Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/ke7gb1v7kDvNT6DwWLeVZuL0Pmo.roa
File: ke7gb1v7kDvNT6DwWLeVZuL0Pmo.roa (raw, json)
Hash identifier: RBp8N/lFEhPhdpy4tURp/zOSLAakl0+0IBpQZlgpXGU=
Subject key identifier: 91:EE:E0:6F:5B:FB:90:3B:CD:4F:A0:F0:58:B7:95:66:E2:F4:3E:6A
Certificate issuer: /CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Certificate serial: 018689D619F9C411E1B8F56A6E25175E8A82
Authority key identifier: 71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/ke7gb1v7kDvNT6DwWLeVZuL0Pmo.roa
Signing time: Sat 25 Feb 2023 18:29:15 +0000
ROA not before: Sat 25 Feb 2023 18:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208928
IP address blocks: 45.15.1.0/24 maxlen: 24
45.15.0.0/22 maxlen: 22
45.15.0.0/24 maxlen: 24
45.15.3.0/24 maxlen: 24
45.15.2.0/24 maxlen: 24
45.147.128.0/24 maxlen: 24
45.147.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:89:d6:19:f9:c4:11:e1:b8:f5:6a:6e:25:17:5e:8a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Validity
Not Before: Feb 25 18:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91eee06f5bfb903bcd4fa0f058b79566e2f43e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1e:37:a9:66:59:98:78:e7:d9:cd:fa:5b:b4:
85:cf:2a:36:b6:99:c6:e4:4d:e3:af:67:37:05:9f:
e5:69:d0:ae:f5:f4:e2:24:36:76:62:55:5d:14:03:
fa:aa:dd:49:ee:0e:79:63:b0:ee:d9:64:22:92:16:
bb:53:c9:20:d6:e3:58:4f:55:b7:25:84:26:bf:6d:
68:2b:a6:58:92:09:cc:3d:e4:72:36:4d:62:a8:8b:
5c:db:7b:cb:fc:a8:f7:95:c4:90:c9:8f:f8:42:54:
32:01:4c:5d:e9:67:bd:17:e1:16:c6:24:8d:87:ca:
74:c1:b4:27:36:e0:45:9c:5e:02:64:11:24:0a:46:
74:bd:68:6d:5c:5b:70:59:0a:b4:3f:10:a5:2f:2d:
07:e5:e1:2a:19:73:aa:dc:7e:63:56:3e:63:a4:31:
d0:52:7d:b0:9b:c1:da:e6:54:63:7d:b4:20:f3:3c:
aa:91:61:e4:76:8e:f4:4f:1b:9d:ad:bd:89:45:fd:
68:1b:18:c9:52:79:14:55:50:9c:79:90:2a:0c:8c:
10:8a:98:db:b1:1e:65:45:48:7f:88:1a:b0:9f:30:
3c:d0:ef:05:53:93:8c:ae:15:b8:0b:81:a7:41:50:
75:c2:cc:1b:99:63:5d:9a:a6:0a:b6:7f:f6:c2:26:
7f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EE:E0:6F:5B:FB:90:3B:CD:4F:A0:F0:58:B7:95:66:E2:F4:3E:6A
X509v3 Authority Key Identifier:
keyid:71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/ke7gb1v7kDvNT6DwWLeVZuL0Pmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/cS_xHdDGbOZ_4PHXScCQnvNBjSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.0.0/22
45.147.128.0/23
Signature Algorithm: sha256WithRSAEncryption
79:7d:5c:48:d9:89:78:3c:73:0a:93:e8:03:66:79:0b:60:ef:
89:fa:f2:ed:22:d4:9f:ae:6e:70:19:44:7a:ce:bc:0e:46:f3:
14:86:e0:28:22:f2:20:8f:55:18:f0:73:9b:29:23:1f:50:d9:
3a:12:63:6e:bd:e1:22:e1:51:7c:7e:e8:b1:db:e5:c8:1a:da:
78:85:73:51:12:30:15:1e:f4:6d:07:55:fa:c0:f8:57:00:68:
c2:ba:e2:24:47:d8:05:5e:cc:c8:16:53:3c:84:eb:04:ba:6d:
b0:c9:f6:05:43:70:6a:a2:31:5d:7b:67:af:a5:6e:76:70:0a:
4f:f8:62:49:dd:79:b0:ed:2f:89:a7:8a:43:68:4f:59:c8:10:
bf:21:1c:44:7e:3e:58:93:5c:27:3f:c1:dc:9a:7a:47:c3:93:
1d:c9:09:a4:83:52:12:18:f3:0c:52:e2:2f:ea:13:4a:bc:7b:
fc:91:c2:70:bf:f4:de:77:a8:0a:39:27:24:a6:02:53:c0:62:
84:14:fe:70:ab:94:9c:b0:ee:10:99:6a:da:a8:f1:45:63:d9:
a9:0f:a3:7f:2a:0c:e6:91:60:81:75:b0:b4:69:73:ac:4d:2c:
9e:0a:14:7c:9b:01:c4:59:39:90:9f:a5:18:79:16:01:fe:41:
44:40:f3:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYaJ1hn5xBHhuPVqbiUXXoqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmZmMTFkZDBjNjZjZTY3ZmUwZjFkNzQ5YzA5MDllZjM0
MThkMjkwHhcNMjMwMjI1MTgyOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWVlZTA2ZjViZmI5MDNiY2Q0ZmEwZjA1OGI3OTU2NmUyZjQzZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB43qWZZmHjn2c36W7SFzyo2tpnG
5E3jr2c3BZ/ladCu9fTiJDZ2YlVdFAP6qt1J7g55Y7Du2WQikha7U8kg1uNYT1W3
JYQmv21oK6ZYkgnMPeRyNk1iqItc23vL/Kj3lcSQyY/4QlQyAUxd6We9F+EWxiSN
h8p0wbQnNuBFnF4CZBEkCkZ0vWhtXFtwWQq0PxClLy0H5eEqGXOq3H5jVj5jpDHQ
Un2wm8Ha5lRjfbQg8zyqkWHkdo70Txudrb2JRf1oGxjJUnkUVVCceZAqDIwQipjb
sR5lRUh/iBqwnzA80O8FU5OMrhW4C4GnQVB1wswbmWNdmqYKtn/2wiZ/qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJHu4G9b+5A7zU+g8Fi3lWbi9D5qMB8GA1UdIwQY
MBaAFHEv8R3Qxmzmf+Dx10nAkJ7zQY0pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTct
OWQ2M2IwNDc2ZTI0LzEva2U3Z2IxdjdrRHZOVDZEd1dMZVZadUwwUG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTctOWQ2M2IwNDc2ZTI0
LzEvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ8AAwQB
LZOAMA0GCSqGSIb3DQEBCwUAA4IBAQB5fVxI2Yl4PHMKk+gDZnkLYO+J+vLtItSf
rm5wGUR6zrwORvMUhuAoIvIgj1UY8HObKSMfUNk6EmNuveEi4VF8fuix2+XIGtp4
hXNREjAVHvRtB1X6wPhXAGjCuuIkR9gFXszIFlM8hOsEum2wyfYFQ3BqojFde2ev
pW52cApP+GJJ3Xmw7S+Jp4pDaE9ZyBC/IRxEfj5Yk1wnP8HcmnpHw5MdyQmkg1IS
GPMMUuIv6hNKvHv8kcJwv/Ted6gKOSckpgJTwGKEFP5wq5ScsO4QmWraqPFFY9mp
D6N/KgzmkWCBdbC0aXOsTSyeChR8mwHEWTmQn6UYeRYB/kFEQPN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:15 2024 by rpki-client on console-ams.rpki-client.org