Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/WF6uXswccC29XAuazOQ-nJKj5zE.roa
File: WF6uXswccC29XAuazOQ-nJKj5zE.roa (raw, json)
Hash identifier: 4R0EVNqQ6vBKAPjg0PnJgBosnbao7qFplZPe5yvCUrs=
Subject key identifier: 58:5E:AE:5E:CC:1C:70:2D:BD:5C:0B:9A:CC:E4:3E:9C:92:A3:E7:31
Certificate issuer: /CN=234e9f75c7326f765c8966c2edc00a982a5ea7f0
Certificate serial: 01856FF028DAF9975C8C3EDF8BA04428ED4B
Authority key identifier: 23:4E:9F:75:C7:32:6F:76:5C:89:66:C2:ED:C0:0A:98:2A:5E:A7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I06fdccyb3ZciWbC7cAKmCpep_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/WF6uXswccC29XAuazOQ-nJKj5zE.roa
Signing time: Mon 02 Jan 2023 00:44:48 +0000
ROA not before: Mon 02 Jan 2023 00:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208131
IP address blocks: 45.157.148.0/24 maxlen: 24
45.157.151.0/24 maxlen: 24
45.157.149.0/24 maxlen: 24
45.157.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 10:26:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:28:da:f9:97:5c:8c:3e:df:8b:a0:44:28:ed:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234e9f75c7326f765c8966c2edc00a982a5ea7f0
Validity
Not Before: Jan 2 00:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=585eae5ecc1c702dbd5c0b9acce43e9c92a3e731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:55:bf:01:0b:9e:a6:e3:6d:f9:d7:79:45:
fd:f6:b3:e7:f7:3f:3c:72:20:43:68:0e:2e:2b:76:
0a:43:cc:7b:de:be:d8:78:ad:61:75:ab:a1:83:06:
5a:d1:92:56:5b:47:b6:ed:ba:d9:df:d7:db:14:be:
b1:c3:24:5a:b3:be:ae:4c:c4:68:d5:4b:67:7a:bb:
48:09:ad:a8:81:84:aa:d6:6a:1d:9b:6b:e1:79:4f:
41:2b:13:95:f2:57:25:23:38:0b:3b:ee:38:fc:a8:
a3:ab:84:96:d2:c5:e7:25:eb:9b:4d:85:27:b0:4e:
b5:93:b3:b8:ad:f4:a2:61:56:ef:d3:a9:45:01:4a:
61:70:7e:c4:74:28:31:29:fe:85:57:81:54:5e:56:
f4:2f:b0:51:af:64:4f:12:4a:1c:e1:f1:29:72:17:
06:a2:0e:15:d3:05:6d:4d:ba:a6:f6:db:80:b8:75:
bb:15:a6:e5:a6:ce:f3:80:00:41:f4:27:7b:8f:25:
76:d7:a5:1f:37:3c:b9:73:f4:b4:14:c8:a3:d0:ab:
f4:50:7f:b9:f2:a3:94:57:2f:d7:80:cf:05:7b:91:
ae:0a:89:89:a6:88:8e:6f:5a:0a:6f:27:41:79:74:
6c:75:c3:2f:2d:83:82:24:32:ac:ff:0d:ba:e1:76:
02:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5E:AE:5E:CC:1C:70:2D:BD:5C:0B:9A:CC:E4:3E:9C:92:A3:E7:31
X509v3 Authority Key Identifier:
keyid:23:4E:9F:75:C7:32:6F:76:5C:89:66:C2:ED:C0:0A:98:2A:5E:A7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I06fdccyb3ZciWbC7cAKmCpep_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/WF6uXswccC29XAuazOQ-nJKj5zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/635a0d-921f-4711-b7d4-77dee2d79ae4/1/I06fdccyb3ZciWbC7cAKmCpep_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.148.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:a2:04:43:00:91:78:60:4a:e5:a4:9b:83:de:0d:f2:43:0e:
c6:19:9c:79:37:37:ca:ad:36:bb:ca:67:ac:35:33:8b:7b:85:
40:b5:7d:b5:f6:e2:ef:5a:14:56:3c:d4:44:67:2a:b5:72:ab:
cc:5d:a6:ac:ca:67:81:ed:b6:d4:29:7d:c2:e6:c7:8c:82:3f:
45:7e:18:b9:0d:21:f5:d9:c0:a8:23:7c:97:c3:ca:03:fd:32:
6f:e8:f4:5c:c3:3e:2e:ce:10:7e:a5:e3:20:e2:d9:96:6c:30:
34:a7:da:23:64:b9:1a:11:52:67:fb:84:f7:9c:82:fd:c9:14:
6c:e9:07:e5:10:44:5d:6e:47:9b:2b:29:c8:4d:0f:d5:e2:8b:
8e:11:06:3f:31:0f:a4:ae:de:d6:4e:47:42:ab:db:73:97:4e:
c7:dd:e0:be:00:3c:6f:e1:26:e0:52:fd:e4:d9:93:7c:cf:b4:
f1:34:9e:e5:45:8a:34:a7:5f:cf:2b:7a:a2:25:a0:a2:e7:f1:
41:bc:de:17:5c:ae:a5:f3:dd:ee:33:50:b0:86:ed:06:d4:09:
c8:58:74:54:9f:98:30:e1:da:66:6b:7a:6b:9a:f0:cd:73:0a:
80:59:07:f2:df:75:4a:ba:d0:6f:38:b2:b7:ee:f6:01:7d:02:
20:45:ab:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8Cja+ZdcjD7fi6BEKO1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGU5Zjc1YzczMjZmNzY1Yzg5NjZjMmVkYzAwYTk4MmE1
ZWE3ZjAwHhcNMjMwMTAyMDA0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODVlYWU1ZWNjMWM3MDJkYmQ1YzBiOWFjY2U0M2U5YzkyYTNlNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWhVvwELnqbjbfnXeUX99rPn9z88
ciBDaA4uK3YKQ8x73r7YeK1hdauhgwZa0ZJWW0e27brZ39fbFL6xwyRas76uTMRo
1UtnertICa2ogYSq1modm2vheU9BKxOV8lclIzgLO+44/Kijq4SW0sXnJeubTYUn
sE61k7O4rfSiYVbv06lFAUphcH7EdCgxKf6FV4FUXlb0L7BRr2RPEkoc4fEpchcG
og4V0wVtTbqm9tuAuHW7Fablps7zgABB9Cd7jyV216UfNzy5c/S0FMij0Kv0UH+5
8qOUVy/XgM8Fe5GuComJpoiOb1oKbydBeXRsdcMvLYOCJDKs/w264XYCRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFherl7MHHAtvVwLmszkPpySo+cxMB8GA1UdIwQY
MBaAFCNOn3XHMm92XIlmwu3ACpgqXqfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTA2ZmRjY3liM1pjaVdiQzdjQUttQ3BlcF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82MzVhMGQtOTIxZi00NzExLWI3ZDQt
NzdkZWUyZDc5YWU0LzEvV0Y2dVhzd2NjQzI5WEF1YXpPUS1uSktqNXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82MzVhMGQtOTIxZi00NzExLWI3ZDQtNzdkZWUyZDc5YWU0
LzEvSTA2ZmRjY3liM1pjaVdiQzdjQUttQ3BlcF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ2UMA0G
CSqGSIb3DQEBCwUAA4IBAQBdogRDAJF4YErlpJuD3g3yQw7GGZx5NzfKrTa7ymes
NTOLe4VAtX219uLvWhRWPNREZyq1cqvMXaasymeB7bbUKX3C5seMgj9Ffhi5DSH1
2cCoI3yXw8oD/TJv6PRcwz4uzhB+peMg4tmWbDA0p9ojZLkaEVJn+4T3nIL9yRRs
6QflEERdbkebKynITQ/V4ouOEQY/MQ+krt7WTkdCq9tzl07H3eC+ADxv4SbgUv3k
2ZN8z7TxNJ7lRYo0p1/PK3qiJaCi5/FBvN4XXK6l893uM1Cwhu0G1AnIWHRUn5gw
4dpma3prmvDNcwqAWQfy33VKutBvOLK37vYBfQIgRat6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org