Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/rhf0MFrBqzaFCREsrqy5kV5_F00.roa
File: rhf0MFrBqzaFCREsrqy5kV5_F00.roa (raw, json)
Hash identifier: QZxYOGDbUp5XCxmKRjdfko0TklOF+qqJZu8jMaM1YwY=
Subject key identifier: AE:17:F4:30:5A:C1:AB:36:85:09:11:2C:AE:AC:B9:91:5E:7F:17:4D
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC73A15480134F8F1196F868A784A5
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/rhf0MFrBqzaFCREsrqy5kV5_F00.roa
Signing time: Tue 02 Jan 2024 10:33:39 +0000
ROA not before: Tue 02 Jan 2024 10:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212356
IP address blocks: 45.155.123.0/24 maxlen: 24
2a0d:f407:1048::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 28 Apr 2024 04:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:73:a1:54:80:13:4f:8f:11:96:f8:68:a7:84:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae17f4305ac1ab368509112caeacb9915e7f174d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f0:1b:a6:0e:89:eb:72:28:4d:60:70:90:01:
62:6b:70:74:dc:d3:26:44:44:df:56:fe:92:b2:9f:
5b:74:e3:6a:a6:2b:ff:cb:a0:ed:ff:26:fb:0b:9e:
72:13:71:95:e4:d6:ef:8a:75:11:55:a7:68:de:26:
69:48:e0:5d:cb:bf:93:70:85:56:73:b7:a3:fa:e6:
bf:ad:5c:ff:cc:e5:14:a4:62:f0:28:a5:5c:fd:16:
e0:6f:ae:fb:55:4e:c3:25:48:75:7d:5c:fc:1b:5e:
0a:6c:15:33:9c:3f:4a:3a:46:70:0b:48:31:32:7a:
ef:6c:1e:26:c1:d3:90:9d:ad:ea:e6:0a:56:91:17:
ba:11:42:c6:b9:fe:0f:05:48:d4:17:ad:d6:d5:44:
75:aa:9f:75:69:1c:d3:a9:53:8c:32:08:a4:62:32:
62:01:b7:b0:31:3b:dc:80:87:88:dd:2f:f6:9c:aa:
22:37:d3:71:9e:d8:70:6e:31:63:75:02:52:a5:c7:
2b:d8:5f:96:42:04:f8:b9:49:93:b3:17:63:60:68:
b7:e4:78:29:cc:7b:0a:74:68:26:7f:a3:38:d5:7a:
19:90:b8:9b:08:8b:d5:8f:ae:f0:05:3b:21:ee:fa:
cd:a5:3d:b2:19:07:06:df:48:c9:ed:90:6e:19:a6:
ca:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:17:F4:30:5A:C1:AB:36:85:09:11:2C:AE:AC:B9:91:5E:7F:17:4D
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/rhf0MFrBqzaFCREsrqy5kV5_F00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.123.0/24
IPv6:
2a0d:f407:1048::/48
Signature Algorithm: sha256WithRSAEncryption
a8:b6:24:44:da:5f:f0:df:dc:69:66:9b:5d:5e:ea:95:e7:b1:
6a:0b:16:41:ca:85:7c:df:cb:5a:61:71:aa:98:43:82:c0:f8:
a2:a3:f0:e7:14:59:22:82:19:5e:73:0a:95:5f:f5:c2:a0:b6:
bf:b7:30:60:dd:31:dc:44:af:cd:57:b3:a7:18:96:52:90:4c:
73:95:9e:e4:e7:d6:52:01:67:eb:41:42:14:38:d1:dd:fd:8b:
88:3b:2d:d9:03:3d:81:f7:e0:44:fd:73:28:5a:d9:62:19:82:
f4:eb:d5:01:1d:aa:6b:dd:b7:2e:32:a4:e8:2f:9a:e3:ac:a3:
e5:ba:7a:2e:7d:35:06:ea:90:8f:50:97:e5:7f:54:fb:1a:95:
b4:18:1d:09:26:87:95:45:76:cd:5a:37:c8:57:35:1d:b4:e6:
dd:c4:5e:dd:39:43:d0:28:02:af:af:cd:f9:44:56:6b:00:40:
ef:8b:d6:03:b8:1a:b1:f7:a0:82:0c:76:b3:63:07:03:30:f5:
54:c9:76:d1:5f:16:b1:1d:79:77:4f:8f:52:65:94:8a:56:f7:
5a:19:ad:1c:76:96:46:e7:17:72:16:c8:86:ea:34:9d:b2:de:
87:0b:88:ec:9d:54:7e:dd:68:82:68:e7:60:f6:b3:f9:2e:d1:
46:7b:ee:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvHOhVIATT48Rlvhop4SlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE3ZjQzMDVhYzFhYjM2ODUwOTExMmNhZWFjYjk5MTVlN2YxNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfAbpg6J63IoTWBwkAFia3B03NMm
RETfVv6Ssp9bdONqpiv/y6Dt/yb7C55yE3GV5NbvinURVado3iZpSOBdy7+TcIVW
c7ej+ua/rVz/zOUUpGLwKKVc/Rbgb677VU7DJUh1fVz8G14KbBUznD9KOkZwC0gx
MnrvbB4mwdOQna3q5gpWkRe6EULGuf4PBUjUF63W1UR1qp91aRzTqVOMMgikYjJi
AbewMTvcgIeI3S/2nKoiN9NxnthwbjFjdQJSpccr2F+WQgT4uUmTsxdjYGi35Hgp
zHsKdGgmf6M41XoZkLibCIvVj67wBTsh7vrNpT2yGQcG30jJ7ZBuGabK9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4X9DBawas2hQkRLK6suZFefxdNMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvcmhmME1GckJxemFGQ1JFc3JxeTVrVjVfRjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZt7MA8E
AgACMAkDBwAqDfQHEEgwDQYJKoZIhvcNAQELBQADggEBAKi2JETaX/Df3Glmm11e
6pXnsWoLFkHKhXzfy1phcaqYQ4LA+KKj8OcUWSKCGV5zCpVf9cKgtr+3MGDdMdxE
r81Xs6cYllKQTHOVnuTn1lIBZ+tBQhQ40d39i4g7LdkDPYH34ET9cyha2WIZgvTr
1QEdqmvdty4ypOgvmuOso+W6ei59NQbqkI9Ql+V/VPsalbQYHQkmh5VFds1aN8hX
NR205t3EXt05Q9AoAq+vzflEVmsAQO+L1gO4GrH3oIIMdrNjBwMw9VTJdtFfFrEd
eXdPj1JllIpW91oZrRx2lkbnF3IWyIbqNJ2y3ocLiOydVH7daIJo52D2s/ku0UZ7
7iw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:25 2024 by rpki-client on console-fra.rpki-client.org