Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kWSkZUq-zUIqrOucIV7C-2tG8Mw.roa
File: kWSkZUq-zUIqrOucIV7C-2tG8Mw.roa (raw, json)
Hash identifier: Peaxa3dwB0+Q7ZU7y22czW2zxhpBvHo5SaqFpFDnpxM=
Subject key identifier: 91:64:A4:65:4A:BE:CD:42:2A:AC:EB:9C:21:5E:C2:FB:6B:46:F0:CC
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E845AC590FA5E735F5FE91222C0DCC863
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kWSkZUq-zUIqrOucIV7C-2tG8Mw.roa
Signing time: Thu 28 Mar 2024 09:18:45 +0000
ROA not before: Thu 28 Mar 2024 09:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.145.248.0/24 maxlen: 24
136.144.40.0/24 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 19:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:5a:c5:90:fa:5e:73:5f:5f:e9:12:22:c0:dc:c8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 28 09:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9164a4654abecd422aaceb9c215ec2fb6b46f0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ad:b2:12:6f:a3:ca:50:43:d0:99:16:d4:02:
b4:3c:af:7c:9f:d5:c9:4d:69:d5:73:a0:26:42:7d:
9b:a0:07:99:90:f5:46:9d:5b:08:13:83:f3:62:29:
9c:b8:d7:9b:a1:6c:45:f0:16:36:11:3f:fb:69:e3:
b5:9c:f4:b8:b0:92:23:e7:3d:2e:dc:57:2e:4c:23:
ed:34:83:5d:d8:2a:59:53:40:1f:d7:f2:b9:79:c4:
80:c3:59:89:e0:94:44:de:c9:77:c1:c4:06:93:1e:
83:94:51:e4:15:99:64:74:45:25:cd:13:d1:bf:6d:
dd:95:0e:27:da:c5:d8:d8:20:e3:65:ce:49:62:8d:
55:d6:2c:7a:2e:aa:4d:29:a7:38:4a:bd:99:a8:e6:
1b:62:cd:3d:91:40:28:c0:61:2d:81:63:6e:7c:2a:
8e:e6:ac:46:f7:95:c5:7e:f5:09:3c:b6:55:5d:b0:
45:99:6e:e9:48:7f:b7:06:7a:f3:96:db:3a:3a:ee:
21:87:21:47:9f:79:8e:61:03:c1:35:60:4c:5c:5f:
59:82:fd:f4:ee:52:e1:63:8d:37:a4:81:59:69:a0:
15:ab:bc:3c:26:cc:ed:13:6d:95:f1:b7:0e:08:39:
aa:af:57:e3:a5:c9:b9:e1:c9:3a:b1:66:3d:a4:18:
ce:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:64:A4:65:4A:BE:CD:42:2A:AC:EB:9C:21:5E:C2:FB:6B:46:F0:CC
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kWSkZUq-zUIqrOucIV7C-2tG8Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.248.0/24
136.144.40.0/24
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
7a:20:05:e4:13:ae:35:59:e4:59:49:cc:e2:2c:aa:fc:2a:a5:
db:11:6d:04:ce:e1:b4:4b:42:07:9c:e5:77:88:3e:44:31:34:
90:b6:a7:9a:f1:e8:7a:d2:ce:e5:79:f0:86:d3:e2:ef:41:54:
b4:de:f5:e8:f9:89:40:6a:84:ab:46:14:46:ef:aa:cc:8e:20:
72:6b:68:ef:f3:e0:25:6c:a1:d3:7b:3b:0b:d6:d9:48:d0:cc:
54:3d:19:ed:db:f8:33:b8:89:ff:2f:49:4a:43:47:32:13:fb:
9f:c7:42:03:27:33:c9:bf:85:c2:7c:f6:fb:f9:0e:12:95:1d:
dd:97:04:62:cd:28:50:0a:af:38:63:a5:29:7f:76:f3:dc:e1:
c4:a9:b3:7f:43:80:89:00:0a:5f:07:73:51:4d:0b:41:9f:ac:
77:04:8f:1d:a0:2d:6d:21:c4:63:5f:54:d4:38:34:99:77:69:
f5:b3:0a:7d:ed:8a:86:44:54:8d:93:3a:09:8a:4b:52:e2:df:
f1:28:f5:73:b7:b9:f4:c0:cc:2c:c5:fb:c8:cc:cc:d0:fd:6b:
03:c6:ce:58:b7:fc:f5:92:49:fe:71:a7:6d:e1:15:31:95:8c:
22:a5:74:b8:a7:9f:37:9b:dd:a6:f8:b0:67:5f:9b:74:8b:37:
7e:82:08:8f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY6EWsWQ+l5zX1/pEiLA3MhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzI4MDkxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY0YTQ2NTRhYmVjZDQyMmFhY2ViOWMyMTVlYzJmYjZiNDZmMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq2yEm+jylBD0JkW1AK0PK98n9XJ
TWnVc6AmQn2boAeZkPVGnVsIE4PzYimcuNeboWxF8BY2ET/7aeO1nPS4sJIj5z0u
3FcuTCPtNINd2CpZU0Af1/K5ecSAw1mJ4JRE3sl3wcQGkx6DlFHkFZlkdEUlzRPR
v23dlQ4n2sXY2CDjZc5JYo1V1ix6LqpNKac4Sr2ZqOYbYs09kUAowGEtgWNufCqO
5qxG95XFfvUJPLZVXbBFmW7pSH+3Bnrzlts6Ou4hhyFHn3mOYQPBNWBMXF9Zgv30
7lLhY403pIFZaaAVq7w8JsztE22V8bcOCDmqr1fjpcm54ck6sWY9pBjOIwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJFkpGVKvs1CKqzrnCFewvtrRvDMMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEva1dTa1pVcS16VUlxck91Y0lWN0MtMnRHOE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALZH4AwQA
iJAoMA4EAgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOCAQEAeiAF5BOuNVnk
WUnM4iyq/Cql2xFtBM7htEtCB5zld4g+RDE0kLanmvHoetLO5XnwhtPi70FUtN71
6PmJQGqEq0YURu+qzI4gcmto7/PgJWyh03s7C9bZSNDMVD0Z7dv4M7iJ/y9JSkNH
MhP7n8dCAyczyb+Fwnz2+/kOEpUd3ZcEYs0oUAqvOGOlKX9289zhxKmzf0OAiQAK
XwdzUU0LQZ+sdwSPHaAtbSHEY19U1Dg0mXdp9bMKfe2KhkRUjZM6CYpLUuLf8Sj1
c7e59MDMLMX7yMzM0P1rA8bOWLf89ZJJ/nGnbeEVMZWMIqV0uKefN5vdpviwZ1+b
dIs3foIIjw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:13:28 2024 by rpki-client on console-ams.rpki-client.org