Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/G04I-W-TpEYKeCy61Iw8nLc5yic.roa
File: G04I-W-TpEYKeCy61Iw8nLc5yic.roa (raw, json)
Hash identifier: NtqLQF1FmhZVFcbUD9faqEnN4B0CnMAvHZNlsfnORiI=
Subject key identifier: 1B:4E:08:F9:6F:93:A4:46:0A:78:2C:BA:D4:8C:3C:9C:B7:39:CA:27
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018D60C938CFEC2C365E56108EF47B4F1712
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/G04I-W-TpEYKeCy61Iw8nLc5yic.roa
Signing time: Wed 31 Jan 2024 18:30:16 +0000
ROA not before: Wed 31 Jan 2024 18:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.16.0/24 maxlen: 24
45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
45.150.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 16:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:c9:38:cf:ec:2c:36:5e:56:10:8e:f4:7b:4f:17:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 31 18:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b4e08f96f93a4460a782cbad48c3c9cb739ca27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:77:1f:d1:12:94:a9:b5:87:54:80:ea:ac:ef:
41:fb:fc:f3:6d:c5:0a:95:00:db:cd:0e:22:75:df:
6c:47:56:3e:d7:02:30:fb:46:9f:9f:a1:30:c1:d4:
53:b3:aa:27:34:7c:e1:bd:af:4e:1e:bb:ff:9a:40:
db:8f:be:0c:71:a8:18:52:ff:ec:bb:45:61:9c:41:
45:97:ae:f5:e2:13:de:af:f5:f2:18:9e:98:c1:56:
84:a8:7f:3c:f5:06:ff:90:62:10:e3:0b:73:02:f7:
32:54:c9:43:f9:0e:ab:d2:99:46:f0:ed:a1:0b:e0:
1a:69:db:ca:b9:c6:e2:99:a6:23:5b:27:6d:45:f5:
ee:80:f6:d0:15:18:ed:d0:01:da:fc:bc:fd:a8:d1:
ca:ff:c5:bc:da:0d:d7:0c:58:b6:db:2f:62:67:ba:
9a:48:e4:1b:f3:42:12:82:cb:01:08:be:1b:17:fd:
63:93:b0:62:86:7e:a0:66:a1:50:d0:53:55:a7:e9:
46:8d:f7:b9:4a:dc:b3:7a:eb:b0:52:1a:37:07:f6:
4c:86:76:05:b5:54:f9:66:bc:a0:42:e6:e0:3d:19:
5a:45:89:cc:d3:1b:95:fa:81:d4:5a:07:c8:36:31:
4a:62:e0:66:25:df:4e:b0:b8:e8:07:ed:44:01:a3:
b6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:4E:08:F9:6F:93:A4:46:0A:78:2C:BA:D4:8C:3C:9C:B7:39:CA:27
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/G04I-W-TpEYKeCy61Iw8nLc5yic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.16.0/23
45.137.19.0/24
45.150.55.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:20:ba:9f:a5:e8:4d:9a:d2:00:34:7d:2c:c1:f7:bc:61:14:
e0:3e:9a:cc:77:fa:5a:32:30:65:da:09:87:42:aa:86:66:57:
72:aa:c0:73:69:2e:ef:9f:df:9d:14:e8:70:09:c9:ee:33:90:
6e:3e:78:aa:80:1a:1a:07:cc:dc:e9:b4:ed:d2:0b:d5:15:04:
3d:97:9a:be:9c:a2:17:c1:c0:08:da:da:62:ae:89:a2:f1:a5:
9e:16:02:db:0d:6e:07:39:a2:61:b7:b9:bb:23:fa:96:b8:3d:
51:76:1d:da:14:52:b9:1c:ce:c2:44:e1:8a:32:65:47:a9:1b:
7e:06:97:da:b6:18:4a:55:6a:43:68:b2:fe:db:67:91:79:19:
3e:8b:37:06:67:ea:9f:32:da:f0:ca:eb:99:be:fb:b1:b4:c0:
f7:14:ee:53:7b:e3:6f:80:be:6f:48:ba:6b:82:c1:dd:3a:a7:
fb:cc:98:0a:02:ca:a0:01:eb:6a:ec:a3:42:ae:26:c6:bc:4d:
fc:f0:d9:ff:71:36:7e:67:79:97:00:46:27:e6:c8:ad:5f:88:
99:16:19:ad:23:a8:d2:79:61:a4:9e:c0:24:79:73:04:6e:02:
61:85:44:06:28:5d:0a:25:61:7d:63:34:64:7d:13:57:a6:62:
74:e7:e1:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1gyTjP7Cw2XlYQjvR7TxcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwMTMxMTgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjRlMDhmOTZmOTNhNDQ2MGE3ODJjYmFkNDhjM2M5Y2I3MzljYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXcf0RKUqbWHVIDqrO9B+/zzbcUK
lQDbzQ4idd9sR1Y+1wIw+0afn6EwwdRTs6onNHzhva9OHrv/mkDbj74McagYUv/s
u0VhnEFFl6714hPer/XyGJ6YwVaEqH889Qb/kGIQ4wtzAvcyVMlD+Q6r0plG8O2h
C+AaadvKucbimaYjWydtRfXugPbQFRjt0AHa/Lz9qNHK/8W82g3XDFi22y9iZ7qa
SOQb80ISgssBCL4bF/1jk7Bihn6gZqFQ0FNVp+lGjfe5StyzeuuwUho3B/ZMhnYF
tVT5ZrygQubgPRlaRYnM0xuV+oHUWgfINjFKYuBmJd9OsLjoB+1EAaO2wQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBtOCPlvk6RGCngsutSMPJy3OconMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvRzA0SS1XLVRwRVlLZUN5NjFJdzhuTGM1eWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYkQAwQA
LYkTAwQALZY3MA0GCSqGSIb3DQEBCwUAA4IBAQBOILqfpehNmtIANH0swfe8YRTg
PprMd/paMjBl2gmHQqqGZldyqsBzaS7vn9+dFOhwCcnuM5BuPniqgBoaB8zc6bTt
0gvVFQQ9l5q+nKIXwcAI2tpiromi8aWeFgLbDW4HOaJht7m7I/qWuD1Rdh3aFFK5
HM7CROGKMmVHqRt+BpfathhKVWpDaLL+22eReRk+izcGZ+qfMtrwyuuZvvuxtMD3
FO5Te+NvgL5vSLprgsHdOqf7zJgKAsqgAetq7KNCribGvE388Nn/cTZ+Z3mXAEYn
5sitX4iZFhmtI6jSeWGknsAkeXMEbgJhhUQGKF0KJWF9YzRkfRNXpmJ05+H4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:00 2024 by rpki-client on console-fra.rpki-client.org