Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/64JDDl2YUzytQKdrNRt3dqSOHU8.roa
File: 64JDDl2YUzytQKdrNRt3dqSOHU8.roa (raw, json)
Hash identifier: 4VbTT+JDIyn6TUUSZjIEj5KhCY8tSc9trVb9hrAuVmg=
Subject key identifier: EB:82:43:0E:5D:98:53:3C:AD:40:A7:6B:35:1B:77:76:A4:8E:1D:4F
Certificate issuer: /CN=854c8176d9c42c704b310913309470351bb599e5
Certificate serial: 01856F022FA31DAD6457F871EE8F2C4014D0
Authority key identifier: 85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/64JDDl2YUzytQKdrNRt3dqSOHU8.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6768
IP address blocks: 45.14.108.0/22 maxlen: 22
45.14.108.0/24 maxlen: 24
45.14.108.0/23 maxlen: 23
45.14.111.0/24 maxlen: 24
45.14.110.0/24 maxlen: 24
45.14.110.0/23 maxlen: 23
45.14.109.0/24 maxlen: 24
2a01:4a60::/32 maxlen: 32
2a0e:c080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:2f:a3:1d:ad:64:57:f8:71:ee:8f:2c:40:14:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c8176d9c42c704b310913309470351bb599e5
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb82430e5d98533cad40a76b351b7776a48e1d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:54:21:5b:f4:e7:87:e6:3e:18:86:cd:a8:96:
83:19:3a:17:67:46:61:0a:35:8a:8a:a9:d2:83:be:
84:a1:02:b8:0a:e7:3f:f7:fa:1b:f9:57:ce:c1:67:
ac:1a:0d:0f:7e:df:62:2f:b1:21:d0:14:0e:b8:15:
62:b3:c1:d7:01:d5:05:0f:7b:af:30:67:8f:e8:9e:
29:bc:7e:c7:9b:79:52:46:a6:49:59:bc:69:aa:04:
5c:01:69:92:14:0d:c8:28:5c:7d:45:5c:6e:cf:9d:
88:d6:14:16:7f:a6:da:7d:f5:0b:a6:e2:2e:d1:6d:
0b:9e:11:9a:ae:3a:f7:be:aa:ee:61:7d:18:cc:32:
2e:6e:e9:32:ed:2a:3b:29:4c:89:fa:b9:12:63:27:
e0:64:16:7d:b9:3d:1e:e8:e1:1b:e4:93:97:81:32:
9d:47:f2:72:9b:ec:91:20:ac:e7:05:d8:aa:2d:32:
07:3f:8a:5b:07:94:2c:54:78:a4:a8:56:2e:f2:31:
89:cb:43:87:b3:94:6e:a8:7e:0c:d0:f5:65:0f:55:
7f:77:17:94:8c:46:ee:b1:90:ee:26:87:ed:85:4b:
32:26:53:4f:fb:6a:54:3e:a6:81:bb:8c:18:ca:07:
0b:fd:28:0b:f6:13:fd:13:26:53:d2:ad:9d:5c:29:
99:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:82:43:0E:5D:98:53:3C:AD:40:A7:6B:35:1B:77:76:A4:8E:1D:4F
X509v3 Authority Key Identifier:
keyid:85:4C:81:76:D9:C4:2C:70:4B:31:09:13:30:94:70:35:1B:B5:99:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUyBdtnELHBLMQkTMJRwNRu1meU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/64JDDl2YUzytQKdrNRt3dqSOHU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/cff630-6c8a-43bd-afb9-b07f016a1762/1/hUyBdtnELHBLMQkTMJRwNRu1meU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.108.0/22
IPv6:
2a01:4a60::/32
2a0e:c080::/29
Signature Algorithm: sha256WithRSAEncryption
27:97:6a:a8:6b:ab:52:e5:70:5b:08:c9:e2:54:2d:bb:08:e5:
df:e4:ab:5d:a4:48:0e:65:c0:0c:78:27:f6:27:3c:2c:bb:ea:
bc:83:71:ea:1d:11:16:25:cb:de:40:c5:c5:cf:ae:43:49:39:
35:1b:cc:3a:46:6e:4c:b9:e4:64:23:ee:c6:22:50:cd:ba:e5:
18:06:c6:2c:f7:d3:e7:57:04:fe:f4:42:2d:0b:6b:74:e8:7b:
8c:12:5b:25:10:fd:e0:2d:86:96:15:f0:1c:83:73:cf:02:21:
8d:5a:30:eb:4f:41:be:ad:59:45:ac:4d:97:92:32:55:5b:73:
b5:9e:55:02:18:57:b3:86:77:3d:9f:bf:18:05:e4:ec:77:33:
d7:a6:cd:47:86:61:0b:27:76:b3:40:11:97:d0:c2:20:78:08:
25:a7:27:24:df:93:3b:08:be:19:f2:6e:80:b2:52:8f:25:36:
31:76:aa:4e:a0:28:d6:d9:b2:b4:82:86:3f:bb:a7:f7:7f:5e:
d1:b8:6c:79:a3:b6:f7:cc:20:a0:48:a0:eb:68:22:ab:b6:75:
ea:1e:29:22:b3:41:f2:ed:23:83:f2:1a:21:69:90:97:f5:98:
a8:3c:45:1c:85:0e:51:55:8e:91:22:66:e1:8b:74:6f:46:cc:
60:01:d5:80
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVvAi+jHa1kV/hx7o8sQBTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGM4MTc2ZDljNDJjNzA0YjMxMDkxMzMwOTQ3MDM1MWJi
NTk5ZTUwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjgyNDMwZTVkOTg1MzNjYWQ0MGE3NmIzNTFiNzc3NmE0OGUxZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFQhW/Tnh+Y+GIbNqJaDGToXZ0Zh
CjWKiqnSg76EoQK4Cuc/9/ob+VfOwWesGg0Pft9iL7Eh0BQOuBVis8HXAdUFD3uv
MGeP6J4pvH7Hm3lSRqZJWbxpqgRcAWmSFA3IKFx9RVxuz52I1hQWf6baffULpuIu
0W0LnhGarjr3vqruYX0YzDIubuky7So7KUyJ+rkSYyfgZBZ9uT0e6OEb5JOXgTKd
R/Jym+yRIKznBdiqLTIHP4pbB5QsVHikqFYu8jGJy0OHs5RuqH4M0PVlD1V/dxeU
jEbusZDuJofthUsyJlNP+2pUPqaBu4wYygcL/SgL9hP9EyZT0q2dXCmZNwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOuCQw5dmFM8rUCnazUbd3akjh1PMB8GA1UdIwQY
MBaAFIVMgXbZxCxwSzEJEzCUcDUbtZnlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjkt
YjA3ZjAxNmExNzYyLzEvNjRKRERsMllVenl0UUtkck5SdDNkcVNPSFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9jZmY2MzAtNmM4YS00M2JkLWFmYjktYjA3ZjAxNmExNzYy
LzEvaFV5QmR0bkVMSEJMTVFrVE1KUndOUnUxbWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLQ5sMBQE
AgACMA4DBQAqAUpgAwUDKg7AgDANBgkqhkiG9w0BAQsFAAOCAQEAJ5dqqGurUuVw
WwjJ4lQtuwjl3+SrXaRIDmXADHgn9ic8LLvqvINx6h0RFiXL3kDFxc+uQ0k5NRvM
OkZuTLnkZCPuxiJQzbrlGAbGLPfT51cE/vRCLQtrdOh7jBJbJRD94C2GlhXwHINz
zwIhjVow609Bvq1ZRaxNl5IyVVtztZ5VAhhXs4Z3PZ+/GAXk7Hcz16bNR4ZhCyd2
s0ARl9DCIHgIJacnJN+TOwi+GfJugLJSjyU2MXaqTqAo1tmytIKGP7un939e0bhs
eaO298wgoEig62giq7Z16h4pIrNB8u0jg/IaIWmQl/WYqDxFHIUOUVWOkSJm4Yt0
b0bMYAHVgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:34 2024 by rpki-client on console-ams.rpki-client.org