Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/OK2gPdPLYanZ0m1wlBstEwvE0bc.roa
File: OK2gPdPLYanZ0m1wlBstEwvE0bc.roa (raw, json)
Hash identifier: 1EwuXneD06Znol9Yc6NEy1KEuI8d9PkiT1CijslN9z8=
Subject key identifier: 38:AD:A0:3D:D3:CB:61:A9:D9:D2:6D:70:94:1B:2D:13:0B:C4:D1:B7
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018CFA0242245FA37B9C49FA3EEFA99CE638
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/OK2gPdPLYanZ0m1wlBstEwvE0bc.roa
Signing time: Thu 11 Jan 2024 19:31:41 +0000
ROA not before: Thu 11 Jan 2024 19:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
45.150.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fa:02:42:24:5f:a3:7b:9c:49:fa:3e:ef:a9:9c:e6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 11 19:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38ada03dd3cb61a9d9d26d70941b2d130bc4d1b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:ff:53:2d:f1:52:7c:51:9d:ca:c7:05:b9:
77:55:d8:43:0d:b2:4d:f8:b9:4d:4b:57:4c:15:a4:
3e:28:28:ea:4b:ad:76:55:a2:92:ec:a8:2c:3d:93:
e9:29:87:cc:2f:39:74:a1:33:d6:4e:3b:99:ce:6b:
1a:5e:56:84:eb:af:f5:fd:8e:5c:32:d4:c9:d0:dd:
7e:f7:e9:38:3c:d0:c5:1c:53:12:e2:da:00:1b:aa:
df:c1:5c:18:08:39:45:a8:55:ec:e5:e6:6e:63:29:
df:b6:54:13:ca:57:81:d2:5b:31:16:27:86:fc:6d:
02:d8:93:dd:74:19:05:ff:2d:a7:63:23:ad:7f:ed:
23:bc:e6:3a:93:a7:50:f5:cf:2e:4d:e6:51:af:bc:
24:e5:d9:0e:c0:d6:fc:e8:8a:04:c2:20:84:44:1a:
bd:ef:62:77:b3:10:71:3b:cd:69:dc:d1:90:83:1b:
6b:39:21:a0:fd:d1:2e:f7:dc:54:44:b5:98:18:17:
fe:45:90:ac:8f:e0:ee:55:45:09:9f:b6:02:43:2b:
76:e6:ae:00:4c:b9:de:01:f3:3b:37:1f:1c:34:56:
71:a7:92:82:6a:97:57:d6:b4:a6:26:a5:26:53:d5:
ba:0a:07:bc:e5:ff:83:fd:5e:22:78:64:80:59:f3:
8c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AD:A0:3D:D3:CB:61:A9:D9:D2:6D:70:94:1B:2D:13:0B:C4:D1:B7
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/OK2gPdPLYanZ0m1wlBstEwvE0bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.17.0/24
45.137.19.0/24
45.150.55.0/24
Signature Algorithm: sha256WithRSAEncryption
60:24:16:fe:20:9f:52:4c:15:8d:36:36:84:dd:7f:da:bb:7f:
70:ca:36:47:0a:dd:36:7e:db:7b:06:2c:eb:f8:bb:9f:0f:39:
e1:f1:da:2b:5d:89:f3:2c:63:19:d8:3a:ee:1b:ea:ac:6f:f0:
b7:81:bf:07:19:23:23:ce:76:46:c8:9b:34:13:09:44:15:1d:
94:ea:0c:37:d5:a7:f8:e8:d3:f3:8c:cf:4d:31:a3:5e:a6:6f:
9e:7d:a1:c9:e4:bc:9e:4d:60:85:68:b0:f8:09:93:ee:d3:71:
2b:f8:05:81:86:68:63:3e:d2:61:aa:82:e5:0c:8d:e9:76:9b:
4c:bb:c3:7f:41:4f:43:61:bd:60:3b:37:45:9a:81:58:d9:d8:
42:d5:7a:f3:a5:c3:dd:2b:77:75:b6:06:35:83:e7:cf:ee:53:
8a:9f:93:f5:c7:cb:06:2e:3e:a6:f5:72:33:da:e5:1c:88:56:
f5:7b:60:22:e2:c6:74:da:34:96:68:4d:04:00:42:dd:42:7e:
d6:52:6c:62:0f:31:56:3d:41:23:6b:59:41:fb:42:22:66:fd:
3c:86:b5:37:0e:98:68:dd:58:96:c9:cf:87:a7:3a:5d:f7:01:
e5:a7:8c:8e:f9:94:a3:76:91:03:3a:3a:5e:ae:5c:e5:18:fd:
5c:fe:04:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz6AkIkX6N7nEn6Pu+pnOY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwMTExMTkzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFkYTAzZGQzY2I2MWE5ZDlkMjZkNzA5NDFiMmQxMzBiYzRkMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqr/Uy3xUnxRncrHBbl3VdhDDbJN
+LlNS1dMFaQ+KCjqS612VaKS7KgsPZPpKYfMLzl0oTPWTjuZzmsaXlaE66/1/Y5c
MtTJ0N1+9+k4PNDFHFMS4toAG6rfwVwYCDlFqFXs5eZuYynftlQTyleB0lsxFieG
/G0C2JPddBkF/y2nYyOtf+0jvOY6k6dQ9c8uTeZRr7wk5dkOwNb86IoEwiCERBq9
72J3sxBxO81p3NGQgxtrOSGg/dEu99xURLWYGBf+RZCsj+DuVUUJn7YCQyt25q4A
TLneAfM7Nx8cNFZxp5KCapdX1rSmJqUmU9W6Cge85f+D/V4ieGSAWfOMJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDitoD3Ty2Gp2dJtcJQbLRMLxNG3MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvT0syZ1BkUExZYW5aMG0xd2xCc3RFd3ZFMGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYkRAwQA
LYkTAwQALZY3MA0GCSqGSIb3DQEBCwUAA4IBAQBgJBb+IJ9STBWNNjaE3X/au39w
yjZHCt02ftt7Bizr+LufDznh8dorXYnzLGMZ2DruG+qsb/C3gb8HGSMjznZGyJs0
EwlEFR2U6gw31af46NPzjM9NMaNepm+efaHJ5LyeTWCFaLD4CZPu03Er+AWBhmhj
PtJhqoLlDI3pdptMu8N/QU9DYb1gOzdFmoFY2dhC1XrzpcPdK3d1tgY1g+fP7lOK
n5P1x8sGLj6m9XIz2uUciFb1e2Ai4sZ02jSWaE0EAELdQn7WUmxiDzFWPUEja1lB
+0IiZv08hrU3Dpho3ViWyc+Hpzpd9wHlp4yO+ZSjdpEDOjperlzlGP1c/gRF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:42 2024 by rpki-client on console-ams.rpki-client.org