Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/nWKYFc7EdXiaFooN80VUX5QNWM4.roa
File: nWKYFc7EdXiaFooN80VUX5QNWM4.roa (raw, json)
Hash identifier: YOgZNjOvackHNlyJlVjvSLFPrfpbo7Dd8PpK2e1L+N8=
Subject key identifier: 9D:62:98:15:CE:C4:75:78:9A:16:8A:0D:F3:45:54:5F:94:0D:58:CE
Certificate issuer: /CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Certificate serial: 01857316092E398680545817961F38607332
Authority key identifier: 63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/nWKYFc7EdXiaFooN80VUX5QNWM4.roa
Signing time: Mon 02 Jan 2023 15:25:02 +0000
ROA not before: Mon 02 Jan 2023 15:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208161
IP address blocks: 45.156.185.0/24 maxlen: 24
45.156.186.0/24 maxlen: 24
45.156.184.0/24 maxlen: 24
45.156.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Dec 2023 21:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:16:09:2e:39:86:80:54:58:17:96:1f:38:60:73:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d5b48848107b86e142d1c06c29d4b70e7394d3
Validity
Not Before: Jan 2 15:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d629815cec475789a168a0df345545f940d58ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:49:52:72:a6:12:fd:0c:88:d5:f2:41:c5:
d1:31:d3:42:b6:28:b3:7b:7f:29:bd:25:ab:82:49:
57:34:03:00:06:13:9d:1e:60:79:54:60:e1:e1:b2:
ee:c7:23:ff:70:87:98:3a:8a:26:3d:67:99:7e:df:
dd:d1:56:e3:3a:5d:85:12:96:2d:47:31:3c:88:e9:
47:ee:10:45:bb:ed:7c:41:0b:14:2e:a9:90:b8:23:
4e:f8:c2:77:20:3d:f0:c9:80:5a:b3:a9:f6:10:67:
5a:0b:72:7d:4f:c1:81:6a:cf:dd:71:37:0e:60:f9:
ca:ed:12:c5:df:6f:1f:81:67:fd:b2:9d:9c:c6:68:
7f:d6:0b:75:a5:b2:a4:01:9b:53:d9:0a:30:fd:25:
46:fb:4a:93:91:78:a0:13:01:c8:a3:a4:e2:9a:b0:
0b:f8:97:2c:ed:e0:55:73:86:9b:f2:6e:51:43:e3:
ba:8e:64:8f:0d:46:05:3a:d4:a4:33:9d:6f:1f:2b:
aa:85:c9:47:5b:31:4a:c0:c2:2e:64:2b:a7:ad:6a:
03:87:02:73:f3:3f:04:96:68:17:ae:4e:0c:98:0b:
53:b8:ed:d6:af:ac:2b:c0:35:ea:ca:b4:6c:76:36:
43:55:90:e6:29:86:1f:5f:5b:67:30:96:11:16:35:
36:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:62:98:15:CE:C4:75:78:9A:16:8A:0D:F3:45:54:5F:94:0D:58:CE
X509v3 Authority Key Identifier:
keyid:63:D5:B4:88:48:10:7B:86:E1:42:D1:C0:6C:29:D4:B7:0E:73:94:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/nWKYFc7EdXiaFooN80VUX5QNWM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02cdc2-40a8-4781-860b-2388c906bc62/1/Y9W0iEgQe4bhQtHAbCnUtw5zlNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.184.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:c9:97:c7:11:9e:c1:66:c4:c3:d8:d2:77:41:5f:79:a0:b0:
e8:09:52:a5:03:9f:8b:23:01:7e:e7:bd:05:33:7d:5b:73:15:
29:b9:a1:79:05:d8:a1:65:98:b8:07:27:a3:84:75:59:9d:a2:
8c:45:4e:9c:2c:24:29:01:55:f4:9f:c9:e6:e4:d8:e6:b7:eb:
f7:38:db:63:8f:63:db:2a:e6:ad:99:0a:b2:64:cf:01:9d:d6:
1a:2c:fa:da:46:26:75:67:78:55:c5:43:f6:ab:1d:03:ca:83:
a0:54:9c:ee:bf:6b:53:cd:3b:fa:e9:bb:d2:5a:c0:75:87:fd:
a1:ea:31:a6:98:5a:68:bf:8f:67:90:86:7f:d7:5f:cd:89:64:
7b:62:65:97:11:9e:30:2d:a5:e4:27:39:65:06:41:8f:b3:76:
16:2b:46:67:13:fa:a1:7c:6a:c4:c6:ae:34:87:cc:c9:fd:72:
2f:1b:54:fb:80:c1:02:69:81:49:5b:10:9b:83:4a:af:6a:3a:
1f:0f:c9:a2:09:6a:49:74:b0:a0:9b:f1:fb:87:07:d1:26:e5:
3d:7d:5e:7b:7b:94:c6:75:bd:45:6a:14:db:62:24:7e:00:5a:
48:3f:8d:18:88:cf:8b:82:5c:94:ae:80:a2:38:f8:5b:50:a7:
fa:e6:27:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFgkuOYaAVFgXlh84YHMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDViNDg4NDgxMDdiODZlMTQyZDFjMDZjMjlkNGI3MGU3
Mzk0ZDMwHhcNMjMwMTAyMTUyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDYyOTgxNWNlYzQ3NTc4OWExNjhhMGRmMzQ1NTQ1Zjk0MGQ1OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FhJUnKmEv0MiNXyQcXRMdNCtiiz
e38pvSWrgklXNAMABhOdHmB5VGDh4bLuxyP/cIeYOoomPWeZft/d0VbjOl2FEpYt
RzE8iOlH7hBFu+18QQsULqmQuCNO+MJ3ID3wyYBas6n2EGdaC3J9T8GBas/dcTcO
YPnK7RLF328fgWf9sp2cxmh/1gt1pbKkAZtT2Qow/SVG+0qTkXigEwHIo6TimrAL
+Jcs7eBVc4ab8m5RQ+O6jmSPDUYFOtSkM51vHyuqhclHWzFKwMIuZCunrWoDhwJz
8z8ElmgXrk4MmAtTuO3Wr6wrwDXqyrRsdjZDVZDmKYYfX1tnMJYRFjU2AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1imBXOxHV4mhaKDfNFVF+UDVjOMB8GA1UdIwQY
MBaAFGPVtIhIEHuG4ULRwGwp1LcOc5TTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGIt
MjM4OGM5MDZiYzYyLzEvbldLWUZjN0VkWGlhRm9vTjgwVlVYNVFOV000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmNkYzItNDBhOC00NzgxLTg2MGItMjM4OGM5MDZiYzYy
LzEvWTlXMGlFZ1FlNGJoUXRIQWJDblV0dzV6bE5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZy4MA0G
CSqGSIb3DQEBCwUAA4IBAQAMyZfHEZ7BZsTD2NJ3QV95oLDoCVKlA5+LIwF+570F
M31bcxUpuaF5BdihZZi4ByejhHVZnaKMRU6cLCQpAVX0n8nm5Njmt+v3ONtjj2Pb
KuatmQqyZM8BndYaLPraRiZ1Z3hVxUP2qx0DyoOgVJzuv2tTzTv66bvSWsB1h/2h
6jGmmFpov49nkIZ/11/NiWR7YmWXEZ4wLaXkJzllBkGPs3YWK0ZnE/qhfGrExq40
h8zJ/XIvG1T7gMECaYFJWxCbg0qvajofD8miCWpJdLCgm/H7hwfRJuU9fV57e5TG
db1FahTbYiR+AFpIP40YiM+LglyUroCiOPhbUKf65id2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:31 2024 by rpki-client on console-fra.rpki-client.org