Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/nhtvlL6KSCop4e1yA8GTcUPvQW0.roa
File: nhtvlL6KSCop4e1yA8GTcUPvQW0.roa (raw, json)
Hash identifier: M1rcaskxvKDootEznAbWGgy1quSZfNe+oZfVKDNkVMk=
Subject key identifier: 9E:1B:6F:94:BE:8A:48:2A:29:E1:ED:72:03:C1:93:71:43:EF:41:6D
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 01889E9E942E8CFC03A74A0057FA172DA739
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/nhtvlL6KSCop4e1yA8GTcUPvQW0.roa
Signing time: Fri 09 Jun 2023 05:26:12 +0000
ROA not before: Fri 09 Jun 2023 05:26:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 45.152.32.0/24 maxlen: 24
45.152.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 07:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:9e:94:2e:8c:fc:03:a7:4a:00:57:fa:17:2d:a7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jun 9 05:26:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e1b6f94be8a482a29e1ed7203c1937143ef416d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:aa:db:61:70:54:c1:7c:d9:e2:17:a4:4c:6f:
54:5e:cb:f2:6e:57:58:d1:2b:50:53:22:a6:50:ba:
d7:8c:d8:fc:05:a4:7c:ba:0e:69:ef:12:51:3c:56:
8f:77:6f:a9:02:d9:29:13:07:5c:e4:8b:35:d2:5f:
9c:89:ce:6e:69:48:45:22:dc:4c:5c:46:ac:8e:9b:
98:4e:46:89:1c:ac:9b:f2:1e:0c:4e:69:64:1c:e2:
3b:2f:49:0c:76:86:8a:e6:ec:ea:2c:07:23:db:e0:
bb:a7:7f:b0:08:c4:35:3e:2b:b9:65:bb:3a:3a:c0:
88:41:ec:d6:7b:80:84:d1:ad:fd:23:b4:ad:20:a0:
d9:05:68:bb:48:c1:4c:5c:36:03:65:f9:b0:e2:64:
58:94:29:f6:da:c4:81:7c:32:74:f3:e1:bb:8c:72:
48:ff:c4:cd:30:ba:84:21:24:4f:0e:2a:94:ea:2b:
c5:be:9a:b5:bb:cb:f1:41:ba:cc:a8:79:d3:bb:af:
cb:ce:02:02:47:0c:5f:48:b7:a4:99:d5:86:4f:50:
9e:3f:31:fa:90:a6:f7:6a:05:cc:e2:15:eb:3c:35:
43:9d:80:42:c2:9c:08:89:7c:f1:1f:a9:42:6f:c2:
e3:58:75:93:3e:f2:74:c3:c3:1e:5c:6f:47:f0:9b:
5d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1B:6F:94:BE:8A:48:2A:29:E1:ED:72:03:C1:93:71:43:EF:41:6D
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/nhtvlL6KSCop4e1yA8GTcUPvQW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.32.0/23
Signature Algorithm: sha256WithRSAEncryption
82:68:ef:22:5d:60:51:c3:01:5e:4b:db:10:aa:3e:ba:88:1e:
bd:d8:d2:32:ae:51:7d:13:0d:1b:3d:7a:bc:77:9a:f7:95:43:
3b:33:05:98:ec:d7:cd:0c:82:90:84:87:cc:9a:7b:17:71:21:
ce:a1:01:4b:09:46:9b:c9:3c:c9:c9:86:b0:17:41:d4:8a:2c:
d2:9d:3a:26:46:38:40:1b:f1:5c:87:37:19:a6:27:8b:d1:eb:
98:e5:8f:01:df:e5:3a:92:c5:44:a8:3e:02:c5:d8:82:87:33:
96:a9:fa:b5:5c:d1:88:14:18:12:95:6d:57:81:40:49:79:a5:
8e:56:cc:c4:fb:e5:37:0b:59:c9:9f:42:da:88:6d:fe:0d:b6:
e1:dc:91:f2:cf:26:b7:2f:18:7e:25:06:30:24:3f:2e:5c:2b:
6d:c5:e0:04:73:06:cd:84:7b:0b:e4:a0:d4:65:52:e9:a2:41:
3f:06:d1:28:8d:31:6c:31:a2:3e:07:c9:fd:1e:ef:97:6c:45:
13:b6:63:cd:1b:9a:f0:d7:b1:50:41:91:11:22:d9:1e:0b:bc:
d2:6b:5b:23:50:47:fe:6b:8d:08:2a:50:f6:01:bf:78:17:b4:
f9:f9:86:96:28:a9:20:cf:06:82:32:1d:10:dc:6b:d3:4f:79:
01:18:c6:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYienpQujPwDp0oAV/oXLac5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwNjA5MDUyNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFiNmY5NGJlOGE0ODJhMjllMWVkNzIwM2MxOTM3MTQzZWY0MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKrbYXBUwXzZ4hekTG9UXsvybldY
0StQUyKmULrXjNj8BaR8ug5p7xJRPFaPd2+pAtkpEwdc5Is10l+cic5uaUhFItxM
XEasjpuYTkaJHKyb8h4MTmlkHOI7L0kMdoaK5uzqLAcj2+C7p3+wCMQ1Piu5Zbs6
OsCIQezWe4CE0a39I7StIKDZBWi7SMFMXDYDZfmw4mRYlCn22sSBfDJ08+G7jHJI
/8TNMLqEISRPDiqU6ivFvpq1u8vxQbrMqHnTu6/LzgICRwxfSLekmdWGT1CePzH6
kKb3agXM4hXrPDVDnYBCwpwIiXzxH6lCb8LjWHWTPvJ0w8MeXG9H8JtdLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4bb5S+ikgqKeHtcgPBk3FD70FtMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvbmh0dmxMNktTQ29wNGUxeUE4R1RjVVB2UVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZggMA0G
CSqGSIb3DQEBCwUAA4IBAQCCaO8iXWBRwwFeS9sQqj66iB692NIyrlF9Ew0bPXq8
d5r3lUM7MwWY7NfNDIKQhIfMmnsXcSHOoQFLCUabyTzJyYawF0HUiizSnTomRjhA
G/FchzcZpieL0euY5Y8B3+U6ksVEqD4CxdiChzOWqfq1XNGIFBgSlW1XgUBJeaWO
VszE++U3C1nJn0LaiG3+Dbbh3JHyzya3Lxh+JQYwJD8uXCttxeAEcwbNhHsL5KDU
ZVLpokE/BtEojTFsMaI+B8n9Hu+XbEUTtmPNG5rw17FQQZERItkeC7zSa1sjUEf+
a40IKlD2Ab94F7T5+YaWKKkgzwaCMh0Q3GvTT3kBGMYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org