Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/9dQWtuskmVrekO0YLK8CuC9o38c.roa
File: 9dQWtuskmVrekO0YLK8CuC9o38c.roa (raw, json)
Hash identifier: cl5QQBiN/2Otmb27pqCpOxt2IwREVUXYs3SZjGIx5c0=
Subject key identifier: F5:D4:16:B6:EB:24:99:5A:DE:90:ED:18:2C:AF:02:B8:2F:68:DF:C7
Certificate issuer: /CN=b814345affd1506af9af32ec0d77399b7664aa3f
Certificate serial: 0192999ED898E8F874A6E6829245DEA04B7C
Authority key identifier: B8:14:34:5A:FF:D1:50:6A:F9:AF:32:EC:0D:77:39:9B:76:64:AA:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/9dQWtuskmVrekO0YLK8CuC9o38c.roa
Signing time: Thu 17 Oct 2024 08:36:17 +0000
ROA not before: Thu 17 Oct 2024 08:36:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197641
IP address blocks: 45.144.104.0/22 maxlen: 24
45.144.105.0/24 maxlen: 24
2a0e:ec40::/29 maxlen: 29
2a0e:ec41::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 17 Oct 2024 13:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:9e:d8:98:e8:f8:74:a6:e6:82:92:45:de:a0:4b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b814345affd1506af9af32ec0d77399b7664aa3f
Validity
Not Before: Oct 17 08:36:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5d416b6eb24995ade90ed182caf02b82f68dfc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d9:48:18:29:8a:bd:36:7c:f0:47:4c:2f:fc:
cd:f5:ce:55:ca:06:60:ab:73:e4:1b:3e:2f:7a:c6:
cf:76:1f:e8:26:0f:22:7a:13:41:b5:c2:05:29:6b:
01:c8:18:ba:a7:76:aa:f9:04:74:22:7c:53:20:39:
af:ec:fc:67:0b:be:1a:f3:42:5a:df:d5:59:9d:7b:
53:66:fd:aa:c9:04:2f:bb:6d:5a:d4:34:7c:16:d2:
c7:37:e9:d0:87:8f:03:46:5f:7a:39:e8:d6:a7:07:
0e:1f:fe:b4:f0:01:28:c5:0a:13:1d:9a:da:7c:2d:
34:ef:12:40:8d:98:75:6d:ca:04:7e:46:c1:46:68:
14:24:63:22:63:ef:53:e4:7a:d5:15:50:04:14:93:
22:12:17:9d:bb:88:88:ff:15:d9:5e:30:50:00:ac:
dc:18:95:e4:d5:16:68:43:87:99:e2:85:d9:b0:87:
d2:19:7e:37:1b:54:fa:b3:df:91:af:be:35:9d:13:
97:29:f9:dd:21:ea:a7:94:c7:87:39:f6:f8:77:ee:
08:8e:84:0f:39:16:32:4e:33:6a:77:17:05:1a:51:
9d:61:a8:d1:2a:1b:8d:e8:c5:a7:3a:c1:e4:55:9f:
1f:fa:9e:29:af:dd:c0:fa:d0:d6:f6:c2:69:1c:2c:
25:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D4:16:B6:EB:24:99:5A:DE:90:ED:18:2C:AF:02:B8:2F:68:DF:C7
X509v3 Authority Key Identifier:
keyid:B8:14:34:5A:FF:D1:50:6A:F9:AF:32:EC:0D:77:39:9B:76:64:AA:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/9dQWtuskmVrekO0YLK8CuC9o38c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/50b18f-9a7d-452c-a6d5-9de7525ba712/1/uBQ0Wv_RUGr5rzLsDXc5m3Zkqj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.104.0/22
IPv6:
2a0e:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
59:b6:82:04:76:33:49:b9:09:21:bd:99:3b:2a:0e:f1:07:03:
39:7f:d8:26:f9:13:1e:35:33:fb:01:77:a4:88:ab:00:70:cf:
7d:45:8c:6a:a8:c2:e0:35:39:fa:32:a7:9e:0d:64:6f:59:2b:
dd:01:20:cb:57:09:76:b9:9f:59:1c:07:26:81:5a:0c:d0:c0:
21:4f:ba:9f:bf:7e:52:cd:e3:85:21:10:1b:57:61:65:44:76:
d0:2f:16:4e:51:28:dc:52:dd:a3:c4:4f:04:89:79:2e:a4:e5:
9f:d1:49:b5:50:9c:73:9d:ac:8c:f3:7e:6c:d2:5e:dd:b8:e7:
36:ab:04:a7:74:f1:38:1c:76:d1:ff:03:74:31:03:65:29:99:
b1:04:a9:04:37:81:b6:bf:2b:02:54:70:cf:f5:0b:de:e6:b2:
9c:95:27:c1:d2:32:47:dc:f4:af:0c:ed:f6:59:f4:f0:1c:ea:
26:a5:5d:22:22:d6:a8:a3:3d:ad:07:1b:aa:79:c6:98:6c:ea:
b8:11:ad:9a:4f:2e:0b:0a:d1:16:5a:43:11:41:61:ea:26:2e:
d5:39:c9:66:2a:39:b5:66:97:56:3c:cc:93:ce:eb:97:fe:7f:
73:52:5e:ff:25:dd:c9:aa:da:2f:81:bc:d7:6e:63:84:0b:39:
3b:ed:b4:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKZntiY6Ph0puaCkkXeoEt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTQzNDVhZmZkMTUwNmFmOWFmMzJlYzBkNzczOTliNzY2
NGFhM2YwHhcNMjQxMDE3MDgzNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ0MTZiNmViMjQ5OTVhZGU5MGVkMTgyY2FmMDJiODJmNjhkZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9lIGCmKvTZ88EdML/zN9c5VygZg
q3PkGz4vesbPdh/oJg8iehNBtcIFKWsByBi6p3aq+QR0InxTIDmv7PxnC74a80Ja
39VZnXtTZv2qyQQvu21a1DR8FtLHN+nQh48DRl96OejWpwcOH/608AEoxQoTHZra
fC007xJAjZh1bcoEfkbBRmgUJGMiY+9T5HrVFVAEFJMiEhedu4iI/xXZXjBQAKzc
GJXk1RZoQ4eZ4oXZsIfSGX43G1T6s9+Rr741nROXKfndIeqnlMeHOfb4d+4IjoQP
ORYyTjNqdxcFGlGdYajRKhuN6MWnOsHkVZ8f+p4pr93A+tDW9sJpHCwlQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPXUFrbrJJla3pDtGCyvArgvaN/HMB8GA1UdIwQY
MBaAFLgUNFr/0VBq+a8y7A13OZt2ZKo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJRMFd2X1JVR3I1cnpMc0RYYzVtM1prcWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81MGIxOGYtOWE3ZC00NTJjLWE2ZDUt
OWRlNzUyNWJhNzEyLzEvOWRRV3R1c2ttVnJla08wWUxLOEN1QzlvMzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81MGIxOGYtOWE3ZC00NTJjLWE2ZDUtOWRlNzUyNWJhNzEy
LzEvdUJRMFd2X1JVR3I1cnpMc0RYYzVtM1prcWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZBoMA0E
AgACMAcDBQMqDuxAMA0GCSqGSIb3DQEBCwUAA4IBAQBZtoIEdjNJuQkhvZk7Kg7x
BwM5f9gm+RMeNTP7AXekiKsAcM99RYxqqMLgNTn6MqeeDWRvWSvdASDLVwl2uZ9Z
HAcmgVoM0MAhT7qfv35SzeOFIRAbV2FlRHbQLxZOUSjcUt2jxE8EiXkupOWf0Um1
UJxznayM835s0l7duOc2qwSndPE4HHbR/wN0MQNlKZmxBKkEN4G2vysCVHDP9Qve
5rKclSfB0jJH3PSvDO32WfTwHOompV0iItaooz2tBxuqecaYbOq4Ea2aTy4LCtEW
WkMRQWHqJi7VOclmKjm1ZpdWPMyTzuuX/n9zUl7/Jd3JqtovgbzXbmOECzk77bTc
-----END CERTIFICATE-----
Generated at Thu Oct 17 16:48:33 2024 by rpki-client on console-ams.rpki-client.org