Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/kR2ULSns2GpZnWu3GJvdFL25pzw.roa
File: kR2ULSns2GpZnWu3GJvdFL25pzw.roa (raw, json)
Hash identifier: /5q+NJ6jVDEAuZpGzQwOWDJypzl8dgEaUrZxmtV0r8Y=
Subject key identifier: 91:1D:94:2D:29:EC:D8:6A:59:9D:6B:B7:18:9B:DD:14:BD:B9:A7:3C
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018CCF72AC7296BB8E2359283C0203429576
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/kR2ULSns2GpZnWu3GJvdFL25pzw.roa
Signing time: Wed 03 Jan 2024 13:10:48 +0000
ROA not before: Wed 03 Jan 2024 13:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.146.202.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 08:29:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:72:ac:72:96:bb:8e:23:59:28:3c:02:03:42:95:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 3 13:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911d942d29ecd86a599d6bb7189bdd14bdb9a73c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ab:60:a7:fc:72:7c:89:dc:33:cf:36:ff:77:
84:a9:47:00:c9:d5:1e:44:26:90:50:ae:c5:0a:bd:
f3:65:61:ad:62:54:00:39:ba:51:9b:85:89:78:91:
19:af:5f:44:46:ff:d8:5a:bb:1b:0c:d8:70:d8:da:
f7:79:91:ec:68:a6:54:42:9f:37:b2:bd:f7:5a:1f:
dc:3d:ca:e9:4d:56:9c:36:1f:8a:3e:43:c4:46:a3:
12:7f:d6:b0:ae:6d:11:82:a4:93:a0:64:1a:dd:0c:
fe:96:36:83:e5:bc:31:de:59:47:6c:63:f3:aa:e4:
bf:f0:06:1e:32:3f:be:05:5a:bf:27:a7:6e:af:0e:
f4:22:3f:2f:66:e2:ba:5e:43:0f:87:3c:06:7d:52:
fe:6d:c8:8c:e4:c9:46:e3:56:ef:ff:da:81:55:38:
84:f3:35:b4:24:56:67:ae:7b:fa:1b:7d:64:92:bf:
1f:2e:5e:df:13:f4:c0:2d:7a:22:86:ff:8e:fb:a2:
cc:91:c6:41:8d:9f:ee:d3:c5:61:65:56:ba:5d:8c:
22:48:22:b1:a3:d1:39:c2:63:64:ea:83:06:23:24:
46:c2:fc:05:9f:3a:36:a7:5e:7e:82:bc:6d:06:24:
f1:54:e0:db:c5:7a:e1:c7:5a:f9:31:a8:3c:ff:43:
86:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1D:94:2D:29:EC:D8:6A:59:9D:6B:B7:18:9B:DD:14:BD:B9:A7:3C
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/kR2ULSns2GpZnWu3GJvdFL25pzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.202.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:81:97:f3:a7:28:fd:2e:87:7a:09:74:29:a0:6a:25:4a:30:
17:f0:0b:18:5c:ff:71:2e:7f:9d:ec:ee:79:86:d3:a6:f6:a0:
43:3e:81:11:3e:c9:51:1a:5d:54:d2:7b:81:81:e3:82:6c:c5:
96:a1:27:25:22:2d:cf:48:0a:db:9c:c5:7a:aa:e7:ae:63:29:
75:66:a9:fc:c1:48:02:d3:ff:80:fd:78:d6:50:e1:46:a9:53:
2b:e7:bd:ce:12:b7:15:b6:52:5c:19:7c:4d:2f:33:1c:68:0c:
03:0a:2a:a7:8c:de:66:ae:e8:76:f2:f1:5c:6b:a0:8b:36:6f:
9d:d7:c0:5b:8a:df:9a:37:87:54:4a:af:55:6d:04:28:89:84:
af:a1:cf:fb:a2:86:ad:6a:0a:76:92:cb:be:bf:64:e1:84:8f:
83:bb:15:5d:f4:95:10:11:2c:cc:4a:15:3e:f0:81:4c:3e:64:
06:b5:2b:fd:d0:02:11:d8:30:7c:83:26:67:bf:20:ea:24:8f:
f5:11:b2:99:9d:9d:5c:a0:8a:fd:4e:38:ea:ec:b2:8d:c7:c8:
a7:cb:6f:f9:b5:c2:cf:66:1f:c5:04:96:d5:4d:96:b2:29:33:
71:78:97:44:79:33:3e:9f:e1:9b:0f:27:d2:fe:cf:bf:f0:5c:
e1:0f:80:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzPcqxylruOI1koPAIDQpV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMTAzMTMxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFkOTQyZDI5ZWNkODZhNTk5ZDZiYjcxODliZGQxNGJkYjlhNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqtgp/xyfIncM882/3eEqUcAydUe
RCaQUK7FCr3zZWGtYlQAObpRm4WJeJEZr19ERv/YWrsbDNhw2Nr3eZHsaKZUQp83
sr33Wh/cPcrpTVacNh+KPkPERqMSf9awrm0RgqSToGQa3Qz+ljaD5bwx3llHbGPz
quS/8AYeMj++BVq/J6durw70Ij8vZuK6XkMPhzwGfVL+bciM5MlG41bv/9qBVTiE
8zW0JFZnrnv6G31kkr8fLl7fE/TALXoihv+O+6LMkcZBjZ/u08VhZVa6XYwiSCKx
o9E5wmNk6oMGIyRGwvwFnzo2p15+grxtBiTxVODbxXrhx1r5Mag8/0OGWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEdlC0p7NhqWZ1rtxib3RS9uac8MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEva1IyVUxTbnMyR3Babld1M0dKdmRGTDI1cHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZLKMA0G
CSqGSIb3DQEBCwUAA4IBAQDOgZfzpyj9Lod6CXQpoGolSjAX8AsYXP9xLn+d7O55
htOm9qBDPoERPslRGl1U0nuBgeOCbMWWoSclIi3PSArbnMV6queuYyl1Zqn8wUgC
0/+A/XjWUOFGqVMr573OErcVtlJcGXxNLzMcaAwDCiqnjN5mruh28vFca6CLNm+d
18Bbit+aN4dUSq9VbQQoiYSvoc/7ooatagp2ksu+v2ThhI+DuxVd9JUQESzMShU+
8IFMPmQGtSv90AIR2DB8gyZnvyDqJI/1EbKZnZ1coIr9Tjjq7LKNx8iny2/5tcLP
Zh/FBJbVTZayKTNxeJdEeTM+n+GbDyfS/s+/8FzhD4Ae
-----END CERTIFICATE-----
Generated at Tue Feb 6 12:06:58 2024 by rpki-client on console-ams.rpki-client.org