Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2IqQXlGuFJ_Uh6Bn9h4r7V-IUIE.roa
File: 2IqQXlGuFJ_Uh6Bn9h4r7V-IUIE.roa (raw, json)
Hash identifier: hnqju2aszl50pjNPMTEARCM8RJ1P2uRXmCpDj6s6hsI=
Subject key identifier: D8:8A:90:5E:51:AE:14:9F:D4:87:A0:67:F6:1E:2B:ED:5F:88:50:81
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F996467B6CBFA3BD0D7CD05AF95ED4828
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2IqQXlGuFJ_Uh6Bn9h4r7V-IUIE.roa
Signing time: Tue 21 May 2024 04:24:05 +0000
ROA not before: Tue 21 May 2024 04:24:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25596
IP address blocks: 45.136.72.0/22 maxlen: 22
45.144.216.0/22 maxlen: 22
45.146.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 06:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:64:67:b6:cb:fa:3b:d0:d7:cd:05:af:95:ed:48:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: May 21 04:24:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d88a905e51ae149fd487a067f61e2bed5f885081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c3:f1:28:ba:70:c9:db:91:f0:b2:ab:8a:cd:
3d:fc:62:c8:e7:44:4f:b7:6f:bc:b2:d0:7c:4d:39:
12:a9:bf:bf:5b:b9:d4:97:9d:a8:af:09:a6:f1:b8:
17:93:61:3e:67:01:5d:54:3d:d9:3b:aa:f4:51:c7:
ed:47:9a:65:3a:c1:c3:bc:9e:4d:7c:73:c5:1e:63:
08:bc:f7:22:30:2b:17:7b:58:fa:37:59:10:54:4e:
85:e7:e0:c4:e3:ab:0d:42:6f:98:06:ab:03:f1:45:
c0:a1:c9:5a:09:60:9a:7e:4f:e5:7d:da:d0:32:3e:
bd:68:48:96:c3:63:0c:f7:9c:e3:91:08:cb:41:8c:
8d:54:e3:6a:26:03:1c:2a:b0:1c:e1:07:db:b3:b2:
cf:5c:89:fd:69:85:f0:4d:4c:07:04:ea:68:f4:16:
20:8d:eb:49:df:f8:40:e9:fa:19:9c:4d:e1:28:fa:
25:05:84:14:8b:91:f6:a6:0b:f8:a0:20:5d:7e:c7:
32:c3:f9:91:4a:78:85:3e:fd:9c:e1:5d:23:34:a4:
09:e3:c3:3a:b5:a9:d3:48:57:8c:30:f4:03:1b:37:
49:dd:e6:8a:6e:b6:04:63:54:e8:10:81:56:88:85:
77:34:b9:71:b0:99:35:89:54:13:c8:f2:5b:d3:b0:
dc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8A:90:5E:51:AE:14:9F:D4:87:A0:67:F6:1E:2B:ED:5F:88:50:81
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/2IqQXlGuFJ_Uh6Bn9h4r7V-IUIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.72.0/22
45.144.216.0/22
45.146.56.0/22
Signature Algorithm: sha256WithRSAEncryption
79:fa:bf:a6:4e:d6:b0:d9:d3:b1:d5:68:8e:be:99:82:60:16:
b5:14:fc:cc:18:93:68:8b:3f:03:e1:cd:49:60:cb:28:a3:40:
fd:7e:a0:51:e3:51:e5:14:d3:94:8f:6d:81:26:1b:b7:00:ac:
01:e9:72:65:c7:de:a9:cb:5a:05:31:0c:fd:90:5a:8d:8a:48:
50:f5:bb:c1:40:14:b1:40:3d:61:d9:e3:dc:09:ff:50:4a:61:
1f:65:4d:bf:b3:0b:ac:3d:a1:6f:c9:9b:d9:6a:33:c6:82:ec:
df:f2:a1:22:48:42:00:43:0d:a3:c7:32:4a:08:78:16:48:e9:
89:09:fc:08:10:7b:dc:6d:0c:e2:32:93:e7:c8:7d:4c:45:3d:
52:9b:8b:d0:c3:27:72:d8:fa:ea:59:08:98:0f:97:b2:7b:87:
0c:e8:7d:5e:f3:2e:7c:73:bc:4b:d2:50:06:aa:11:bc:88:2e:
92:38:44:28:18:72:f5:fc:1c:21:9d:e9:71:18:71:8f:43:60:
e4:8a:44:e6:93:07:8c:ef:61:21:4f:e4:12:06:c3:87:58:a4:
1d:c5:49:6f:82:89:9f:6d:92:e2:a6:7d:19:a5:e7:d3:f8:84:
f5:4b:09:76:ce:14:14:96:49:22:1f:27:88:47:67:84:7d:9e:
31:90:71:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+ZZGe2y/o70NfNBa+V7UgoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNTIxMDQyNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhhOTA1ZTUxYWUxNDlmZDQ4N2EwNjdmNjFlMmJlZDVmODg1MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcPxKLpwyduR8LKris09/GLI50RP
t2+8stB8TTkSqb+/W7nUl52orwmm8bgXk2E+ZwFdVD3ZO6r0UcftR5plOsHDvJ5N
fHPFHmMIvPciMCsXe1j6N1kQVE6F5+DE46sNQm+YBqsD8UXAoclaCWCafk/lfdrQ
Mj69aEiWw2MM95zjkQjLQYyNVONqJgMcKrAc4Qfbs7LPXIn9aYXwTUwHBOpo9BYg
jetJ3/hA6foZnE3hKPolBYQUi5H2pgv4oCBdfscyw/mRSniFPv2c4V0jNKQJ48M6
tanTSFeMMPQDGzdJ3eaKbrYEY1ToEIFWiIV3NLlxsJk1iVQTyPJb07DcmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNiKkF5RrhSf1IegZ/YeK+1fiFCBMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMklxUVhsR3VGSl9VaDZCbjloNHI3Vi1JVUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYhIAwQC
LZDYAwQCLZI4MA0GCSqGSIb3DQEBCwUAA4IBAQB5+r+mTtaw2dOx1WiOvpmCYBa1
FPzMGJNoiz8D4c1JYMsoo0D9fqBR41HlFNOUj22BJhu3AKwB6XJlx96py1oFMQz9
kFqNikhQ9bvBQBSxQD1h2ePcCf9QSmEfZU2/swusPaFvyZvZajPGguzf8qEiSEIA
Qw2jxzJKCHgWSOmJCfwIEHvcbQziMpPnyH1MRT1Sm4vQwydy2PrqWQiYD5eye4cM
6H1e8y58c7xL0lAGqhG8iC6SOEQoGHL1/BwhnelxGHGPQ2DkikTmkweM72EhT+QS
BsOHWKQdxUlvgomfbZLipn0ZpefT+IT1Swl2zhQUlkkiHyeIR2eEfZ4xkHEF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org