Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/k8eOxyt499MlO0Zme0G4F9XZdzw.roa
File: k8eOxyt499MlO0Zme0G4F9XZdzw.roa (raw, json)
Hash identifier: jN+TkyCvXoKZfoKjYb39bv9B7WWye1K3jHcNwkcq2Dc=
Subject key identifier: 93:C7:8E:C7:2B:78:F7:D3:25:3B:46:66:7B:41:B8:17:D5:D9:77:3C
Certificate issuer: /CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Certificate serial: 0186815501E4FDDDC6A4FFAD99BD0B13447D
Authority key identifier: A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/k8eOxyt499MlO0Zme0G4F9XZdzw.roa
Signing time: Fri 24 Feb 2023 02:51:17 +0000
ROA not before: Fri 24 Feb 2023 02:51:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32558
IP address blocks: 45.157.70.0/24 maxlen: 24
45.157.69.0/24 maxlen: 24
45.157.71.0/24 maxlen: 24
45.157.68.0/24 maxlen: 24
45.157.68.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 03 Apr 2023 07:44:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:81:55:01:e4:fd:dd:c6:a4:ff:ad:99:bd:0b:13:44:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1d0315373b09b061aa59f129d592eabf7b3aaef
Validity
Not Before: Feb 24 02:51:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93c78ec72b78f7d3253b46667b41b817d5d9773c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:eb:6d:2c:5a:b9:9b:ad:0b:ac:83:21:56:
d8:72:c7:cf:f8:d9:fe:69:67:f5:50:c7:11:8b:23:
8d:fa:e2:ad:85:64:f0:40:da:51:56:d2:4d:bc:bc:
ed:da:f4:ca:da:79:29:03:17:f1:ed:73:9a:5a:cb:
94:aa:1b:68:28:f2:b1:d8:bc:cb:af:76:e7:db:2b:
02:b2:8d:1e:4f:37:5f:c6:85:22:f2:f0:73:3d:93:
26:d9:a0:62:68:31:b9:47:82:88:4a:7b:ec:ff:18:
4d:bc:a5:b8:8a:6a:8d:1a:81:58:93:b4:19:d2:4c:
ef:c9:0d:85:a9:32:91:97:94:8c:c6:0a:6b:0b:e8:
ea:7b:85:da:fa:39:7a:86:19:3d:be:b7:a7:29:fc:
95:27:91:14:29:f2:9a:2e:cd:86:7c:38:ed:c7:e7:
a8:ce:5e:9f:89:f2:f1:2f:ce:0a:c8:32:cd:bc:ea:
f7:ca:44:c5:ea:32:c0:91:8b:db:ff:7a:5b:7b:23:
8b:0d:ba:d4:c3:e4:70:67:70:bb:bb:23:f5:6e:a4:
0b:ce:a1:16:26:68:fe:f9:5e:dc:47:3c:f8:28:0e:
27:6c:7b:f7:45:4e:a6:56:30:ca:4c:55:b6:c6:6b:
f3:48:11:42:36:28:a0:e2:3c:b3:c3:2c:81:bf:35:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C7:8E:C7:2B:78:F7:D3:25:3B:46:66:7B:41:B8:17:D5:D9:77:3C
X509v3 Authority Key Identifier:
keyid:A1:D0:31:53:73:B0:9B:06:1A:A5:9F:12:9D:59:2E:AB:F7:B3:AA:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odAxU3OwmwYapZ8SnVkuq_ezqu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/k8eOxyt499MlO0Zme0G4F9XZdzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1bcb2d-f58b-4e44-b133-dfcbdf3b1058/1/odAxU3OwmwYapZ8SnVkuq_ezqu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.68.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:12:df:07:6c:bc:5c:00:d1:b7:f0:47:20:5c:b5:94:ef:18:
c3:dd:f2:79:ba:a2:66:68:82:40:5f:6d:58:b2:01:32:a9:71:
ea:65:7b:6b:59:3b:0a:bd:24:10:dd:b1:6c:2b:14:38:4d:e7:
04:ae:76:28:d6:62:49:ed:1f:21:f6:fc:69:e1:91:60:50:7b:
83:f9:00:a2:51:32:c9:e7:c3:b3:37:07:6b:c5:99:7d:c5:92:
97:0e:97:e0:e3:4e:4c:b8:aa:60:50:d1:bf:af:18:4e:ca:af:
06:36:62:b3:9c:66:f4:bc:44:a6:75:73:e9:07:9a:1a:69:51:
3d:31:d0:1e:38:77:7f:79:d6:bf:66:af:ab:33:db:85:8e:72:
62:3c:74:fb:a4:4b:8a:4d:77:8d:03:65:7f:8f:12:6f:65:76:
40:04:10:53:6f:91:01:92:bd:0a:c5:70:64:be:69:7f:10:45:
aa:de:76:98:de:f8:8c:23:2e:15:00:63:0a:a0:8f:f5:2b:1e:
c0:31:07:d6:e0:16:af:3f:fa:d8:e9:17:28:59:e8:69:ad:09:
55:9d:96:ee:6a:2a:db:5d:d1:fe:3f:41:ee:2a:9b:41:4e:95:
e8:1e:fc:61:22:39:58:7d:a5:10:74:c7:9b:49:3a:4e:5d:82:
3f:e1:e7:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaBVQHk/d3GpP+tmb0LE0R9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZDAzMTUzNzNiMDliMDYxYWE1OWYxMjlkNTkyZWFiZjdi
M2FhZWYwHhcNMjMwMjI0MDI1MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2M3OGVjNzJiNzhmN2QzMjUzYjQ2NjY3YjQxYjgxN2Q1ZDk3NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/HrbSxauZutC6yDIVbYcsfP+Nn+
aWf1UMcRiyON+uKthWTwQNpRVtJNvLzt2vTK2nkpAxfx7XOaWsuUqhtoKPKx2LzL
r3bn2ysCso0eTzdfxoUi8vBzPZMm2aBiaDG5R4KISnvs/xhNvKW4imqNGoFYk7QZ
0kzvyQ2FqTKRl5SMxgprC+jqe4Xa+jl6hhk9vrenKfyVJ5EUKfKaLs2GfDjtx+eo
zl6fifLxL84KyDLNvOr3ykTF6jLAkYvb/3pbeyOLDbrUw+RwZ3C7uyP1bqQLzqEW
Jmj++V7cRzz4KA4nbHv3RU6mVjDKTFW2xmvzSBFCNiig4jyzwyyBvzXYvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJPHjscrePfTJTtGZntBuBfV2Xc8MB8GA1UdIwQY
MBaAFKHQMVNzsJsGGqWfEp1ZLqv3s6rvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMt
ZGZjYmRmM2IxMDU4LzEvazhlT3h5dDQ5OU1sTzBabWUwRzRGOVhaZHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xYmNiMmQtZjU4Yi00ZTQ0LWIxMzMtZGZjYmRmM2IxMDU4
LzEvb2RBeFUzT3dtd1lhcFo4U25Wa3VxX2V6cXU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ1EMA0G
CSqGSIb3DQEBCwUAA4IBAQBOEt8HbLxcANG38EcgXLWU7xjD3fJ5uqJmaIJAX21Y
sgEyqXHqZXtrWTsKvSQQ3bFsKxQ4TecErnYo1mJJ7R8h9vxp4ZFgUHuD+QCiUTLJ
58OzNwdrxZl9xZKXDpfg405MuKpgUNG/rxhOyq8GNmKznGb0vESmdXPpB5oaaVE9
MdAeOHd/eda/Zq+rM9uFjnJiPHT7pEuKTXeNA2V/jxJvZXZABBBTb5EBkr0KxXBk
vml/EEWq3naY3viMIy4VAGMKoI/1Kx7AMQfW4BavP/rY6RcoWehprQlVnZbuairb
XdH+P0HuKptBTpXoHvxhIjlYfaUQdMebSTpOXYI/4ecU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:25 2024 by rpki-client on console-fra.rpki-client.org