Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouLJHF_wEXejfxO8CjC6sk4LhIs.roa
File: ouLJHF_wEXejfxO8CjC6sk4LhIs.roa (raw, json)
Hash identifier: L2TsIXO2pMCSZtmqERs3GqHPVhPfRfOu6wOKuKAo0vc=
Subject key identifier: A2:E2:C9:1C:5F:F0:11:77:A3:7F:13:BC:0A:30:BA:B2:4E:0B:84:8B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018D32BA139F0DEFFC052A176B7B48E8F9EE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouLJHF_wEXejfxO8CjC6sk4LhIs.roa
Signing time: Mon 22 Jan 2024 19:51:11 +0000
ROA not before: Mon 22 Jan 2024 19:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400696
IP address blocks: 45.84.214.0/24 maxlen: 24
2a0f:15c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 21:16:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:32:ba:13:9f:0d:ef:fc:05:2a:17:6b:7b:48:e8:f9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 22 19:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e2c91c5ff01177a37f13bc0a30bab24e0b848b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:1c:4c:95:1c:6a:e0:9c:54:e3:e9:87:aa:
f1:3d:ff:c3:0b:40:c6:13:32:4d:3b:da:ff:d5:07:
ea:03:7b:ba:0b:8e:37:fb:5c:3e:f2:97:c9:67:13:
8e:d6:47:36:00:b0:2c:0d:34:da:0e:93:45:88:22:
ce:d3:59:18:c2:d2:3e:34:d7:76:b5:c1:fd:ca:bc:
41:03:5c:bd:eb:c0:8b:92:85:02:f5:fc:67:68:b1:
b5:c8:09:9a:d2:44:52:b4:71:fa:c2:a3:31:92:83:
29:cb:13:83:89:c6:d0:9d:d9:ca:73:8a:8a:3c:28:
ec:79:e3:59:9a:c6:2a:91:e1:6e:4e:9c:d2:f9:a0:
31:f1:36:8c:86:99:0d:45:9b:4c:ef:f8:f3:b2:1a:
0f:f3:40:bc:b0:33:d7:e7:56:cc:cc:0e:f7:3c:47:
98:70:71:48:c7:0b:a7:05:a1:7a:17:b1:68:a8:35:
73:b0:3b:86:f4:4e:92:a4:b4:cb:b5:42:04:09:ae:
16:7c:7e:47:9e:c8:a6:70:3f:aa:06:8f:07:90:9c:
1c:1c:77:ba:a3:86:ae:b0:60:e1:7f:58:69:f4:a3:
d3:38:b6:83:d1:a5:b7:b8:fb:fc:ed:ef:de:72:42:
a4:45:ff:e1:84:2d:aa:fb:01:9c:d3:21:77:28:49:
fe:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E2:C9:1C:5F:F0:11:77:A3:7F:13:BC:0A:30:BA:B2:4E:0B:84:8B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouLJHF_wEXejfxO8CjC6sk4LhIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.214.0/24
IPv6:
2a0f:15c0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:8b:bf:f5:72:49:f0:c3:b7:bd:8e:b7:b0:bd:9a:95:b2:45:
6b:84:36:b4:2d:e1:40:df:10:02:41:40:2c:3d:e2:26:a1:11:
5d:21:ac:c9:b8:7a:8e:2d:ea:cd:8f:81:be:92:50:cc:d1:60:
ee:0e:52:e9:30:60:ed:8b:0b:95:4e:ca:9a:c7:6d:13:fb:19:
02:aa:9f:7d:06:45:6d:ed:3f:c2:58:39:67:eb:f7:0d:07:32:
ff:a1:8c:00:17:00:8e:3d:10:21:12:4f:09:c1:fe:12:23:5a:
0d:e2:66:8b:cf:a5:45:17:da:89:17:12:42:38:ee:fc:5a:87:
2c:ae:a9:b2:6a:1b:c2:a9:c3:67:ca:8c:57:ec:c7:87:f4:93:
16:59:28:b2:e1:f5:50:17:57:93:2e:21:a0:47:a9:33:31:c4:
9f:60:32:16:e4:35:8a:bf:01:87:72:f5:7c:3c:b3:df:30:03:
85:4f:9e:cd:5d:04:f0:9e:bd:2c:69:d2:59:35:3b:95:cc:83:
fc:b1:74:bf:9c:41:6e:91:a8:ce:c3:c6:bc:65:46:99:02:96:
72:ac:af:da:a2:ba:9e:74:1b:65:76:00:53:8b:33:40:1d:2f:
b1:11:ab:3a:71:6b:21:24:6f:a3:d5:c4:36:97:52:ca:c4:ef:
63:dc:b4:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0yuhOfDe/8BSoXa3tI6PnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTIyMTk1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmUyYzkxYzVmZjAxMTc3YTM3ZjEzYmMwYTMwYmFiMjRlMGI4NDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnAcTJUcauCcVOPph6rxPf/DC0DG
EzJNO9r/1QfqA3u6C443+1w+8pfJZxOO1kc2ALAsDTTaDpNFiCLO01kYwtI+NNd2
tcH9yrxBA1y968CLkoUC9fxnaLG1yAma0kRStHH6wqMxkoMpyxODicbQndnKc4qK
PCjseeNZmsYqkeFuTpzS+aAx8TaMhpkNRZtM7/jzshoP80C8sDPX51bMzA73PEeY
cHFIxwunBaF6F7FoqDVzsDuG9E6SpLTLtUIECa4WfH5HnsimcD+qBo8HkJwcHHe6
o4ausGDhf1hp9KPTOLaD0aW3uPv87e/eckKkRf/hhC2q+wGc0yF3KEn+jQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKLiyRxf8BF3o38TvAowurJOC4SLMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvb3VMSkhGX3dFWGVqZnhPOENqQzZzazRMaElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVTWMA0E
AgACMAcDBQAqDxXAMA0GCSqGSIb3DQEBCwUAA4IBAQC1i7/1cknww7e9jrewvZqV
skVrhDa0LeFA3xACQUAsPeImoRFdIazJuHqOLerNj4G+klDM0WDuDlLpMGDtiwuV
Tsqax20T+xkCqp99BkVt7T/CWDln6/cNBzL/oYwAFwCOPRAhEk8Jwf4SI1oN4maL
z6VFF9qJFxJCOO78WocsrqmyahvCqcNnyoxX7MeH9JMWWSiy4fVQF1eTLiGgR6kz
McSfYDIW5DWKvwGHcvV8PLPfMAOFT57NXQTwnr0sadJZNTuVzIP8sXS/nEFukajO
w8a8ZUaZApZyrK/aorqedBtldgBTizNAHS+xEas6cWshJG+j1cQ2l1LKxO9j3LTF
-----END CERTIFICATE-----
Generated at Sat Feb 3 02:04:50 2024 by rpki-client on console-fra.rpki-client.org