Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/orcN8FWyW-UfC57aAnuPj53HOv0.roa
File: orcN8FWyW-UfC57aAnuPj53HOv0.roa (raw, json)
Hash identifier: NW5a+OP0PXTNy2BdSE6h6xsR8Sc4HF91EpBwPXrjYEM=
Subject key identifier: A2:B7:0D:F0:55:B2:5B:E5:1F:0B:9E:DA:02:7B:8F:8F:9D:C7:3A:FD
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018DD6D29FF056010643377DBB91782BEBE9
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/orcN8FWyW-UfC57aAnuPj53HOv0.roa
Signing time: Fri 23 Feb 2024 16:35:44 +0000
ROA not before: Fri 23 Feb 2024 16:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.137.16.0/24 maxlen: 24
45.137.17.0/24 maxlen: 24
45.137.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Apr 2024 17:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:d2:9f:f0:56:01:06:43:37:7d:bb:91:78:2b:eb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Feb 23 16:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2b70df055b25be51f0b9eda027b8f8f9dc73afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ba:5f:8f:6b:42:f6:a2:e8:02:27:fb:5f:3b:
3c:41:db:dd:ab:7e:eb:55:c5:5e:4a:57:44:ac:2e:
93:45:63:b1:34:d1:b5:89:df:b6:3c:0b:fd:55:1f:
20:57:10:f7:29:fc:01:ac:f5:8b:99:57:2d:96:7e:
0d:19:61:56:f2:04:61:59:2f:af:32:92:71:80:a5:
04:1d:a4:4f:48:d4:e6:6b:17:81:f2:df:68:54:49:
43:2c:8d:a2:2d:55:98:9b:a4:e3:8b:a2:52:e3:ed:
b7:1a:f6:70:4d:4b:76:2f:a5:a5:6b:28:96:03:a4:
3b:44:80:49:72:92:b6:ab:47:73:4e:05:6b:87:06:
bb:9a:e0:c4:8a:d3:8d:3a:ed:50:9f:dc:1d:4b:7e:
80:cc:72:21:1a:2d:ae:e4:4c:71:29:84:9f:10:22:
d1:f2:90:f3:e5:18:1e:f6:51:3c:af:53:6b:1d:32:
2d:4c:91:98:34:ca:88:49:b6:0b:f2:14:c1:ef:e6:
d7:3e:96:0a:f8:88:2a:f7:93:19:51:06:84:88:ec:
3c:41:31:4c:cd:74:af:d2:1f:49:83:60:a0:51:68:
c8:d8:6e:fb:fd:3c:da:e1:bd:45:48:6d:1b:6b:ab:
72:f7:85:98:82:39:0e:ff:cc:7c:e7:03:43:85:82:
ac:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B7:0D:F0:55:B2:5B:E5:1F:0B:9E:DA:02:7B:8F:8F:9D:C7:3A:FD
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/orcN8FWyW-UfC57aAnuPj53HOv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.16.0/23
45.137.19.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:44:fd:00:f1:44:a6:91:87:86:7a:42:c3:ea:63:1e:2d:3f:
e3:77:2f:08:ca:64:d3:ea:ed:65:3a:23:34:f2:e5:d9:7f:75:
91:58:8d:1f:85:61:ee:0f:a6:1a:f7:23:b2:f6:eb:f1:fa:68:
4c:0e:9e:02:c9:21:53:2c:5e:f5:61:c5:a8:0f:67:62:24:c4:
06:31:2f:df:47:73:d9:56:5f:38:f5:ee:47:ec:9f:0f:84:ec:
08:01:f4:6a:8b:ee:cc:cb:02:0e:5d:49:ee:1d:0b:e8:d5:02:
b0:b1:48:a8:9e:47:98:46:d2:00:8c:75:bb:0f:e1:48:ee:62:
91:92:72:c1:8c:7d:c4:a1:bd:8a:2d:6c:11:d3:78:5d:5a:9b:
14:6b:02:34:20:c3:ba:bf:21:91:2f:7b:85:ae:62:0e:d9:cb:
41:45:7f:20:84:b6:1c:59:70:11:3a:ce:78:87:67:7b:ac:75:
46:84:21:3a:3b:85:93:e3:6e:45:17:b9:3c:ec:75:af:87:9d:
03:10:85:92:83:b2:cb:ac:59:de:66:19:b7:68:83:21:38:50:
5d:9a:0f:db:7d:bd:b7:72:a8:06:42:b0:d1:d8:f8:9a:93:ec:
51:dd:06:7d:d4:2f:89:48:74:9f:22:cf:04:d0:e2:61:cd:3e:
b0:70:ff:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3W0p/wVgEGQzd9u5F4K+vpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwMjIzMTYzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmI3MGRmMDU1YjI1YmU1MWYwYjllZGEwMjdiOGY4ZjlkYzczYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrpfj2tC9qLoAif7Xzs8Qdvdq37r
VcVeSldErC6TRWOxNNG1id+2PAv9VR8gVxD3KfwBrPWLmVctln4NGWFW8gRhWS+v
MpJxgKUEHaRPSNTmaxeB8t9oVElDLI2iLVWYm6Tji6JS4+23GvZwTUt2L6WlayiW
A6Q7RIBJcpK2q0dzTgVrhwa7muDEitONOu1Qn9wdS36AzHIhGi2u5ExxKYSfECLR
8pDz5Rge9lE8r1NrHTItTJGYNMqISbYL8hTB7+bXPpYK+Igq95MZUQaEiOw8QTFM
zXSv0h9Jg2CgUWjI2G77/Tza4b1FSG0ba6ty94WYgjkO/8x85wNDhYKsOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKK3DfBVslvlHwue2gJ7j4+dxzr9MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvb3JjTjhGV3lXLVVmQzU3YUFudVBqNTNIT3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYkQAwQA
LYkTMA0GCSqGSIb3DQEBCwUAA4IBAQBNRP0A8USmkYeGekLD6mMeLT/jdy8IymTT
6u1lOiM08uXZf3WRWI0fhWHuD6Ya9yOy9uvx+mhMDp4CySFTLF71YcWoD2diJMQG
MS/fR3PZVl849e5H7J8PhOwIAfRqi+7MywIOXUnuHQvo1QKwsUionkeYRtIAjHW7
D+FI7mKRknLBjH3Eob2KLWwR03hdWpsUawI0IMO6vyGRL3uFrmIO2ctBRX8ghLYc
WXAROs54h2d7rHVGhCE6O4WT425FF7k87HWvh50DEIWSg7LLrFneZhm3aIMhOFBd
mg/bfb23cqgGQrDR2Piak+xR3QZ91C+JSHSfIs8E0OJhzT6wcP92
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:01 2024 by rpki-client on console-fra.rpki-client.org