Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/yM1WdkmbQKQFIVNWlbgSjd-7nkM.roa
File: yM1WdkmbQKQFIVNWlbgSjd-7nkM.roa (raw, json)
Hash identifier: 5XyI18gKHfMXhv3k0fctN1QJzAKQw4Iip3gs0J0SAfI=
Subject key identifier: C8:CD:56:76:49:9B:40:A4:05:21:53:56:95:B8:12:8D:DF:BB:9E:43
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018DC6F5973D51065565AA96A09CA6402DF8
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/yM1WdkmbQKQFIVNWlbgSjd-7nkM.roa
Signing time: Tue 20 Feb 2024 14:40:00 +0000
ROA not before: Tue 20 Feb 2024 14:40:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.146.202.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:f5:97:3d:51:06:55:65:aa:96:a0:9c:a6:40:2d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Feb 20 14:40:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8cd5676499b40a40521535695b8128ddfbb9e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3f:6c:d6:9a:dd:27:36:24:6e:ac:11:1c:15:
c2:0d:86:c9:2c:66:77:0a:d9:c8:b8:9d:a6:50:e5:
7f:04:0c:a4:df:62:c0:4b:68:0d:ed:f0:21:53:08:
ec:96:04:90:a3:dc:4c:9c:d9:79:7d:9d:f9:46:0c:
da:f3:fe:e8:a6:64:f4:cc:20:7a:a2:13:0f:ff:3a:
77:aa:c1:42:13:fb:46:58:7b:e8:c2:a1:5a:5b:44:
cf:1f:27:54:fb:9c:07:f5:57:ee:9a:17:c2:64:8a:
b5:aa:19:db:7f:11:81:74:98:16:12:72:cd:98:33:
9f:a3:f5:e8:34:8b:7a:6b:37:d6:14:73:fb:cd:ac:
b1:fd:3b:5f:eb:a7:09:d7:a2:0c:c5:a8:19:30:da:
ae:df:69:00:89:38:8d:dc:a3:f5:51:cd:09:85:59:
35:1a:f1:79:64:8c:78:12:8e:57:26:6d:3c:1c:99:
96:cc:0d:55:75:2e:3f:fb:bd:7a:bf:1c:bf:38:86:
bf:33:ea:37:f8:d0:95:31:ac:2c:f9:38:a7:12:c3:
01:66:92:e5:1b:e6:48:79:31:e4:18:e8:f2:a7:7d:
55:74:fa:2a:4e:ee:95:8f:11:af:a4:6d:f2:dd:87:
9e:f4:ca:31:ee:a2:09:44:d6:cb:c6:2c:4e:93:4a:
66:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:CD:56:76:49:9B:40:A4:05:21:53:56:95:B8:12:8D:DF:BB:9E:43
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/yM1WdkmbQKQFIVNWlbgSjd-7nkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.202.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:cd:ad:a4:d6:93:0d:66:6c:8f:3f:e7:bd:e3:7f:57:f8:1f:
70:32:70:68:43:a0:53:59:1d:11:4d:50:50:96:44:e1:b8:d0:
2b:0c:fd:10:79:45:1e:d7:eb:ce:e2:d0:e5:e2:47:3c:54:e6:
02:99:b6:d9:fd:d5:d3:85:1b:c7:8f:06:a3:5d:e7:2d:ce:91:
0a:a8:63:ff:cb:67:bc:7f:d5:81:32:23:db:2c:6c:e9:3c:a1:
b3:f7:97:87:8c:7b:be:7d:54:7c:32:07:80:0a:3b:7d:57:da:
0c:70:ad:a0:5b:7d:e4:8d:cc:7a:45:0f:aa:91:f1:74:c8:1d:
a0:d4:16:5e:29:50:c2:bf:23:e0:03:49:85:fc:e4:27:04:ac:
7e:e1:f7:bb:5c:2a:a9:ac:9a:7c:c9:c5:88:43:3a:3f:95:43:
d3:4f:ec:dc:d3:bc:2d:79:a8:8a:a3:40:27:d7:f6:a0:46:90:
5b:3c:29:da:5f:0a:28:90:62:c4:29:5d:19:e6:96:54:c3:37:
70:d2:e7:4e:75:cf:a8:a3:38:4f:77:15:50:18:ca:3c:45:d0:
c6:4e:08:59:a1:11:d4:c7:3a:fa:01:79:cd:52:f3:36:73:91:
16:b1:6a:dc:ae:9b:23:9b:9c:61:46:a8:f3:2a:75:5a:16:f3:
3d:45:62:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3G9Zc9UQZVZaqWoJymQC34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMjIwMTQ0MDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGNkNTY3NjQ5OWI0MGE0MDUyMTUzNTY5NWI4MTI4ZGRmYmI5ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz9s1prdJzYkbqwRHBXCDYbJLGZ3
CtnIuJ2mUOV/BAyk32LAS2gN7fAhUwjslgSQo9xMnNl5fZ35Rgza8/7opmT0zCB6
ohMP/zp3qsFCE/tGWHvowqFaW0TPHydU+5wH9VfumhfCZIq1qhnbfxGBdJgWEnLN
mDOfo/XoNIt6azfWFHP7zayx/Ttf66cJ16IMxagZMNqu32kAiTiN3KP1Uc0JhVk1
GvF5ZIx4Eo5XJm08HJmWzA1VdS4/+716vxy/OIa/M+o3+NCVMaws+TinEsMBZpLl
G+ZIeTHkGOjyp31VdPoqTu6VjxGvpG3y3Yee9Mox7qIJRNbLxixOk0pmzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjNVnZJm0CkBSFTVpW4Eo3fu55DMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEveU0xV2RrbWJRS1FGSVZOV2xiZ1NqZC03bmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZLKMA0G
CSqGSIb3DQEBCwUAA4IBAQA+za2k1pMNZmyPP+e9439X+B9wMnBoQ6BTWR0RTVBQ
lkThuNArDP0QeUUe1+vO4tDl4kc8VOYCmbbZ/dXThRvHjwajXectzpEKqGP/y2e8
f9WBMiPbLGzpPKGz95eHjHu+fVR8MgeACjt9V9oMcK2gW33kjcx6RQ+qkfF0yB2g
1BZeKVDCvyPgA0mF/OQnBKx+4fe7XCqprJp8ycWIQzo/lUPTT+zc07wteaiKo0An
1/agRpBbPCnaXwookGLEKV0Z5pZUwzdw0udOdc+oozhPdxVQGMo8RdDGTghZoRHU
xzr6AXnNUvM2c5EWsWrcrpsjm5xhRqjzKnVaFvM9RWLI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org