Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/iA6kipg8kIQHjrcAt_1ZLglKmBM.roa
File: iA6kipg8kIQHjrcAt_1ZLglKmBM.roa (raw, json)
Hash identifier: Y2Nzdlsocue0e0zRwRAX62IjM0Cv8YT/BWPhPIVDtbE=
Subject key identifier: 88:0E:A4:8A:98:3C:90:84:07:8E:B7:00:B7:FD:59:2E:09:4A:98:13
Certificate issuer: /CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Certificate serial: 0190822B5D9021B6098A59ACAEBC69FB12F5
Authority key identifier: 46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/iA6kipg8kIQHjrcAt_1ZLglKmBM.roa
Signing time: Fri 05 Jul 2024 09:13:18 +0000
ROA not before: Fri 05 Jul 2024 09:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215044
IP address blocks: 45.157.48.0/22 maxlen: 22
2a07:9840::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 11 Jul 2024 14:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:82:2b:5d:90:21:b6:09:8a:59:ac:ae:bc:69:fb:12:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Validity
Not Before: Jul 5 09:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=880ea48a983c9084078eb700b7fd592e094a9813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c2:06:3e:f8:b3:02:5a:fa:84:35:cc:79:6e:
a7:00:34:b9:06:c0:ee:ab:e8:1a:42:c0:47:37:37:
53:44:fb:3a:12:3b:a4:f1:0c:d7:2c:fa:34:53:46:
e2:27:2d:76:96:7d:83:60:49:84:cf:21:a0:1f:51:
3f:5b:8a:42:f6:71:1b:af:79:d0:84:8d:45:fb:99:
11:1e:cf:ed:9a:a2:fb:b7:6f:15:e5:f7:03:6f:47:
c7:ce:97:90:50:b3:77:dd:85:c4:c4:c1:20:a7:99:
ac:62:bb:86:c4:a5:37:18:6d:cd:02:40:74:21:dc:
21:be:77:6a:dd:a8:8f:65:66:6c:e5:4a:ae:42:18:
d9:c5:dd:ae:11:c5:34:d2:2f:a2:04:36:33:0f:2d:
8b:08:13:72:a1:fc:26:33:76:48:b9:f2:3f:a7:86:
ca:97:a0:53:07:01:b0:15:db:6f:00:ba:0f:6f:94:
cf:fc:95:6c:de:20:3b:b3:20:0c:17:99:81:06:f0:
42:5f:24:3e:76:a6:09:18:5a:50:bf:7e:7b:ae:1c:
85:2c:df:86:74:3d:a6:19:d8:b4:99:e0:47:82:fb:
8e:f5:63:a2:b4:57:fa:e4:7a:c3:21:3a:1f:46:52:
0f:8a:a4:94:6c:3b:ed:49:29:1a:5c:5f:3e:50:a9:
01:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0E:A4:8A:98:3C:90:84:07:8E:B7:00:B7:FD:59:2E:09:4A:98:13
X509v3 Authority Key Identifier:
keyid:46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/iA6kipg8kIQHjrcAt_1ZLglKmBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.48.0/22
IPv6:
2a07:9840::/29
Signature Algorithm: sha256WithRSAEncryption
8b:51:ce:52:e2:d6:7e:7e:ee:a9:c8:d1:aa:e0:6e:08:d2:95:
bc:0d:94:3b:7b:3a:89:df:00:36:49:28:d7:c1:97:6c:c4:00:
91:a6:d7:83:be:d9:92:c8:8a:80:8f:bc:75:7f:81:99:ab:d9:
9b:89:bd:be:11:76:9e:c2:f0:a9:84:1b:76:73:f3:7e:bf:19:
ae:e2:72:24:53:0c:6c:3f:83:1c:17:52:8e:a7:49:5c:00:9e:
db:41:28:ee:ec:b4:b8:59:cf:47:84:be:21:23:a4:fc:a9:ea:
00:59:93:0a:5b:0c:ef:26:32:31:db:12:f9:a2:55:fe:3f:1c:
f1:48:fc:e0:e2:57:c5:8f:f4:8d:8a:92:05:be:5f:61:b1:dc:
d6:a9:a6:63:fe:66:dd:10:27:b5:47:69:19:aa:b2:e7:c3:08:
d8:f7:01:0b:da:24:6f:32:7f:e7:e4:0b:67:73:39:05:db:f2:
5c:39:3c:3f:55:10:b1:d0:14:47:b4:51:f3:9b:fb:62:f8:08:
a9:92:01:b4:81:6e:80:52:67:3c:10:50:44:99:20:a4:eb:73:
12:5e:7c:74:f3:23:53:f2:37:14:34:a6:b2:4c:89:6c:cc:0e:
fb:00:3a:4b:ac:ce:cd:4a:a0:6e:9a:b6:77:41:f8:a1:68:47:
b0:d1:c1:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZCCK12QIbYJilmsrrxp+xL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MzhiZjY4YjY2NzVlMmE1YTNhNzkyMmY2NDc3ZDJhZmIz
NTdmYWMwHhcNMjQwNzA1MDkxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBlYTQ4YTk4M2M5MDg0MDc4ZWI3MDBiN2ZkNTkyZTA5NGE5ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cIGPvizAlr6hDXMeW6nADS5BsDu
q+gaQsBHNzdTRPs6Ejuk8QzXLPo0U0biJy12ln2DYEmEzyGgH1E/W4pC9nEbr3nQ
hI1F+5kRHs/tmqL7t28V5fcDb0fHzpeQULN33YXExMEgp5msYruGxKU3GG3NAkB0
Idwhvndq3aiPZWZs5UquQhjZxd2uEcU00i+iBDYzDy2LCBNyofwmM3ZIufI/p4bK
l6BTBwGwFdtvALoPb5TP/JVs3iA7syAMF5mBBvBCXyQ+dqYJGFpQv357rhyFLN+G
dD2mGdi0meBHgvuO9WOitFf65HrDITofRlIPiqSUbDvtSSkaXF8+UKkB3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIgOpIqYPJCEB463ALf9WS4JSpgTMB8GA1UdIwQY
MBaAFEY4v2i2Z14qWjp5IvZHfSr7NX+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMt
ODcwNzNmNDM0YjAzLzEvaUE2a2lwZzhrSVFIanJjQXRfMVpMZ2xLbUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMtODcwNzNmNDM0YjAz
LzEvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ0wMA0E
AgACMAcDBQMqB5hAMA0GCSqGSIb3DQEBCwUAA4IBAQCLUc5S4tZ+fu6pyNGq4G4I
0pW8DZQ7ezqJ3wA2SSjXwZdsxACRpteDvtmSyIqAj7x1f4GZq9mbib2+EXaewvCp
hBt2c/N+vxmu4nIkUwxsP4McF1KOp0lcAJ7bQSju7LS4Wc9HhL4hI6T8qeoAWZMK
WwzvJjIx2xL5olX+PxzxSPzg4lfFj/SNipIFvl9hsdzWqaZj/mbdECe1R2kZqrLn
wwjY9wEL2iRvMn/n5AtnczkF2/JcOTw/VRCx0BRHtFHzm/ti+AipkgG0gW6AUmc8
EFBEmSCk63MSXnx08yNT8jcUNKayTIlszA77ADpLrM7NSqBumrZ3QfihaEew0cEU
-----END CERTIFICATE-----
Generated at Thu Jul 11 16:31:05 2024 by rpki-client on console-ams.rpki-client.org