Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/oN3wFmWkm9RnYxfpDPBKqQ_klyU.roa
File: oN3wFmWkm9RnYxfpDPBKqQ_klyU.roa (raw, json)
Hash identifier: eJZktVCSIQDUbFARYVtmcFhl3QqnJu8FvgSwWuuoMO4=
Subject key identifier: A0:DD:F0:16:65:A4:9B:D4:67:63:17:E9:0C:F0:4A:A9:0F:E4:97:25
Certificate issuer: /CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Certificate serial: 018978BDBAACD61B6A2AED5C9477A2487766
Authority key identifier: B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/oN3wFmWkm9RnYxfpDPBKqQ_klyU.roa
Signing time: Fri 21 Jul 2023 13:57:27 +0000
ROA not before: Fri 21 Jul 2023 13:57:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208948
IP address blocks: 45.134.135.0/24 maxlen: 29
45.134.133.0/24 maxlen: 29
45.134.132.0/24 maxlen: 29
2a0d:d9c3::/32 maxlen: 64
2a0d:d9c0::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 21 Jul 2023 14:06:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:78:bd:ba:ac:d6:1b:6a:2a:ed:5c:94:77:a2:48:77:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Validity
Not Before: Jul 21 13:57:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0ddf01665a49bd4676317e90cf04aa90fe49725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c1:3e:1b:88:e5:8e:9c:40:9e:9a:cd:0c:52:
a1:a3:72:49:3f:cb:9b:79:dd:88:be:b1:52:b1:c7:
6c:c8:a2:fc:3f:7e:1f:0d:de:ec:ff:4c:8d:ac:a1:
0f:25:e3:84:c0:f0:c4:2b:d1:88:fc:dc:07:98:81:
cb:7f:ef:67:a9:06:f7:7a:1b:d9:a6:e8:5b:b5:b4:
a4:21:cf:07:f6:1d:1f:bc:98:c8:67:96:8f:1c:b6:
39:92:84:bc:b4:0e:f2:ff:6d:37:a8:4c:11:69:db:
8f:a8:0e:99:6b:4a:ee:12:99:8f:f8:e9:ef:11:eb:
7c:02:41:25:15:2e:07:92:83:cb:54:b9:c1:cd:52:
18:da:aa:21:9c:8e:cc:53:b9:33:7c:cd:0c:34:9e:
a6:ed:d9:01:dc:f4:70:f6:07:76:5b:71:de:3e:3c:
33:ef:e1:81:e4:ed:f6:a4:c9:96:d5:a6:7e:08:bf:
24:22:86:b5:e5:ad:47:dc:bb:76:79:5c:28:03:a9:
ee:d5:4e:2c:08:20:5b:7d:57:ea:ff:cb:b6:2f:62:
d2:2a:89:28:78:28:bf:3f:4c:d9:ee:09:79:5e:2b:
47:e1:50:b9:78:8f:ed:84:ed:5f:0a:65:06:a2:2a:
4d:0e:ad:46:6e:2c:c2:f4:f8:b3:4f:b2:53:e9:b5:
4f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DD:F0:16:65:A4:9B:D4:67:63:17:E9:0C:F0:4A:A9:0F:E4:97:25
X509v3 Authority Key Identifier:
keyid:B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/oN3wFmWkm9RnYxfpDPBKqQ_klyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/uOT3NP3nGsQhlX8nyEmUlvREDXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.132.0/23
45.134.135.0/24
IPv6:
2a0d:d9c0::/32
2a0d:d9c3::/32
Signature Algorithm: sha256WithRSAEncryption
7a:f9:e3:ea:4d:48:63:b2:01:f4:08:8e:99:3b:72:86:40:30:
74:fb:56:32:59:b1:ba:5e:16:99:c5:fa:84:42:db:81:11:8f:
09:6c:37:68:bd:0d:9d:97:47:76:8f:f1:20:42:2c:87:b5:b5:
bf:64:1d:a9:ee:cc:e9:53:3c:ee:11:b3:a7:34:7a:94:23:ec:
d3:d2:ab:31:70:90:28:ac:aa:d0:5e:3b:cb:c5:23:01:e9:dd:
60:f6:56:18:ff:55:77:eb:9e:db:a3:48:d8:22:45:22:54:33:
77:56:08:42:bf:a6:28:51:32:a0:ca:8a:32:18:c2:51:bd:5a:
7c:56:00:40:d0:ee:8d:8d:95:b3:a2:8d:6f:1b:d7:58:1e:97:
10:e0:3a:54:55:32:3d:0c:62:03:a1:e4:59:f0:1d:d5:c1:39:
1c:ca:8d:dc:34:f5:09:aa:10:b7:97:ed:42:8d:83:bc:82:d2:
5d:4a:50:c8:63:25:b9:80:7b:c8:71:b8:ba:a9:b4:2b:a4:4e:
f1:18:09:25:bd:a9:3a:23:68:ad:54:c5:2b:3f:17:62:d6:a5:
dd:9b:3d:31:45:d8:1e:a8:15:ee:ad:99:58:cd:58:f8:34:55:
85:79:2f:e9:76:29:ca:81:25:23:41:f3:91:85:ee:29:bb:e3:
d0:dc:4c:13
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYl4vbqs1htqKu1clHeiSHdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTRmNzM0ZmRlNzFhYzQyMTk1N2YyN2M4NDk5NDk2ZjQ0
NDBkN2MwHhcNMjMwNzIxMTM1NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRkZjAxNjY1YTQ5YmQ0Njc2MzE3ZTkwY2YwNGFhOTBmZTQ5NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsE+G4jljpxAnprNDFKho3JJP8ub
ed2IvrFSscdsyKL8P34fDd7s/0yNrKEPJeOEwPDEK9GI/NwHmIHLf+9nqQb3ehvZ
puhbtbSkIc8H9h0fvJjIZ5aPHLY5koS8tA7y/203qEwRaduPqA6Za0ruEpmP+Onv
Eet8AkElFS4HkoPLVLnBzVIY2qohnI7MU7kzfM0MNJ6m7dkB3PRw9gd2W3HePjwz
7+GB5O32pMmW1aZ+CL8kIoa15a1H3Lt2eVwoA6nu1U4sCCBbfVfq/8u2L2LSKoko
eCi/P0zZ7gl5XitH4VC5eI/thO1fCmUGoipNDq1GbizC9PizT7JT6bVPpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKDd8BZlpJvUZ2MX6QzwSqkP5JclMB8GA1UdIwQY
MBaAFLjk9zT95xrEIZV/J8hJlJb0RA18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEt
YmNmZTNhZDM4N2NlLzEvb04zd0ZtV2ttOVJuWXhmcERQQktxUV9rbHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEtYmNmZTNhZDM4N2Nl
LzEvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBLYaEAwQA
LYaHMBQEAgACMA4DBQAqDdnAAwUAKg3ZwzANBgkqhkiG9w0BAQsFAAOCAQEAevnj
6k1IY7IB9AiOmTtyhkAwdPtWMlmxul4WmcX6hELbgRGPCWw3aL0NnZdHdo/xIEIs
h7W1v2Qdqe7M6VM87hGzpzR6lCPs09KrMXCQKKyq0F47y8UjAendYPZWGP9Vd+ue
26NI2CJFIlQzd1YIQr+mKFEyoMqKMhjCUb1afFYAQNDujY2Vs6KNbxvXWB6XEOA6
VFUyPQxiA6HkWfAd1cE5HMqN3DT1CaoQt5ftQo2DvILSXUpQyGMluYB7yHG4uqm0
K6RO8RgJJb2pOiNorVTFKz8XYtal3Zs9MUXYHqgV7q2ZWM1Y+DRVhXkv6XYpyoEl
I0HzkYXuKbvj0NxMEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:38 2024 by rpki-client on console-fra.rpki-client.org