL1vDu1q/gqYr+bfiM0iCwu+7OmwRAm2gV/vCAItXXsQGuodm
PHo3Y8b9yoU5Q96qGd83x0zE4U36ZP28u8jDHZDa2JvY6afdd0Oc05riGCqwn7aR
hy4yjaNYm1xtJon2REL3Ei2aq2JW6sx8YYp8215LA33ithSLeb668NaNHVXtCAbF
cDcs1G2WQ8pwNWsnueIgLhXmza400tz2W/Jb66e73BNl4LjldQ8p3v/MNuxTryDq
r6mqTl7kp7qGMV1nPBAtdoocCxQhyUIqL1jYLt6+RLqRbyoFQLAkIZU=
-----END CERTIFICATE-----
Generated at Thu Nov 7 08:46:55 2024 by rpki-client on console-ams.rpki-client.org