Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S446tYVmNBmTRHuGPx3IEwrPF0Q.roa
File: S446tYVmNBmTRHuGPx3IEwrPF0Q.roa (raw, json)
Hash identifier: 8+FS6sn5qHZo/Kn+duqfYxZKaGQCYfPr8zKyqU7yFc4=
Subject key identifier: 4B:8E:3A:B5:85:66:34:19:93:44:7B:86:3F:1D:C8:13:0A:CF:17:44
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B70433C89F5B0C5B23C0858AA203F2255
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S446tYVmNBmTRHuGPx3IEwrPF0Q.roa
Signing time: Fri 27 Oct 2023 08:32:16 +0000
ROA not before: Fri 27 Oct 2023 08:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197854
IP address blocks: 45.130.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 10:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:43:3c:89:f5:b0:c5:b2:3c:08:58:aa:20:3f:22:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 27 08:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b8e3ab58566341993447b863f1dc8130acf1744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:f3:8d:2f:4f:40:d7:e3:70:ef:0e:13:d9:
11:2b:29:f5:c9:f7:75:38:36:7f:8a:fc:a1:bf:75:
cb:e5:6f:9c:c5:17:f5:eb:b6:b3:23:15:09:bf:07:
0f:70:41:2a:79:bb:0f:7b:49:bf:a9:ce:24:d2:11:
7a:af:78:ad:64:64:64:ee:12:eb:e3:b6:8e:e9:e2:
bc:98:6d:b1:0d:fa:45:19:30:e5:dc:d7:07:e4:83:
d9:08:eb:17:b4:68:11:2b:08:70:2b:2e:65:5c:a6:
58:06:24:7e:d3:e0:8b:b0:1c:d1:62:13:9b:2f:f8:
e7:40:63:c4:d2:83:2a:b1:78:96:f7:ae:dd:8b:f3:
27:e3:ea:97:86:f7:a3:2a:ff:e1:e2:11:c8:1e:9f:
93:dd:5b:c5:80:7e:7a:00:82:e7:5b:a1:e4:ee:c1:
17:92:5e:93:af:ac:1d:ff:93:94:5e:18:f8:5e:04:
52:2f:6a:ed:44:e8:45:f6:a2:ae:53:95:ef:a5:8b:
9f:8a:63:2e:46:f0:aa:d1:18:8f:0d:d4:e0:fd:1c:
c7:f1:3c:dd:41:10:2b:b0:3a:4f:ee:86:8a:36:a4:
18:37:7f:90:16:9b:09:eb:f5:07:0d:aa:63:75:6f:
cb:73:81:9d:74:b7:85:5c:2e:25:b4:7b:89:ff:41:
3c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8E:3A:B5:85:66:34:19:93:44:7B:86:3F:1D:C8:13:0A:CF:17:44
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/S446tYVmNBmTRHuGPx3IEwrPF0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:31:a7:2a:2f:08:c7:47:8b:b4:7d:28:4f:90:9f:1b:eb:97:
e6:66:16:fa:0e:e4:d9:c0:17:2b:d8:9d:a0:30:f9:af:78:8a:
d9:d1:56:7b:2c:1d:f6:fb:32:5c:e9:08:45:eb:14:91:e9:d5:
07:0a:12:bf:33:35:e2:29:07:d4:fd:96:e0:dd:7f:e7:88:56:
08:51:5c:a0:56:49:66:9e:4c:28:94:fe:55:8a:eb:40:cb:1c:
05:9a:ef:6a:7f:85:d9:db:16:11:a1:16:da:30:a3:7a:22:2c:
0b:1f:b1:ca:7c:7b:c7:03:d0:71:f3:e2:28:e2:24:02:63:4a:
70:7a:ae:f1:06:91:74:06:8c:63:e4:f6:eb:86:47:02:70:cf:
92:64:bc:f9:41:0a:f2:36:95:d5:f9:bf:79:7e:d9:dc:00:41:
70:27:f6:72:4c:c7:45:ca:2a:c6:4f:7b:b7:95:aa:1a:db:cd:
13:47:03:67:95:8e:f0:dd:c6:4b:49:c0:48:ee:17:85:35:6b:
37:74:8d:ad:d1:33:cc:2a:3b:49:18:cf:d4:3e:b7:28:38:a1:
16:e4:e1:f7:b0:b2:8f:cd:8a:fd:e6:d4:87:57:7b:2a:8f:ca:
0f:07:ac:4a:09:7e:06:b6:da:33:89:c7:a7:04:fb:6a:5e:74:
e3:a9:9f:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtwQzyJ9bDFsjwIWKogPyJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDI3MDgzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhlM2FiNTg1NjYzNDE5OTM0NDdiODYzZjFkYzgxMzBhY2YxNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv7zjS9PQNfjcO8OE9kRKyn1yfd1
ODZ/ivyhv3XL5W+cxRf167azIxUJvwcPcEEqebsPe0m/qc4k0hF6r3itZGRk7hLr
47aO6eK8mG2xDfpFGTDl3NcH5IPZCOsXtGgRKwhwKy5lXKZYBiR+0+CLsBzRYhOb
L/jnQGPE0oMqsXiW967di/Mn4+qXhvejKv/h4hHIHp+T3VvFgH56AILnW6Hk7sEX
kl6Tr6wd/5OUXhj4XgRSL2rtROhF9qKuU5XvpYufimMuRvCq0RiPDdTg/RzH8Tzd
QRArsDpP7oaKNqQYN3+QFpsJ6/UHDapjdW/Lc4GddLeFXC4ltHuJ/0E8+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuOOrWFZjQZk0R7hj8dyBMKzxdEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUzQ0NnRZVm1OQm1UUkh1R1B4M0lFd3JQRjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYLIMA0G
CSqGSIb3DQEBCwUAA4IBAQA7MacqLwjHR4u0fShPkJ8b65fmZhb6DuTZwBcr2J2g
MPmveIrZ0VZ7LB32+zJc6QhF6xSR6dUHChK/MzXiKQfU/Zbg3X/niFYIUVygVklm
nkwolP5ViutAyxwFmu9qf4XZ2xYRoRbaMKN6IiwLH7HKfHvHA9Bx8+Io4iQCY0pw
eq7xBpF0Boxj5PbrhkcCcM+SZLz5QQryNpXV+b95ftncAEFwJ/ZyTMdFyirGT3u3
laoa280TRwNnlY7w3cZLScBI7heFNWs3dI2t0TPMKjtJGM/UPrcoOKEW5OH3sLKP
zYr95tSHV3sqj8oPB6xKCX4GttozicenBPtqXnTjqZ+B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org