Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/TfxjK3Z6edRKHIPBIl68axABQd4.roa
File: TfxjK3Z6edRKHIPBIl68axABQd4.roa (raw, json)
Hash identifier: c61x8c5CV74cm5b+KGc3A2D2fKm/rgrIxXC6/JbwRqM=
Subject key identifier: 4D:FC:63:2B:76:7A:79:D4:4A:1C:83:C1:22:5E:BC:6B:10:01:41:DE
Certificate issuer: /CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Certificate serial: 018C6DF86B8F9CEA14FD2C89FB93E1563232
Authority key identifier: B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/TfxjK3Z6edRKHIPBIl68axABQd4.roa
Signing time: Fri 15 Dec 2023 14:54:06 +0000
ROA not before: Fri 15 Dec 2023 14:54:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208948
IP address blocks: 45.134.135.0/24 maxlen: 30
45.134.133.0/24 maxlen: 29
45.134.132.0/24 maxlen: 29
2a0d:d9c3::/32 maxlen: 64
2a0d:d9c4::/32 maxlen: 64
2a0d:d9c0::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:f8:6b:8f:9c:ea:14:fd:2c:89:fb:93:e1:56:32:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Validity
Not Before: Dec 15 14:54:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dfc632b767a79d44a1c83c1225ebc6b100141de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:d8:f2:a7:7e:ea:06:19:d5:2d:50:83:7b:
0b:62:99:35:69:8c:75:bc:5d:7a:22:04:d3:8f:77:
ff:81:74:07:61:e0:79:ce:8d:99:fd:65:f1:63:61:
54:de:c3:1b:50:98:52:7c:14:ee:4a:26:78:cd:1f:
a6:c4:eb:15:ad:ea:2d:63:34:28:9b:d8:d3:ee:4a:
0f:d0:dc:19:24:71:04:3e:2e:a4:b8:42:95:c8:af:
29:ed:2c:ab:fd:f8:6f:7d:a7:c3:e6:31:e0:29:7c:
03:4b:81:87:be:7f:42:3d:f0:4b:6a:6c:82:cb:0f:
b1:4a:aa:f1:46:a5:e2:7d:45:8d:df:7e:7f:e0:ce:
a6:1b:10:c4:01:a0:91:d4:3b:cc:e1:35:14:76:cf:
b1:3e:b0:88:a0:61:10:a1:76:d1:16:28:3a:10:63:
e9:48:14:82:9a:ba:34:10:bf:8e:4d:7c:a1:d2:02:
9b:65:49:50:7d:ac:4d:8b:e2:bb:88:66:41:8f:01:
7b:ef:11:a5:eb:69:b0:c7:f7:fd:d0:be:58:90:53:
33:43:2f:c4:5d:82:ca:70:34:ba:39:be:1e:f9:a3:
5b:af:d9:eb:e1:c8:3f:9b:47:f4:53:57:8a:83:d3:
09:ec:6a:ab:00:d9:f2:02:a5:2b:eb:24:bb:5f:fb:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FC:63:2B:76:7A:79:D4:4A:1C:83:C1:22:5E:BC:6B:10:01:41:DE
X509v3 Authority Key Identifier:
keyid:B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/TfxjK3Z6edRKHIPBIl68axABQd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/uOT3NP3nGsQhlX8nyEmUlvREDXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.132.0/23
45.134.135.0/24
IPv6:
2a0d:d9c0::/32
2a0d:d9c3::-2a0d:d9c4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:c8:94:01:2b:91:c3:fd:33:8b:54:33:2b:ed:e0:5d:e5:6b:
3a:0e:44:b9:1c:60:24:c3:9a:c6:36:1f:71:7e:5f:5f:2f:86:
24:45:da:eb:c8:ae:0d:a9:f6:02:29:f7:47:60:07:78:e6:e5:
05:46:09:54:e4:51:eb:fc:d3:58:77:39:c1:44:24:82:ce:e4:
61:e4:7b:b4:88:28:c4:bc:7b:64:d1:e3:5a:e0:99:48:51:df:
d7:78:45:de:83:b5:ad:a2:90:c1:cf:a8:1b:fa:f2:c3:3d:9b:
23:e5:67:8a:b3:5f:f6:ae:28:48:16:54:9d:03:3f:2c:ab:18:
bb:af:1f:13:f3:a4:25:32:e7:b4:74:1a:bf:a6:31:0b:2a:e5:
d8:57:39:8f:c5:c7:d8:09:4b:f0:70:c5:ea:0b:28:b0:bc:26:
72:62:b0:09:2a:a7:9b:26:3e:76:1a:87:74:47:0d:94:ff:eb:
6b:e9:c0:57:bb:f0:0a:0e:b0:ef:94:33:af:68:5b:d8:79:77:
2d:28:31:b6:ce:94:a6:e9:12:d7:43:8a:d4:ec:7a:86:ed:07:
6f:ce:72:75:7f:60:5e:54:a0:be:c0:ef:79:8a:2d:8b:7f:a4:
21:b6:83:89:a2:7c:db:00:bc:e0:f6:51:4c:d1:d6:f2:59:df:
9e:44:d1:06
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYxt+GuPnOoU/SyJ+5PhVjIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTRmNzM0ZmRlNzFhYzQyMTk1N2YyN2M4NDk5NDk2ZjQ0
NDBkN2MwHhcNMjMxMjE1MTQ1NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZjNjMyYjc2N2E3OWQ0NGExYzgzYzEyMjVlYmM2YjEwMDE0MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYzY8qd+6gYZ1S1Qg3sLYpk1aYx1
vF16IgTTj3f/gXQHYeB5zo2Z/WXxY2FU3sMbUJhSfBTuSiZ4zR+mxOsVreotYzQo
m9jT7koP0NwZJHEEPi6kuEKVyK8p7Syr/fhvfafD5jHgKXwDS4GHvn9CPfBLamyC
yw+xSqrxRqXifUWN335/4M6mGxDEAaCR1DvM4TUUds+xPrCIoGEQoXbRFig6EGPp
SBSCmro0EL+OTXyh0gKbZUlQfaxNi+K7iGZBjwF77xGl62mwx/f90L5YkFMzQy/E
XYLKcDS6Ob4e+aNbr9nr4cg/m0f0U1eKg9MJ7GqrANnyAqUr6yS7X/vPIQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFE38Yyt2ennUShyDwSJevGsQAUHeMB8GA1UdIwQY
MBaAFLjk9zT95xrEIZV/J8hJlJb0RA18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEt
YmNmZTNhZDM4N2NlLzEvVGZ4akszWjZlZFJLSElQQklsNjhheEFCUWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEtYmNmZTNhZDM4N2Nl
LzEvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQBLYaEAwQA
LYaHMB0EAgACMBcDBQAqDdnAMA4DBQAqDdnDAwUAKg3ZxDANBgkqhkiG9w0BAQsF
AAOCAQEAgsiUASuRw/0zi1QzK+3gXeVrOg5EuRxgJMOaxjYfcX5fXy+GJEXa68iu
Dan2Ain3R2AHeOblBUYJVORR6/zTWHc5wUQkgs7kYeR7tIgoxLx7ZNHjWuCZSFHf
13hF3oO1raKQwc+oG/rywz2bI+VnirNf9q4oSBZUnQM/LKsYu68fE/OkJTLntHQa
v6YxCyrl2Fc5j8XH2AlL8HDF6gsosLwmcmKwCSqnmyY+dhqHdEcNlP/ra+nAV7vw
Cg6w75Qzr2hb2Hl3LSgxts6UpukS10OK1Ox6hu0Hb85ydX9gXlSgvsDveYoti3+k
IbaDiaJ82wC84PZRTNHW8lnfnkTRBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org