Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/2chNsMlsb5wOAvAUAPjZP_j2_AI.roa
File: 2chNsMlsb5wOAvAUAPjZP_j2_AI.roa (raw, json)
Hash identifier: z+d4GC3REt73VkrRy/7X8KohoP2WvtjKrpTxf65LynA=
Subject key identifier: D9:C8:4D:B0:C9:6C:6F:9C:0E:02:F0:14:00:F8:D9:3F:F8:F6:FC:02
Certificate issuer: /CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Certificate serial: 018978C5F89000D94A43E4E333E1EB327007
Authority key identifier: B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/2chNsMlsb5wOAvAUAPjZP_j2_AI.roa
Signing time: Fri 21 Jul 2023 14:06:27 +0000
ROA not before: Fri 21 Jul 2023 14:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208948
IP address blocks: 45.134.135.0/24 maxlen: 30
45.134.133.0/24 maxlen: 29
45.134.132.0/24 maxlen: 29
2a0d:d9c3::/32 maxlen: 64
2a0d:d9c0::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 15 Dec 2023 14:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:c5:f8:90:00:d9:4a:43:e4:e3:33:e1:eb:32:70:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Validity
Not Before: Jul 21 14:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9c84db0c96c6f9c0e02f01400f8d93ff8f6fc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:4d:4b:cb:6f:d6:7f:89:5a:d1:15:c9:1f:
f7:49:dc:a1:ab:26:57:f9:48:79:ca:fe:82:30:63:
74:c4:42:10:e1:27:aa:31:4f:ab:ff:ba:93:2f:a6:
79:fb:5a:56:63:39:a9:c9:66:ef:9f:0f:f0:41:00:
5c:0f:d3:e1:22:d4:6d:10:4b:9b:3a:66:40:68:db:
d3:ac:c0:a9:5d:39:36:25:45:90:01:f8:bf:00:58:
35:59:ce:04:52:23:84:2d:2d:b6:c1:57:ef:b9:be:
d7:74:84:78:24:09:48:72:ba:d9:4f:73:e8:1d:4a:
46:90:61:31:61:f7:d3:2e:24:3b:56:6e:56:64:c7:
3e:e7:f6:14:27:fd:d7:69:ba:d1:88:64:a0:a4:2e:
f4:55:84:c3:cf:37:cc:ee:f7:39:ec:5d:8d:35:43:
c7:f2:aa:d9:7e:da:4f:c0:f8:77:69:18:4f:35:e3:
a6:80:a2:8b:f6:b3:74:d6:8c:3f:0d:1e:6a:c4:31:
b3:c5:a2:b3:62:ff:d0:46:a6:48:c2:ec:5d:34:9d:
26:ad:1b:dd:f2:a4:f1:b3:f3:74:0c:73:17:c2:59:
99:91:20:77:92:90:ef:f6:7a:e5:89:6f:c7:5a:31:
d0:d8:58:80:6d:d3:61:45:c5:6a:6e:62:87:26:42:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C8:4D:B0:C9:6C:6F:9C:0E:02:F0:14:00:F8:D9:3F:F8:F6:FC:02
X509v3 Authority Key Identifier:
keyid:B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/2chNsMlsb5wOAvAUAPjZP_j2_AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/uOT3NP3nGsQhlX8nyEmUlvREDXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.132.0/23
45.134.135.0/24
IPv6:
2a0d:d9c0::/32
2a0d:d9c3::/32
Signature Algorithm: sha256WithRSAEncryption
a7:b9:36:2a:90:f8:a9:9e:ff:94:9a:1b:96:fc:7a:a3:a7:3f:
e8:d7:8c:3e:b8:b9:36:4b:9a:4a:8e:b6:8e:a5:24:be:c8:03:
90:d7:cc:03:17:38:74:a9:d8:7c:99:5e:88:31:f7:6d:15:59:
3a:aa:61:4b:ff:6a:ae:48:4a:8e:65:7d:fd:61:83:2a:ac:96:
84:c5:d8:04:0d:28:c3:0f:b9:c6:64:5f:2a:55:f3:cb:fe:2d:
95:36:c5:19:14:ab:d8:ab:ba:cc:62:04:fc:24:c6:34:d5:61:
89:3a:1f:f5:2d:cc:c6:90:e2:67:1c:bb:0b:fa:3e:e6:dd:7e:
f9:af:4f:2f:5e:eb:86:ff:65:95:0c:3a:4a:bc:d7:2b:77:78:
fe:b4:fd:6c:82:28:7b:39:07:a8:70:2b:59:41:0b:c1:3b:5a:
27:4b:d1:78:f5:62:14:9d:69:f7:1e:fe:61:b7:8c:76:85:9f:
59:f5:60:63:24:95:a2:dc:fc:b7:30:5b:c6:59:82:53:e1:ed:
b1:38:76:0b:e2:93:11:62:b5:98:06:b5:e4:f9:6b:33:11:b0:
ae:a7:c2:b7:aa:10:c6:fc:91:0e:13:6e:d2:89:fb:68:7d:b6:
9a:b3:10:59:be:a2:78:65:06:31:02:d0:00:eb:23:46:6d:26:
13:3e:01:a9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYl4xfiQANlKQ+TjM+HrMnAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTRmNzM0ZmRlNzFhYzQyMTk1N2YyN2M4NDk5NDk2ZjQ0
NDBkN2MwHhcNMjMwNzIxMTQwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM4NGRiMGM5NmM2ZjljMGUwMmYwMTQwMGY4ZDkzZmY4ZjZmYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArklNS8tv1n+JWtEVyR/3SdyhqyZX
+Uh5yv6CMGN0xEIQ4SeqMU+r/7qTL6Z5+1pWYzmpyWbvnw/wQQBcD9PhItRtEEub
OmZAaNvTrMCpXTk2JUWQAfi/AFg1Wc4EUiOELS22wVfvub7XdIR4JAlIcrrZT3Po
HUpGkGExYffTLiQ7Vm5WZMc+5/YUJ/3XabrRiGSgpC70VYTDzzfM7vc57F2NNUPH
8qrZftpPwPh3aRhPNeOmgKKL9rN01ow/DR5qxDGzxaKzYv/QRqZIwuxdNJ0mrRvd
8qTxs/N0DHMXwlmZkSB3kpDv9nrliW/HWjHQ2FiAbdNhRcVqbmKHJkJ5tQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNnITbDJbG+cDgLwFAD42T/49vwCMB8GA1UdIwQY
MBaAFLjk9zT95xrEIZV/J8hJlJb0RA18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEt
YmNmZTNhZDM4N2NlLzEvMmNoTnNNbHNiNXdPQXZBVUFQalpQX2oyX0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEtYmNmZTNhZDM4N2Nl
LzEvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBLYaEAwQA
LYaHMBQEAgACMA4DBQAqDdnAAwUAKg3ZwzANBgkqhkiG9w0BAQsFAAOCAQEAp7k2
KpD4qZ7/lJoblvx6o6c/6NeMPri5NkuaSo62jqUkvsgDkNfMAxc4dKnYfJleiDH3
bRVZOqphS/9qrkhKjmV9/WGDKqyWhMXYBA0oww+5xmRfKlXzy/4tlTbFGRSr2Ku6
zGIE/CTGNNVhiTof9S3MxpDiZxy7C/o+5t1++a9PL17rhv9llQw6SrzXK3d4/rT9
bIIoezkHqHArWUELwTtaJ0vRePViFJ1p9x7+YbeMdoWfWfVgYySVotz8tzBbxlmC
U+HtsTh2C+KTEWK1mAa15PlrMxGwrqfCt6oQxvyRDhNu0on7aH22mrMQWb6ieGUG
MQLQAOsjRm0mEz4BqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org