Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/G-vVb0teAsNDarJ6Rv9fiP804o0.roa
File: G-vVb0teAsNDarJ6Rv9fiP804o0.roa (raw, json)
Hash identifier: AcmfKbIcHFG6hF/RN3WOKNGQVh7ThbnNa16LrogKKSk=
Subject key identifier: 1B:EB:D5:6F:4B:5E:02:C3:43:6A:B2:7A:46:FF:5F:88:FF:34:E2:8D
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018E7B36AF72D9CCF1498A9E54DBAED778E3
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/G-vVb0teAsNDarJ6Rv9fiP804o0.roa
Signing time: Tue 26 Mar 2024 14:42:45 +0000
ROA not before: Tue 26 Mar 2024 14:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.149.164.0/24 maxlen: 24
194.246.37.0/24 maxlen: 24
194.247.44.0/24 maxlen: 24
194.247.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 16:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7b:36:af:72:d9:cc:f1:49:8a:9e:54:db:ae:d7:78:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Mar 26 14:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bebd56f4b5e02c3436ab27a46ff5f88ff34e28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:45:c6:75:19:b7:eb:97:e6:bc:70:15:b1:
56:79:ca:b6:29:bf:2e:db:90:f7:d8:c7:7e:6f:20:
34:db:b5:fa:1b:70:33:39:49:b4:f8:75:7a:1b:0b:
7a:b7:86:40:17:65:cd:92:9a:01:4d:9d:c4:ea:ab:
dd:14:cd:35:dc:66:e0:2b:52:2b:a5:ac:6c:82:dc:
ac:7e:bf:f5:93:a1:52:16:99:94:74:b4:30:1f:6d:
a1:44:36:7c:f8:38:84:0f:27:c9:c5:db:3a:1c:53:
63:57:4b:df:3e:54:f2:92:13:4c:59:d0:89:4e:1a:
52:4c:64:55:7b:2a:bf:ef:61:ac:bf:0e:2f:56:89:
71:ae:c2:3f:67:ef:a0:4c:b1:93:26:6d:b0:35:a0:
ca:48:32:43:d9:12:f1:6d:e0:76:c2:b9:81:6e:93:
72:74:f4:9f:20:8a:ef:4e:de:97:75:4d:bc:30:da:
c9:5b:a8:bc:14:a3:4e:5e:e4:82:46:38:4d:73:db:
c8:42:f2:e5:86:5b:30:b6:12:ce:df:f6:38:7e:64:
77:2b:d9:be:7c:a0:bb:2e:51:6f:97:5f:b7:ef:cb:
6b:0a:01:76:3a:36:83:f0:84:b6:1e:88:7c:d8:e5:
de:ef:53:aa:0d:0d:b3:41:f1:da:9c:4f:48:70:38:
d4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:EB:D5:6F:4B:5E:02:C3:43:6A:B2:7A:46:FF:5F:88:FF:34:E2:8D
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/G-vVb0teAsNDarJ6Rv9fiP804o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
194.246.37.0/24
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b9:c4:f9:9d:68:b1:6e:00:ef:8e:32:ea:46:80:de:ce:93:
6e:3f:43:b0:8f:5b:2f:87:33:7a:fd:d9:59:72:4c:02:5b:4c:
4a:56:63:50:bf:64:6f:36:32:d0:e4:cb:96:e4:47:c9:ca:bb:
29:d6:a8:f3:47:20:f9:eb:d5:5a:c7:82:58:38:b0:95:88:29:
92:3a:0e:e6:ab:69:00:d6:d2:cf:85:f8:92:8b:d6:c2:ba:e5:
5e:ed:7f:4b:67:ba:71:5e:c1:75:d5:6d:99:6c:48:f0:f6:98:
a7:aa:01:ed:96:8d:37:f9:c8:80:20:14:0d:12:78:a8:6b:37:
ae:b7:44:f4:be:77:d9:2c:72:77:f9:58:2a:5a:a2:01:2c:6d:
a9:f6:a8:86:11:67:cf:6b:dc:64:42:74:47:f7:b8:87:69:7b:
a2:3c:af:d6:ab:58:44:7d:f3:66:d5:b5:0a:b0:28:74:85:2b:
ad:6f:89:ff:6a:68:65:cd:7c:42:fb:e6:da:51:42:d8:57:4f:
e2:dd:e6:95:5c:c0:03:da:f7:05:a3:6f:72:30:5d:87:ac:d0:
8d:96:35:42:a0:6e:2e:a3:d4:90:53:89:8d:be:da:4f:5c:44:
d2:b7:24:24:7b:27:b5:f7:96:a5:74:97:cc:46:f0:56:e6:d8:
20:e2:2f:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY57Nq9y2czxSYqeVNuu13jjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwMzI2MTQ0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmViZDU2ZjRiNWUwMmMzNDM2YWIyN2E0NmZmNWY4OGZmMzRlMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwtFxnUZt+uX5rxwFbFWecq2Kb8u
25D32Md+byA027X6G3AzOUm0+HV6Gwt6t4ZAF2XNkpoBTZ3E6qvdFM013GbgK1Ir
paxsgtysfr/1k6FSFpmUdLQwH22hRDZ8+DiEDyfJxds6HFNjV0vfPlTykhNMWdCJ
ThpSTGRVeyq/72Gsvw4vVolxrsI/Z++gTLGTJm2wNaDKSDJD2RLxbeB2wrmBbpNy
dPSfIIrvTt6XdU28MNrJW6i8FKNOXuSCRjhNc9vIQvLlhlswthLO3/Y4fmR3K9m+
fKC7LlFvl1+378trCgF2OjaD8IS2Hoh82OXe71OqDQ2zQfHanE9IcDjU7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBvr1W9LXgLDQ2qyekb/X4j/NOKNMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvRy12VmIwdGVBc05EYXJKNlJ2OWZpUDgwNG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZWkAwQA
wvYlAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQAbucT5nWixbgDvjjLqRoDezpNu
P0Owj1svhzN6/dlZckwCW0xKVmNQv2RvNjLQ5MuW5EfJyrsp1qjzRyD569Vax4JY
OLCViCmSOg7mq2kA1tLPhfiSi9bCuuVe7X9LZ7pxXsF11W2ZbEjw9pinqgHtlo03
+ciAIBQNEnioazeut0T0vnfZLHJ3+VgqWqIBLG2p9qiGEWfPa9xkQnRH97iHaXui
PK/Wq1hEffNm1bUKsCh0hSutb4n/amhlzXxC++baUULYV0/i3eaVXMAD2vcFo29y
MF2HrNCNljVCoG4uo9SQU4mNvtpPXETStyQkeye195aldJfMRvBW5tgg4i8O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org