Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AMtiTUdgPql3KQ1VaOqHMLjELfQ.roa
File: AMtiTUdgPql3KQ1VaOqHMLjELfQ.roa (raw, json)
Hash identifier: 3FGi1qwsXX5KGee5ENyZPA0SK6gokCONd5MtKWFbJHM=
Subject key identifier: 00:CB:62:4D:47:60:3E:A9:77:29:0D:55:68:EA:87:30:B8:C4:2D:F4
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B37DC4EAC52499E6591184465D2C648AD
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AMtiTUdgPql3KQ1VaOqHMLjELfQ.roa
Signing time: Mon 16 Oct 2023 09:41:06 +0000
ROA not before: Mon 16 Oct 2023 09:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211588
IP address blocks: 45.131.60.0/24 maxlen: 24
45.83.205.0/24 maxlen: 24
45.134.222.0/24 maxlen: 24
2a07:e345::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:dc:4e:ac:52:49:9e:65:91:18:44:65:d2:c6:48:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 16 09:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00cb624d47603ea977290d5568ea8730b8c42df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:37:d8:3b:97:1d:75:8f:7a:28:82:42:53:
cf:c1:85:5f:81:af:13:36:91:aa:03:74:26:c1:6b:
ad:9b:d4:1d:4b:98:13:f9:eb:e1:4a:09:0e:75:bb:
c2:3b:ac:e8:bf:b2:3d:22:de:22:74:1d:20:dc:03:
60:5d:92:e3:78:21:a4:38:38:1c:d6:dd:62:7c:be:
e8:be:72:ef:99:58:df:c0:6e:38:12:1d:c6:cb:e7:
2c:39:ba:65:67:9c:46:a6:1f:9f:65:1c:d5:6f:bd:
ca:cb:a1:cc:d1:dc:ce:2e:b0:92:a1:96:5e:7b:b1:
ad:ad:97:9c:89:67:7e:57:12:14:86:87:dd:ca:1b:
ff:f3:1e:7c:f9:d4:5f:b1:a2:cd:10:12:3f:99:c2:
3e:26:57:36:2a:c3:5a:e4:ca:37:e0:e7:5e:69:84:
ee:96:73:8e:88:e1:a8:f1:6e:b5:02:1a:f8:40:fc:
46:29:b2:bc:69:a4:08:06:2d:87:d6:b8:e8:be:5a:
6d:df:80:7a:47:f3:16:99:cd:9f:24:bb:70:9b:ac:
4f:dc:99:85:6b:e9:6a:68:7b:3f:25:2c:20:b3:cd:
54:a2:8d:f4:09:58:50:99:74:32:df:49:2e:27:ec:
fb:e4:53:67:63:11:64:8a:17:1c:a5:18:61:66:a0:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CB:62:4D:47:60:3E:A9:77:29:0D:55:68:EA:87:30:B8:C4:2D:F4
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AMtiTUdgPql3KQ1VaOqHMLjELfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.205.0/24
45.131.60.0/24
45.134.222.0/24
IPv6:
2a07:e345::/32
Signature Algorithm: sha256WithRSAEncryption
c0:4c:d9:4a:6f:7b:2b:77:d5:b9:a9:a8:92:4b:75:80:cc:1f:
dd:3e:32:10:94:29:18:80:ff:a9:01:3c:64:f6:78:5a:dd:52:
be:9b:07:18:29:aa:46:c4:ba:3a:79:ba:77:88:ed:5c:cc:d6:
45:05:66:90:43:a1:30:43:3f:35:84:f5:fb:cc:8f:c8:b6:ca:
51:88:09:02:3c:2c:e4:e6:07:26:c6:c2:e0:8a:c3:72:a9:08:
1f:41:60:e9:e9:5f:32:e0:06:7e:73:38:52:82:8b:d7:9f:a4:
0c:b5:b7:00:e7:f9:39:2d:44:36:8d:2d:7c:18:c6:a0:15:64:
4d:5e:a4:e5:71:94:27:82:5f:9f:ab:8b:4c:ba:cb:79:f7:63:
e5:6c:8d:69:2e:f9:63:54:69:5e:d3:fb:db:f1:01:e1:ed:e1:
f1:8a:46:d1:d2:a5:e9:e7:dc:6f:44:9e:05:36:4f:b6:9a:c2:
cd:5a:fc:f9:da:08:60:28:35:f1:b6:eb:1d:73:25:18:e5:7e:
08:b5:d9:e2:1d:b4:4e:90:23:5b:a7:6c:a5:3c:7a:23:06:2b:
bd:b3:c6:46:22:13:db:ed:75:94:9c:af:2d:94:0a:cb:ea:1c:
88:54:70:58:57:78:47:c8:41:d0:bc:b0:ac:15:1d:4f:6c:4e:
0a:51:94:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYs33E6sUkmeZZEYRGXSxkitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMDE2MDk0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNiNjI0ZDQ3NjAzZWE5NzcyOTBkNTU2OGVhODczMGI4YzQyZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh032DuXHXWPeiiCQlPPwYVfga8T
NpGqA3QmwWutm9QdS5gT+evhSgkOdbvCO6zov7I9It4idB0g3ANgXZLjeCGkODgc
1t1ifL7ovnLvmVjfwG44Eh3Gy+csObplZ5xGph+fZRzVb73Ky6HM0dzOLrCSoZZe
e7GtrZeciWd+VxIUhofdyhv/8x58+dRfsaLNEBI/mcI+Jlc2KsNa5Mo34OdeaYTu
lnOOiOGo8W61Ahr4QPxGKbK8aaQIBi2H1rjovlpt34B6R/MWmc2fJLtwm6xP3JmF
a+lqaHs/JSwgs81Uoo30CVhQmXQy30kuJ+z75FNnYxFkihccpRhhZqDcVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFADLYk1HYD6pdykNVWjqhzC4xC30MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQU10aVRVZGdQcWwzS1ExVmFPcUhNTGpFTGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVPNAwQA
LYM8AwQALYbeMA0EAgACMAcDBQAqB+NFMA0GCSqGSIb3DQEBCwUAA4IBAQDATNlK
b3srd9W5qaiSS3WAzB/dPjIQlCkYgP+pATxk9nha3VK+mwcYKapGxLo6ebp3iO1c
zNZFBWaQQ6EwQz81hPX7zI/ItspRiAkCPCzk5gcmxsLgisNyqQgfQWDp6V8y4AZ+
czhSgovXn6QMtbcA5/k5LUQ2jS18GMagFWRNXqTlcZQngl+fq4tMust592PlbI1p
LvljVGle0/vb8QHh7eHxikbR0qXp59xvRJ4FNk+2msLNWvz52ghgKDXxtusdcyUY
5X4ItdniHbROkCNbp2ylPHojBiu9s8ZGIhPb7XWUnK8tlArL6hyIVHBYV3hHyEHQ
vLCsFR1PbE4KUZRK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org