Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ELpB27xnqDBjtz7cuFCY15QJjOk.roa
File: ELpB27xnqDBjtz7cuFCY15QJjOk.roa (raw, json)
Hash identifier: 46dUd1+IiGRKMfxdezd6TC6QkKM3KDUvG7yHJXtQKAc=
Subject key identifier: 10:BA:41:DB:BC:67:A8:30:63:B7:3E:DC:B8:50:98:D7:94:09:8C:E9
Certificate issuer: /CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Certificate serial: 018CC64A394D10719FCBBF4A4559184EEA0D
Authority key identifier: 6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ELpB27xnqDBjtz7cuFCY15QJjOk.roa
Signing time: Mon 01 Jan 2024 18:30:02 +0000
ROA not before: Mon 01 Jan 2024 18:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208168
IP address blocks: 45.156.152.0/22 maxlen: 24
2a0f:2480::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Sep 2024 07:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:39:4d:10:71:9f:cb:bf:4a:45:59:18:4e:ea:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Validity
Not Before: Jan 1 18:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10ba41dbbc67a83063b73edcb85098d794098ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7f:e8:61:22:dc:0e:58:99:3a:87:06:31:91:
c1:a2:c9:a2:a5:f8:ed:17:58:f0:a1:86:df:26:57:
31:c1:39:77:4f:8f:29:09:eb:be:32:37:a8:73:ab:
6d:fc:04:85:2b:3c:4c:de:57:02:80:87:4c:ae:d2:
ed:41:c7:8f:aa:ea:b7:2d:3e:24:15:82:01:d8:e0:
f7:b9:60:bc:8d:ec:db:8d:fe:f0:c1:e3:ae:f8:c6:
97:a7:49:25:f9:2d:4f:1e:ae:6b:7e:7c:50:9a:71:
f8:f9:35:98:2f:1a:95:e8:7b:b3:ac:d7:8e:1f:a4:
ae:92:69:46:aa:74:97:20:8c:b2:30:cc:72:9d:6d:
62:21:2d:ca:71:ca:03:88:d9:3a:98:78:4e:0d:98:
85:4a:79:63:77:b3:59:db:dc:12:f5:a0:04:c7:72:
38:aa:25:cd:42:d7:c2:9d:e7:73:a1:e8:44:45:a0:
f4:83:2d:06:f7:48:b6:b2:4e:05:b7:e1:b6:48:bf:
1e:ab:df:cd:bf:ca:95:72:b7:d8:bb:d4:20:1d:c6:
03:7d:83:e0:1a:57:00:ea:e9:e3:e3:9f:c0:92:fd:
b5:87:c6:a9:e7:b2:a9:ac:2d:8a:58:f8:02:dc:6c:
c6:51:69:7b:d5:fb:51:b8:00:e1:cc:cd:7a:8c:22:
cf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BA:41:DB:BC:67:A8:30:63:B7:3E:DC:B8:50:98:D7:94:09:8C:E9
X509v3 Authority Key Identifier:
keyid:6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ELpB27xnqDBjtz7cuFCY15QJjOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.152.0/22
IPv6:
2a0f:2480::/29
Signature Algorithm: sha256WithRSAEncryption
43:e6:f6:80:82:93:15:fd:26:6b:2a:91:a6:a8:43:f5:25:f4:
68:ee:a2:bf:ea:7a:26:f9:a3:99:5b:ed:08:f2:17:00:ef:86:
ad:cc:21:84:85:9d:9c:e8:e9:96:c8:75:2c:6f:9e:36:3e:52:
1d:e6:33:18:37:09:e7:09:ce:67:eb:c9:db:ba:4c:5d:90:3f:
4f:cd:ab:db:e2:45:e4:79:22:2d:c5:b4:cb:1d:b8:bb:bb:11:
5c:dc:dc:40:7a:96:6f:c0:e0:85:7d:cf:33:84:7a:f5:5d:73:
0f:be:f8:11:4d:24:d6:d2:0d:e4:8d:ff:26:1a:0a:bc:c8:fa:
ad:83:b3:40:75:f4:15:45:2a:06:e9:70:e2:bf:4d:65:2a:d0:
46:8d:18:ce:41:cb:2a:c7:2a:87:d1:40:d0:47:73:0c:c6:2e:
16:14:38:88:64:d9:49:45:8c:01:1f:f2:6f:06:2e:f8:e9:26:
de:78:9d:94:53:91:9a:e0:9b:6a:3d:12:d1:7d:73:ca:7b:31:
a7:bb:70:ba:32:96:8c:97:f1:b7:d3:6a:83:e9:36:87:38:83:
79:80:5e:3c:79:07:d9:fe:a1:29:4a:16:f2:d7:12:96:b8:42:
41:87:5b:ab:a5:ea:04:9d:ad:52:42:f6:e4:00:80:fd:1f:3a:
81:b8:d0:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSjlNEHGfy79KRVkYTuoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZjliMjRmMmMwODQ3ZDA0MWMxZTY2YTEyZjAxZWFiYTQ3
OGI0ZmMwHhcNMjQwMTAxMTgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGJhNDFkYmJjNjdhODMwNjNiNzNlZGNiODUwOThkNzk0MDk4Y2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAin/oYSLcDliZOocGMZHBosmipfjt
F1jwoYbfJlcxwTl3T48pCeu+Mjeoc6tt/ASFKzxM3lcCgIdMrtLtQcePquq3LT4k
FYIB2OD3uWC8jezbjf7wweOu+MaXp0kl+S1PHq5rfnxQmnH4+TWYLxqV6HuzrNeO
H6SukmlGqnSXIIyyMMxynW1iIS3KccoDiNk6mHhODZiFSnljd7NZ29wS9aAEx3I4
qiXNQtfCnedzoehERaD0gy0G90i2sk4Ft+G2SL8eq9/Nv8qVcrfYu9QgHcYDfYPg
GlcA6unj45/Akv21h8ap57KprC2KWPgC3GzGUWl71ftRuADhzM16jCLPwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBC6Qdu8Z6gwY7c+3LhQmNeUCYzpMB8GA1UdIwQY
MBaAFGz5sk8sCEfQQcHmahLwHqukeLT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWIt
OTQ2ODkyZjg4YmViLzEvRUxwQjI3eG5xREJqdHo3Y3VGQ1kxNVFKak9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWItOTQ2ODkyZjg4YmVi
LzEvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZyYMA0E
AgACMAcDBQMqDySAMA0GCSqGSIb3DQEBCwUAA4IBAQBD5vaAgpMV/SZrKpGmqEP1
JfRo7qK/6nom+aOZW+0I8hcA74atzCGEhZ2c6OmWyHUsb542PlId5jMYNwnnCc5n
68nbukxdkD9Pzavb4kXkeSItxbTLHbi7uxFc3NxAepZvwOCFfc8zhHr1XXMPvvgR
TSTW0g3kjf8mGgq8yPqtg7NAdfQVRSoG6XDiv01lKtBGjRjOQcsqxyqH0UDQR3MM
xi4WFDiIZNlJRYwBH/JvBi746SbeeJ2UU5Ga4JtqPRLRfXPKezGnu3C6MpaMl/G3
02qD6TaHOIN5gF48eQfZ/qEpShby1xKWuEJBh1urpeoEna1SQvbkAID9HzqBuNCO
-----END CERTIFICATE-----
Generated at Tue Sep 24 12:04:18 2024 by rpki-client on console-ams.rpki-client.org