Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/YvzYusFlj46Hfne9Dm3EDOM6nw0.roa
File: YvzYusFlj46Hfne9Dm3EDOM6nw0.roa (raw, json)
Hash identifier: EsbLHlHUkMWkyJ1g9I1R0BbNxGoF0z1gbF0xCSvVhe8=
Subject key identifier: 62:FC:D8:BA:C1:65:8F:8E:87:7E:77:BD:0E:6D:C4:0C:E3:3A:9F:0D
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018D7D89229C6F2594CDAF2F1EAE792ED0B6
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/YvzYusFlj46Hfne9Dm3EDOM6nw0.roa
Signing time: Tue 06 Feb 2024 08:29:15 +0000
ROA not before: Tue 06 Feb 2024 08:29:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.146.202.0/23 maxlen: 24
45.146.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 14:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:89:22:9c:6f:25:94:cd:af:2f:1e:ae:79:2e:d0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Feb 6 08:29:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62fcd8bac1658f8e877e77bd0e6dc40ce33a9f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:07:0f:e1:e7:22:0d:a0:41:a1:2b:b8:d5:6b:
3e:42:c5:74:2a:e0:54:34:48:46:96:c7:73:aa:28:
f6:41:7f:4d:2b:8b:34:c6:4d:38:99:e4:6f:73:21:
e4:cd:3e:2e:e9:a6:0d:ea:a2:61:47:44:48:f8:38:
f6:cb:c6:77:c4:6a:ee:61:cf:8f:0d:9b:f8:66:6a:
c3:35:8b:2d:cb:7e:a5:23:14:67:c4:20:b3:a5:76:
72:c2:1e:81:70:be:eb:76:2f:81:68:2b:4d:9d:05:
22:18:2f:a1:7b:71:ca:08:1d:e2:3c:1d:86:c3:ab:
83:c4:bc:04:0f:4c:20:08:c4:91:db:94:23:78:af:
f6:64:d3:be:cc:14:e6:10:05:4e:70:6b:f6:3c:be:
93:81:47:10:9e:c1:cc:dc:19:33:f8:4a:ac:f0:0e:
94:18:c0:73:b0:f9:9d:34:a5:4a:5d:0b:51:38:1f:
ea:26:b3:fa:a8:cf:73:84:e3:ef:91:41:40:f1:49:
c5:0a:90:d9:af:25:a9:47:d6:f7:93:3e:b4:b1:97:
6e:ac:5b:59:24:79:ff:11:30:c1:33:8e:57:55:bc:
b2:6d:f7:df:88:ed:b5:8f:67:64:94:87:f1:71:1d:
68:09:2c:d2:45:1e:33:98:f1:16:42:ad:2d:b4:6f:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FC:D8:BA:C1:65:8F:8E:87:7E:77:BD:0E:6D:C4:0C:E3:3A:9F:0D
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/YvzYusFlj46Hfne9Dm3EDOM6nw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.202.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:5a:44:c3:54:d5:73:22:4c:18:1e:31:eb:48:ce:5c:b1:5c:
f3:cf:6f:71:45:bd:63:e9:30:e8:df:c7:6b:a4:4a:28:85:bf:
3c:b0:af:42:5d:7c:bf:bb:bc:87:12:80:5a:61:c6:b6:c0:ba:
60:a6:d7:66:14:18:cd:7d:6b:64:52:58:5e:66:b3:15:5b:f7:
4f:d5:ad:ce:49:2e:7d:6a:16:05:3c:1c:cb:74:19:f8:2d:26:
48:df:ce:84:d6:a3:1a:e2:21:66:e6:d5:ce:97:69:ec:ca:be:
f9:e2:62:cc:43:03:ac:b0:dc:8f:2d:78:1d:1f:d5:04:cc:8d:
8a:ec:17:50:37:1f:87:60:9e:2b:2d:e8:e1:fa:8c:18:a3:c1:
0e:31:d4:18:9d:7e:25:a4:01:f8:8c:ee:31:87:b6:92:a8:59:
96:71:11:9d:fa:fc:da:42:e6:a1:e9:91:ac:cc:69:16:ae:9f:
a4:0a:b0:5c:a6:69:e3:a4:f9:cc:18:45:61:4f:ec:31:79:a3:
a3:e7:d2:83:c7:f8:61:fe:7c:96:c4:43:af:9d:70:e9:86:8b:
fa:cd:e5:23:ae:52:fd:31:3f:ff:c3:21:32:32:fc:7f:2c:7c:
60:c2:b7:0a:8a:9a:5b:e9:9d:16:98:03:ed:b5:22:ca:33:46:
6e:b0:de:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY19iSKcbyWUza8vHq55LtC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMjA2MDgyOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZjZDhiYWMxNjU4ZjhlODc3ZTc3YmQwZTZkYzQwY2UzM2E5ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gcP4eciDaBBoSu41Ws+QsV0KuBU
NEhGlsdzqij2QX9NK4s0xk04meRvcyHkzT4u6aYN6qJhR0RI+Dj2y8Z3xGruYc+P
DZv4ZmrDNYsty36lIxRnxCCzpXZywh6BcL7rdi+BaCtNnQUiGC+he3HKCB3iPB2G
w6uDxLwED0wgCMSR25QjeK/2ZNO+zBTmEAVOcGv2PL6TgUcQnsHM3Bkz+Eqs8A6U
GMBzsPmdNKVKXQtROB/qJrP6qM9zhOPvkUFA8UnFCpDZryWpR9b3kz60sZdurFtZ
JHn/ETDBM45XVbyybfffiO21j2dklIfxcR1oCSzSRR4zmPEWQq0ttG+omwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL82LrBZY+Oh353vQ5txAzjOp8NMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvWXZ6WXVzRmxqNDZIZm5lOURtM0VET002bncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZLKMA0G
CSqGSIb3DQEBCwUAA4IBAQCuWkTDVNVzIkwYHjHrSM5csVzzz29xRb1j6TDo38dr
pEoohb88sK9CXXy/u7yHEoBaYca2wLpgptdmFBjNfWtkUlheZrMVW/dP1a3OSS59
ahYFPBzLdBn4LSZI386E1qMa4iFm5tXOl2nsyr754mLMQwOssNyPLXgdH9UEzI2K
7BdQNx+HYJ4rLejh+owYo8EOMdQYnX4lpAH4jO4xh7aSqFmWcRGd+vzaQuah6ZGs
zGkWrp+kCrBcpmnjpPnMGEVhT+wxeaOj59KDx/hh/nyWxEOvnXDphov6zeUjrlL9
MT//wyEyMvx/LHxgwrcKippb6Z0WmAPttSLKM0ZusN7A
-----END CERTIFICATE-----
Generated at Tue Feb 20 18:07:36 2024 by rpki-client on console-ams.rpki-client.org