Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ta9CKpDs-OwnpTrp0GaYukDVeDQ.roa
File: ta9CKpDs-OwnpTrp0GaYukDVeDQ.roa (raw, json)
Hash identifier: HyTumBHj7XwN4aAZPvjKpep5o9v9+mARk1lb8oDDUZU=
Subject key identifier: B5:AF:42:2A:90:EC:F8:EC:27:A5:3A:E9:D0:66:98:BA:40:D5:78:34
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 0189C6583B0C9FBE654538D5702D523B6370
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ta9CKpDs-OwnpTrp0GaYukDVeDQ.roa
Signing time: Sat 05 Aug 2023 15:36:58 +0000
ROA not before: Sat 05 Aug 2023 15:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197644
IP address blocks: 45.149.94.0/24 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 22:40:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:58:3b:0c:9f:be:65:45:38:d5:70:2d:52:3b:63:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Aug 5 15:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5af422a90ecf8ec27a53ae9d06698ba40d57834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:70:43:02:5d:44:25:61:b2:18:69:dc:00:
e3:ec:26:99:52:c2:8a:98:d0:4f:7a:69:2e:51:4e:
62:eb:12:63:52:e9:a1:d9:14:88:de:95:9d:f0:d8:
dc:5c:ca:f6:06:ce:ac:99:11:12:59:fe:02:93:d5:
ef:91:cf:86:62:0f:cf:98:d7:c3:23:fa:c6:9f:91:
f5:60:cb:c9:73:ac:9b:64:2f:6f:61:d3:0a:3e:af:
35:c9:f4:28:b0:81:85:ec:6d:d5:68:7e:2e:58:6a:
ab:69:d7:e3:89:e1:56:de:5f:92:ab:3e:47:80:92:
5e:5f:95:b6:29:2c:4e:9a:9f:f0:eb:06:2f:44:c9:
67:ec:8c:6c:7d:02:17:9b:f3:ba:44:d4:6e:d1:cd:
d8:6c:9d:c9:cd:38:74:61:bd:03:6c:67:6f:ce:29:
11:a9:d1:91:af:fa:44:8f:63:b5:48:71:4a:a5:69:
bb:d1:a4:9c:c8:bf:11:8d:56:9e:d0:af:fc:5e:97:
fb:59:c7:ed:8c:9a:d7:a9:f8:77:b1:2a:39:91:55:
70:b1:59:ac:62:72:55:d6:82:1e:a2:8f:37:5a:3d:
83:c4:e9:4d:ef:6b:8a:d0:38:0a:fb:3c:64:72:5a:
83:82:0a:d7:cb:76:4b:93:e7:e6:7a:4d:41:a7:e5:
12:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AF:42:2A:90:EC:F8:EC:27:A5:3A:E9:D0:66:98:BA:40:D5:78:34
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ta9CKpDs-OwnpTrp0GaYukDVeDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
80.246.236.0-80.246.238.255
Signature Algorithm: sha256WithRSAEncryption
93:ab:c0:b2:d6:55:57:71:29:1f:37:4a:6f:12:62:7e:2e:c8:
f2:ad:a0:ba:86:96:34:64:51:34:d6:d8:3a:ae:7b:26:a4:76:
b5:8c:30:81:df:7b:1f:95:88:66:5f:b6:4d:9f:75:40:a0:a7:
77:4b:dc:24:1c:95:63:8d:3f:ca:16:25:b1:be:bc:4c:56:0c:
5a:08:e0:91:05:48:d3:76:6f:f2:f7:73:65:39:8c:5c:db:d8:
b2:b2:72:66:f3:38:a5:38:4f:34:67:c6:fe:ae:a7:cb:2c:4c:
1b:7a:0e:1c:35:38:ac:ca:6a:89:63:a6:8a:04:4e:52:a0:76:
77:f3:99:bd:82:9e:0d:79:64:d8:e1:8b:cf:f0:3c:68:4d:4d:
90:07:0a:83:f3:a4:57:ed:87:6a:b1:da:a3:a9:ab:8e:22:67:
68:f3:e9:11:26:3c:8f:4d:2c:eb:02:c0:59:d0:48:07:a8:fc:
74:6c:92:1e:d5:4c:05:84:04:aa:cc:ce:86:d4:38:da:0b:bf:
10:10:43:1d:d2:28:dd:b8:3f:85:a7:3b:b5:43:46:29:ab:61:
cf:ee:b3:35:c4:3b:f9:cc:db:59:f3:ce:36:31:f6:a1:22:e1:
e8:fc:2c:0a:93:95:6d:e9:fb:8e:c0:2e:b1:97:8e:ec:32:0b:
21:be:3e:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYnGWDsMn75lRTjVcC1SO2NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwODA1MTUzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFmNDIyYTkwZWNmOGVjMjdhNTNhZTlkMDY2OThiYTQwZDU3ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwxwQwJdRCVhshhp3ADj7CaZUsKK
mNBPemkuUU5i6xJjUumh2RSI3pWd8NjcXMr2Bs6smRESWf4Ck9Xvkc+GYg/PmNfD
I/rGn5H1YMvJc6ybZC9vYdMKPq81yfQosIGF7G3VaH4uWGqradfjieFW3l+Sqz5H
gJJeX5W2KSxOmp/w6wYvRMln7IxsfQIXm/O6RNRu0c3YbJ3JzTh0Yb0DbGdvzikR
qdGRr/pEj2O1SHFKpWm70aScyL8RjVae0K/8Xpf7WcftjJrXqfh3sSo5kVVwsVms
YnJV1oIeoo83Wj2DxOlN72uK0DgK+zxkclqDggrXy3ZLk+fmek1Bp+USWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLWvQiqQ7PjsJ6U66dBmmLpA1Xg0MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvdGE5Q0twRHMtT3ducFRycDBHYVl1a0RWZURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALZVeMAwD
BAJQ9uwDBABQ9u4wDQYJKoZIhvcNAQELBQADggEBAJOrwLLWVVdxKR83Sm8SYn4u
yPKtoLqGljRkUTTW2DqueyakdrWMMIHfex+ViGZftk2fdUCgp3dL3CQclWONP8oW
JbG+vExWDFoI4JEFSNN2b/L3c2U5jFzb2LKycmbzOKU4TzRnxv6up8ssTBt6Dhw1
OKzKaoljpooETlKgdnfzmb2Cng15ZNjhi8/wPGhNTZAHCoPzpFfth2qx2qOpq44i
Z2jz6REmPI9NLOsCwFnQSAeo/HRskh7VTAWEBKrMzobUONoLvxAQQx3SKN24P4Wn
O7VDRimrYc/uszXEO/nM21nzzjYx9qEi4ej8LAqTlW3p+47ALrGXjuwyCyG+PpQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org