Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/0onH5koaOeBqhHUNSHGJ1m4YTjo.roa
File: 0onH5koaOeBqhHUNSHGJ1m4YTjo.roa (raw, json)
Hash identifier: g9sW/AIVWX08POSZNhKckRP511qZxf78BLn1dOIXFoQ=
Subject key identifier: D2:89:C7:E6:4A:1A:39:E0:6A:84:75:0D:48:71:89:D6:6E:18:4E:3A
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018B4736A9439E2423644368EC2E75CA5A20
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/0onH5koaOeBqhHUNSHGJ1m4YTjo.roa
Signing time: Thu 19 Oct 2023 09:14:06 +0000
ROA not before: Thu 19 Oct 2023 09:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.92.0/24 maxlen: 24
45.66.93.0/24 maxlen: 24
45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.53.0/24 maxlen: 24
192.145.54.0/24 maxlen: 24
192.145.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 08:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:36:a9:43:9e:24:23:64:43:68:ec:2e:75:ca:5a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 19 09:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d289c7e64a1a39e06a84750d487189d66e184e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0f:ba:a8:04:e5:06:df:83:d3:68:7d:c2:19:
5a:60:48:64:20:75:42:b3:dc:f0:bb:84:4a:54:ef:
f8:fc:45:08:fa:19:f9:bd:0d:9f:ee:f3:57:42:5a:
6c:71:bc:cc:f6:7e:47:dd:74:90:fd:54:53:06:62:
19:9f:ac:3c:a5:c7:83:2f:72:1e:8b:4a:43:ff:f7:
f6:f8:14:c8:77:e9:fc:18:e3:d2:3f:e6:cf:c8:e8:
02:a9:44:ef:26:2e:ee:b1:75:c4:a5:b1:56:be:cc:
c8:47:8d:96:fc:a3:18:55:9c:3e:63:16:50:e9:a8:
82:1b:78:60:11:e4:9c:20:16:b0:bc:ad:ea:55:3e:
4b:d8:cb:9c:8e:86:17:f5:10:95:71:e1:86:4b:c9:
5e:6f:a4:33:0c:83:83:66:dc:ab:bb:27:37:73:de:
11:3a:35:0a:9f:0b:69:9b:79:52:d7:a4:15:ee:43:
69:d3:65:98:d6:ed:0b:71:51:ec:ba:b4:4c:ee:f0:
fe:b8:73:71:8c:8d:f5:0e:69:ae:ff:7d:af:0e:bf:
68:48:31:eb:69:ea:2d:80:50:3e:82:fe:bd:63:66:
92:f8:5e:ee:c6:72:5b:b6:de:e4:b2:a9:98:4e:74:
29:5a:8b:8d:2b:98:7a:d2:4f:35:69:73:40:29:6d:
8d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:C7:E6:4A:1A:39:E0:6A:84:75:0D:48:71:89:D6:6E:18:4E:3A
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/0onH5koaOeBqhHUNSHGJ1m4YTjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/22
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
42:43:f4:9d:71:2d:34:6f:54:bd:c4:d6:dd:f8:85:d4:68:7f:
dc:fb:d5:9b:0d:1a:f7:aa:24:b7:fc:6b:f4:c2:14:28:4d:0b:
c5:dc:a3:bf:14:36:88:f3:cf:25:b8:cc:3a:b6:94:59:e2:03:
d3:79:e4:53:2f:fc:96:eb:d9:97:a3:1d:c0:62:1f:2a:1b:f1:
0d:d5:9b:f9:06:51:bb:79:7d:5a:fa:51:48:85:4c:31:4a:a9:
9a:72:eb:5c:e3:9f:60:d4:89:23:35:bf:dd:ca:ae:6f:1e:69:
62:b8:1c:b7:03:cf:4e:3b:6d:69:c8:a5:cf:2b:f6:f9:8a:23:
5a:72:e9:58:13:d8:6c:d9:ac:bb:58:91:69:2f:01:69:1d:8f:
51:03:6e:1c:e4:12:f0:14:1d:52:e3:2f:06:80:82:8d:c6:16:
97:9c:2c:64:ad:12:af:c1:5c:be:c6:92:b8:e2:5f:73:b0:2c:
c2:f7:3f:64:d0:0c:42:6f:fb:ab:1f:80:04:fa:19:ff:06:a2:
26:96:d7:ca:cf:33:73:18:83:70:48:89:cd:49:48:b0:f6:0e:
a8:b8:45:5f:5a:4f:41:5e:6e:fb:d7:f7:c8:36:61:d5:b3:da:
3e:ac:fe:40:18:d7:67:77:d8:d1:3c:50:87:26:8f:dc:b9:b8:
df:3b:94:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtHNqlDniQjZENo7C51ylogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMxMDE5MDkxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg5YzdlNjRhMWEzOWUwNmE4NDc1MGQ0ODcxODlkNjZlMTg0ZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg+6qATlBt+D02h9whlaYEhkIHVC
s9zwu4RKVO/4/EUI+hn5vQ2f7vNXQlpscbzM9n5H3XSQ/VRTBmIZn6w8pceDL3Ie
i0pD//f2+BTId+n8GOPSP+bPyOgCqUTvJi7usXXEpbFWvszIR42W/KMYVZw+YxZQ
6aiCG3hgEeScIBawvK3qVT5L2MucjoYX9RCVceGGS8leb6QzDIODZtyruyc3c94R
OjUKnwtpm3lS16QV7kNp02WY1u0LcVHsurRM7vD+uHNxjI31Dmmu/32vDr9oSDHr
aeotgFA+gv69Y2aS+F7uxnJbtt7ksqmYTnQpWouNK5h60k81aXNAKW2NfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNKJx+ZKGjngaoR1DUhxidZuGE46MB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvMG9uSDVrb2FPZUJxaEhVTlNIR0oxbTRZVGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQC
LUJcAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQBCQ/SdcS00b1S9xNbd+IXUaH/c
+9WbDRr3qiS3/Gv0whQoTQvF3KO/FDaI888luMw6tpRZ4gPTeeRTL/yW69mXox3A
Yh8qG/EN1Zv5BlG7eX1a+lFIhUwxSqmacutc459g1IkjNb/dyq5vHmliuBy3A89O
O21pyKXPK/b5iiNaculYE9hs2ay7WJFpLwFpHY9RA24c5BLwFB1S4y8GgIKNxhaX
nCxkrRKvwVy+xpK44l9zsCzC9z9k0AxCb/urH4AE+hn/BqImltfKzzNzGINwSInN
SUiw9g6ouEVfWk9BXm771/fINmHVs9o+rP5AGNdnd9jRPFCHJo/cubjfO5SD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:08 2024 by rpki-client on console-ams.rpki-client.org