Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OHDkprGrEGMXA0FK8KS0-4pOmJ0.roa
File: OHDkprGrEGMXA0FK8KS0-4pOmJ0.roa (raw, json)
Hash identifier: 74iEsvsKp5f/yRXyJRoVGBddGfWJmrtxuGrBaUppS1U=
Subject key identifier: 38:70:E4:A6:B1:AB:10:63:17:03:41:4A:F0:A4:B4:FB:8A:4E:98:9D
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01905833A83381E76CA4F0901E04B2B3F929
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OHDkprGrEGMXA0FK8KS0-4pOmJ0.roa
Signing time: Thu 27 Jun 2024 05:38:18 +0000
ROA not before: Thu 27 Jun 2024 05:38:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.84.216.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 11:14:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:33:a8:33:81:e7:6c:a4:f0:90:1e:04:b2:b3:f9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 27 05:38:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3870e4a6b1ab10631703414af0a4b4fb8a4e989d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9a:d8:6d:c6:5f:6c:75:14:9b:f2:ed:f3:9c:
e4:c7:65:6a:7b:a9:f3:dc:02:cf:48:9b:73:ac:01:
45:9e:33:d8:6c:bb:e5:51:19:74:f1:c4:54:c1:1e:
21:02:29:29:31:cf:76:65:b5:94:12:a1:02:c4:69:
4c:20:c8:73:70:4a:e7:0f:f2:42:9f:cf:f3:88:a1:
59:22:5d:ac:e2:26:90:0a:5e:04:ab:13:02:9b:4e:
ce:e3:f9:5c:48:f5:ca:ce:2a:43:0a:b5:39:6f:3a:
5f:93:68:71:17:f4:10:83:04:d3:30:65:4d:fa:fe:
6e:ce:c7:e4:35:38:9e:68:6f:b1:f0:0b:58:ce:fd:
16:ed:ee:5f:11:37:d0:45:b6:79:f8:de:b6:79:05:
6c:b3:77:6c:6a:a2:10:49:9d:e5:6a:fc:d0:f1:9a:
70:be:ea:c1:a7:e7:34:a3:1c:a2:f6:d5:88:cf:ba:
c4:e5:8f:d0:70:38:45:8b:67:b0:2d:f1:13:1e:e2:
97:8e:f1:dc:98:72:cb:98:72:fc:13:a8:9d:0a:7d:
9b:db:14:a4:eb:e3:f2:cc:b5:ea:92:9d:54:10:c6:
91:b3:dc:4d:7c:40:51:35:32:0c:d7:0f:84:e3:b2:
5e:f3:14:a9:d2:05:99:7a:53:b4:95:49:d7:f0:e0:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:70:E4:A6:B1:AB:10:63:17:03:41:4A:F0:A4:B4:FB:8A:4E:98:9D
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OHDkprGrEGMXA0FK8KS0-4pOmJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.95.243.0/24
Signature Algorithm: sha256WithRSAEncryption
24:53:8f:e3:26:cc:4a:a8:c0:c6:4f:46:6b:c9:5c:3f:af:c7:
5a:f4:2a:44:90:a8:ed:a8:de:b3:5f:95:07:ac:d8:bc:37:24:
f1:6a:fb:13:35:99:78:e1:73:10:c2:36:69:3a:61:41:24:cc:
a3:77:5a:50:7d:f8:c1:d5:1d:42:1e:b4:39:a2:f4:2b:e2:2e:
b5:8c:7e:c4:df:4b:bb:72:25:52:cb:84:72:cc:bc:32:a5:11:
9c:f5:df:1b:1e:2a:a4:de:4e:f2:3a:cf:e0:f3:15:58:6d:2e:
d1:f5:06:9e:f1:1d:7f:06:d0:f3:d5:7b:c8:8a:53:d3:b0:8d:
c0:85:37:08:08:f1:3e:13:bb:6b:5c:3b:a2:92:a7:4a:02:9f:
24:05:f7:21:80:03:f9:3e:6f:3f:27:c7:8f:1a:4d:c8:21:4a:
1c:5a:21:2b:f6:0b:63:dc:c6:c9:2d:18:ac:13:65:08:cb:1b:
b5:8a:58:32:02:79:a5:c5:28:20:a8:2a:b0:6b:6b:d6:60:13:
d5:a6:c5:35:8d:cc:57:cb:89:70:ec:fb:50:d8:46:d0:d8:fa:
32:7d:0c:c5:9b:17:23:a7:ab:c4:bc:09:0d:a5:5b:3a:b0:7c:
26:32:39:f4:dd:89:8f:50:08:b1:84:70:36:06:62:08:0b:53:
2e:10:c7:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBYM6gzgedspPCQHgSys/kpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNjI3MDUzODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcwZTRhNmIxYWIxMDYzMTcwMzQxNGFmMGE0YjRmYjhhNGU5ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45rYbcZfbHUUm/Lt85zkx2Vqe6nz
3ALPSJtzrAFFnjPYbLvlURl08cRUwR4hAikpMc92ZbWUEqECxGlMIMhzcErnD/JC
n8/ziKFZIl2s4iaQCl4EqxMCm07O4/lcSPXKzipDCrU5bzpfk2hxF/QQgwTTMGVN
+v5uzsfkNTieaG+x8AtYzv0W7e5fETfQRbZ5+N62eQVss3dsaqIQSZ3lavzQ8Zpw
vurBp+c0oxyi9tWIz7rE5Y/QcDhFi2ewLfETHuKXjvHcmHLLmHL8E6idCn2b2xSk
6+PyzLXqkp1UEMaRs9xNfEBRNTIM1w+E47Je8xSp0gWZelO0lUnX8OBq1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhw5KaxqxBjFwNBSvCktPuKTpidMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvT0hEa3ByR3JFR01YQTBGSzhLUzAtNHBPbUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVTYAwQA
LV/zMA0GCSqGSIb3DQEBCwUAA4IBAQAkU4/jJsxKqMDGT0ZryVw/r8da9CpEkKjt
qN6zX5UHrNi8NyTxavsTNZl44XMQwjZpOmFBJMyjd1pQffjB1R1CHrQ5ovQr4i61
jH7E30u7ciVSy4RyzLwypRGc9d8bHiqk3k7yOs/g8xVYbS7R9Qae8R1/BtDz1XvI
ilPTsI3AhTcICPE+E7trXDuikqdKAp8kBfchgAP5Pm8/J8ePGk3IIUocWiEr9gtj
3MbJLRisE2UIyxu1ilgyAnmlxSggqCqwa2vWYBPVpsU1jcxXy4lw7PtQ2EbQ2Poy
fQzFmxcjp6vEvAkNpVs6sHwmMjn03YmPUAixhHA2BmIIC1MuEMft
-----END CERTIFICATE-----
Generated at Mon Jul 22 14:12:10 2024 by rpki-client on console-ams.rpki-client.org