Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/DTGH4KHBU2bbb7f6poTat5duOjM.roa
File: DTGH4KHBU2bbb7f6poTat5duOjM.roa (raw, json)
Hash identifier: Z/zDb+asVXIU7cJES/Gxy+hc19hDRssxzHBcUGQLygA=
Subject key identifier: 0D:31:87:E0:A1:C1:53:66:DB:6F:B7:FA:A6:84:DA:B7:97:6E:3A:33
Certificate issuer: /CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Certificate serial: 01856FD532D1A855CEF2EEC4EC4CB746F5DF
Authority key identifier: BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/DTGH4KHBU2bbb7f6poTat5duOjM.roa
Signing time: Mon 02 Jan 2023 00:15:21 +0000
ROA not before: Mon 02 Jan 2023 00:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 45.147.24.0/24 maxlen: 24
45.147.25.0/24 maxlen: 24
45.147.27.0/24 maxlen: 24
45.158.229.0/24 maxlen: 24
45.147.26.0/24 maxlen: 24
45.158.228.0/24 maxlen: 24
45.158.230.0/24 maxlen: 24
45.158.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jan 2023 15:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:32:d1:a8:55:ce:f2:ee:c4:ec:4c:b7:46:f5:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6fa37a2483cf579fa86250119ac0133475aad8
Validity
Not Before: Jan 2 00:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d3187e0a1c15366db6fb7faa684dab7976e3a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6d:6c:ca:1e:87:d1:4e:15:83:7d:7b:f4:63:
f7:e5:5c:1b:fa:2c:ff:7e:ab:65:e3:62:a7:d8:93:
b1:03:5a:70:56:b6:53:98:9b:59:56:d8:90:25:8d:
a9:f7:f1:62:c9:16:11:bf:04:e8:fe:0c:dc:90:5f:
06:74:a0:ad:eb:68:f4:61:27:bb:0f:06:1d:b8:fc:
7e:e7:7a:47:bf:99:0c:82:03:a6:b3:f8:0b:c6:fe:
cf:d7:92:93:bb:1f:f4:36:03:ac:6e:72:f2:34:a2:
04:71:6b:16:f0:fd:0e:7c:ef:7c:64:e3:e3:bc:3e:
19:e4:9a:e3:2c:5d:a4:9e:59:be:34:a2:22:c6:cd:
4e:1b:31:a1:72:06:22:08:7a:87:09:41:ac:13:3d:
65:fb:a7:75:ec:8e:a6:8d:9d:f3:fc:48:2c:7e:a4:
cd:3e:4e:18:fd:fa:a4:a3:da:a6:05:1e:81:b3:86:
30:51:28:71:0f:d3:84:99:37:f2:10:ce:9f:3d:6f:
da:01:35:be:da:a4:06:37:f9:c4:18:30:59:a0:5b:
80:bf:15:1f:f4:34:88:d1:89:0b:5e:2e:22:4f:fb:
fc:72:d6:be:67:73:93:2f:20:fb:a7:86:a0:82:10:
18:89:db:e1:26:6c:6f:e9:36:bf:09:de:d4:d6:4c:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:31:87:E0:A1:C1:53:66:DB:6F:B7:FA:A6:84:DA:B7:97:6E:3A:33
X509v3 Authority Key Identifier:
keyid:BD:6F:A3:7A:24:83:CF:57:9F:A8:62:50:11:9A:C0:13:34:75:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vW-jeiSDz1efqGJQEZrAEzR1qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/DTGH4KHBU2bbb7f6poTat5duOjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/e3ada2-c9df-44e2-8b0f-8ff1611e8bb4/1/vW-jeiSDz1efqGJQEZrAEzR1qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.24.0/22
45.158.228.0/22
Signature Algorithm: sha256WithRSAEncryption
55:5b:f2:6f:f8:3d:ea:c5:13:2a:bb:0e:c9:cd:72:76:bf:d0:
62:e9:03:a4:a6:a6:48:d7:1b:5a:e3:f3:d1:4a:9e:dd:ea:f8:
0b:af:db:f9:35:c7:33:37:08:96:e4:cd:b5:90:74:1b:a3:b6:
ee:ad:47:3c:f2:35:18:ba:48:27:37:ac:df:93:08:6b:cb:29:
bf:d7:72:5b:3c:39:bf:ab:91:3e:95:d8:0c:70:14:1e:13:19:
76:6f:9d:e2:a4:51:55:75:fb:e9:26:8f:9d:f3:06:82:4f:20:
ca:3c:a0:10:d2:0d:24:11:9c:82:40:ff:46:f3:bd:88:97:fb:
d7:8b:83:43:99:09:0f:3e:d9:89:29:57:45:51:e0:0b:30:2d:
93:fe:44:eb:ff:32:c6:8d:02:6a:c2:fc:84:a7:c1:63:1a:bb:
0a:97:b5:be:cf:36:5d:0c:1a:4f:ac:04:2b:86:0d:99:cb:ce:
53:8d:bd:a5:b1:e2:c0:0e:9b:e0:c9:af:56:49:d2:69:13:8c:
26:e8:04:40:d1:f3:9c:70:df:1c:b6:f0:7f:4a:f8:6e:9e:d8:
30:0f:d6:d3:68:4f:b0:ad:60:38:4a:b3:e1:ee:9d:2b:a3:21:
9c:93:41:3f:11:d5:9c:7f:79:a4:ae:6d:d9:47:8c:5f:95:fa:
47:48:de:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1TLRqFXO8u7E7Ey3RvXfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNmZhMzdhMjQ4M2NmNTc5ZmE4NjI1MDExOWFjMDEzMzQ3
NWFhZDgwHhcNMjMwMTAyMDAxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDMxODdlMGExYzE1MzY2ZGI2ZmI3ZmFhNjg0ZGFiNzk3NmUzYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G1syh6H0U4Vg3179GP35Vwb+iz/
fqtl42Kn2JOxA1pwVrZTmJtZVtiQJY2p9/FiyRYRvwTo/gzckF8GdKCt62j0YSe7
DwYduPx+53pHv5kMggOms/gLxv7P15KTux/0NgOsbnLyNKIEcWsW8P0OfO98ZOPj
vD4Z5JrjLF2knlm+NKIixs1OGzGhcgYiCHqHCUGsEz1l+6d17I6mjZ3z/EgsfqTN
Pk4Y/fqko9qmBR6Bs4YwUShxD9OEmTfyEM6fPW/aATW+2qQGN/nEGDBZoFuAvxUf
9DSI0YkLXi4iT/v8cta+Z3OTLyD7p4agghAYidvhJmxv6Ta/Cd7U1kyYvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA0xh+ChwVNm22+3+qaE2reXbjozMB8GA1UdIwQY
MBaAFL1vo3okg89Xn6hiUBGawBM0darYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYt
OGZmMTYxMWU4YmI0LzEvRFRHSDRLSEJVMmJiYjdmNnBvVGF0NWR1T2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9lM2FkYTItYzlkZi00NGUyLThiMGYtOGZmMTYxMWU4YmI0
LzEvdlctamVpU0R6MWVmcUdKUUVackFFelIxcXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZMYAwQC
LZ7kMA0GCSqGSIb3DQEBCwUAA4IBAQBVW/Jv+D3qxRMquw7JzXJ2v9Bi6QOkpqZI
1xta4/PRSp7d6vgLr9v5NcczNwiW5M21kHQbo7burUc88jUYukgnN6zfkwhryym/
13JbPDm/q5E+ldgMcBQeExl2b53ipFFVdfvpJo+d8waCTyDKPKAQ0g0kEZyCQP9G
872Il/vXi4NDmQkPPtmJKVdFUeALMC2T/kTr/zLGjQJqwvyEp8FjGrsKl7W+zzZd
DBpPrAQrhg2Zy85Tjb2lseLADpvgya9WSdJpE4wm6ARA0fOccN8ctvB/Svhuntgw
D9bTaE+wrWA4SrPh7p0royGck0E/EdWcf3mkrm3ZR4xflfpHSN5z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org