Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/tKWM0PaSZ5dmU1CAZTQNESa2jdE.roa
File: tKWM0PaSZ5dmU1CAZTQNESa2jdE.roa (raw, json)
Hash identifier: DKLYQiYoKyyYUs3oSA0lC/GFHZELhKxgcIcULA5a770=
Subject key identifier: B4:A5:8C:D0:F6:92:67:97:66:53:50:80:65:34:0D:11:26:B6:8D:D1
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 0188E882F4CFD8A79F14AACED1363F06F453
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/tKWM0PaSZ5dmU1CAZTQNESa2jdE.roa
Signing time: Fri 23 Jun 2023 13:47:56 +0000
ROA not before: Fri 23 Jun 2023 13:47:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138968
IP address blocks: 45.81.33.0/24 maxlen: 24
45.81.32.0/23 maxlen: 24
45.150.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:82:f4:cf:d8:a7:9f:14:aa:ce:d1:36:3f:06:f4:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jun 23 13:47:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4a58cd0f69267976653508065340d1126b68dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b6:33:68:b9:e1:0f:c0:3f:60:b9:20:46:0c:
5b:61:05:54:c7:d4:56:14:0c:16:2a:2c:d2:9c:02:
9f:45:ac:3a:d5:3c:bb:91:d9:da:f0:70:76:54:db:
11:42:0c:ce:5f:1c:b3:99:77:f2:30:10:55:cd:ca:
19:a8:b1:73:cf:b3:d0:c0:e3:81:44:cc:64:11:e8:
3b:5d:3f:28:81:21:f6:25:87:c6:cb:1a:de:d9:46:
e1:58:3a:13:65:02:cd:f6:e0:79:3a:fb:de:03:d6:
d3:ee:5d:7c:2b:90:57:80:3c:5b:18:44:52:e6:7f:
33:29:38:73:02:2e:d3:c1:b6:60:eb:de:0f:18:3f:
98:56:59:83:b1:86:33:bd:aa:13:43:73:25:39:3c:
66:cb:30:84:1e:38:9d:fb:77:14:be:60:81:1a:61:
4b:6f:a2:8a:2f:da:b7:9b:4d:bd:dd:55:9a:2e:13:
4b:58:60:8e:a5:29:1c:95:52:2d:7d:61:68:5e:73:
d5:2b:4c:11:e6:c6:b1:fb:d7:b3:08:26:6b:91:cc:
b6:e0:d9:f1:5e:a6:64:5d:a1:aa:c7:4e:3a:13:30:
18:57:e3:cd:83:65:b1:0d:92:3b:aa:cd:1e:21:64:
db:8a:65:76:cc:47:93:f4:56:2d:c5:12:94:1d:5a:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A5:8C:D0:F6:92:67:97:66:53:50:80:65:34:0D:11:26:B6:8D:D1
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/tKWM0PaSZ5dmU1CAZTQNESa2jdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.32.0/23
45.150.236.0/22
Signature Algorithm: sha256WithRSAEncryption
67:bd:28:50:af:57:01:bc:f0:0a:23:f1:af:49:17:05:61:8b:
72:06:7b:28:59:d7:66:5c:d4:79:1e:ec:c6:30:fa:c9:75:12:
ec:5a:59:c4:18:01:74:ba:b2:d4:e3:33:12:45:db:ee:d2:ac:
9e:de:84:4a:0f:15:38:9f:cb:53:a2:1c:04:b5:ee:7a:24:1a:
d6:53:7c:6c:90:92:8e:80:74:23:32:3f:21:ae:c8:bc:a4:00:
20:71:91:16:7b:4a:1f:9a:7d:43:d7:2a:a9:0e:ce:64:b8:2d:
45:ac:66:a9:3d:9c:b0:14:a8:09:fc:16:2f:50:04:0d:4d:24:
1d:1c:15:67:d3:ff:a4:08:af:59:a2:66:b3:d5:9e:f7:a6:18:
f1:22:51:5a:b5:e6:68:65:a4:b9:fc:d1:19:e0:2c:ea:91:21:
73:af:58:90:36:87:74:a3:a3:db:93:08:3d:07:6c:4e:ef:be:
ee:3d:fb:3f:e2:d1:69:cb:e4:92:4a:a1:20:37:88:51:c9:65:
aa:6c:c8:f9:2c:8b:58:e4:1b:d4:a2:27:ed:b1:f1:98:1e:78:
9d:8f:70:42:55:06:53:13:d3:9f:da:e3:ee:f8:d0:4e:24:61:
4d:d4:b8:ce:e9:c9:3d:2c:81:bb:8f:54:1e:97:ed:77:ca:c9:
34:c1:45:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjogvTP2KefFKrO0TY/BvRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjMwNjIzMTM0NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE1OGNkMGY2OTI2Nzk3NjY1MzUwODA2NTM0MGQxMTI2YjY4ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLYzaLnhD8A/YLkgRgxbYQVUx9RW
FAwWKizSnAKfRaw61Ty7kdna8HB2VNsRQgzOXxyzmXfyMBBVzcoZqLFzz7PQwOOB
RMxkEeg7XT8ogSH2JYfGyxre2UbhWDoTZQLN9uB5OvveA9bT7l18K5BXgDxbGERS
5n8zKThzAi7TwbZg694PGD+YVlmDsYYzvaoTQ3MlOTxmyzCEHjid+3cUvmCBGmFL
b6KKL9q3m0293VWaLhNLWGCOpSkclVItfWFoXnPVK0wR5sax+9ezCCZrkcy24Nnx
XqZkXaGqx046EzAYV+PNg2WxDZI7qs0eIWTbimV2zEeT9FYtxRKUHVrVIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSljND2kmeXZlNQgGU0DREmto3RMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvdEtXTTBQYVNaNWRtVTFDQVpUUU5FU2EyamRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVEgAwQC
LZbsMA0GCSqGSIb3DQEBCwUAA4IBAQBnvShQr1cBvPAKI/GvSRcFYYtyBnsoWddm
XNR5HuzGMPrJdRLsWlnEGAF0urLU4zMSRdvu0qye3oRKDxU4n8tTohwEte56JBrW
U3xskJKOgHQjMj8hrsi8pAAgcZEWe0ofmn1D1yqpDs5kuC1FrGapPZywFKgJ/BYv
UAQNTSQdHBVn0/+kCK9Zomaz1Z73phjxIlFateZoZaS5/NEZ4CzqkSFzr1iQNod0
o6Pbkwg9B2xO777uPfs/4tFpy+SSSqEgN4hRyWWqbMj5LItY5BvUoiftsfGYHnid
j3BCVQZTE9Of2uPu+NBOJGFN1LjO6ck9LIG7j1Qel+13ysk0wUW4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:43 2024 by rpki-client on console-ams.rpki-client.org