Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/48KSL_y0WnE1B1oiZuKIvZetzmo.roa
File: 48KSL_y0WnE1B1oiZuKIvZetzmo.roa (raw, json)
Hash identifier: 3LfVDqAQF1DD0Sygo4bYHsnwi5e1cq9TkTS90Fr/eAU=
Subject key identifier: E3:C2:92:2F:FC:B4:5A:71:35:07:5A:22:66:E2:88:BD:97:AD:CE:6A
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018B8F1D7C1C4C83B3306E8D8B49DCACE0EB
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/48KSL_y0WnE1B1oiZuKIvZetzmo.roa
Signing time: Thu 02 Nov 2023 08:19:15 +0000
ROA not before: Thu 02 Nov 2023 08:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 45.15.18.0/24 maxlen: 24
2a0e:1c80:15::/48 maxlen: 48
2a0e:1c80:e::/48 maxlen: 48
2a0e:1c80:11::/48 maxlen: 48
2a0e:1c80:14::/48 maxlen: 48
2a0e:1c80:12::/48 maxlen: 48
2a0e:1c80:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1d:7c:1c:4c:83:b3:30:6e:8d:8b:49:dc:ac:e0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Nov 2 08:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3c2922ffcb45a7135075a2266e288bd97adce6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:34:d2:75:e2:8f:b8:0e:c6:77:3e:24:4d:02:
24:85:65:b8:63:55:37:dd:c3:51:da:de:44:c6:f5:
3f:05:81:42:82:53:a7:b8:e2:e1:b7:5d:55:d2:de:
12:a9:50:a3:77:39:df:41:74:2b:2f:14:37:87:bf:
a4:3e:87:18:49:b2:58:1a:6d:99:ac:f6:77:a9:08:
fb:1f:4a:1e:c4:ff:97:18:b7:e3:f7:40:60:89:aa:
ba:58:42:2a:dc:8f:0b:09:7f:0e:a1:62:eb:bf:78:
eb:6a:ac:f7:a8:59:8d:75:81:aa:d6:18:ae:fb:ab:
c1:b6:14:a5:56:d3:3b:86:87:98:2b:38:a1:d9:d0:
12:30:91:6a:70:f8:06:b0:8f:9f:fb:b5:74:7a:52:
32:fc:d9:c5:4f:80:73:6e:c4:f7:ae:7a:59:1b:95:
dc:ce:4e:72:d9:9a:7b:a3:33:14:73:24:b0:10:77:
03:94:85:42:f2:28:10:03:a1:fa:22:28:a3:78:c1:
74:5b:46:a7:83:cc:11:80:d8:33:6c:c6:48:b3:a3:
b3:20:5b:38:39:e7:a2:79:c7:ee:4e:87:d5:f9:18:
04:13:d3:0b:54:86:59:65:55:0c:16:a0:d1:54:35:
63:bd:a9:dd:31:2f:23:b7:23:fb:0a:46:9d:48:21:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C2:92:2F:FC:B4:5A:71:35:07:5A:22:66:E2:88:BD:97:AD:CE:6A
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/48KSL_y0WnE1B1oiZuKIvZetzmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.18.0/24
IPv6:
2a0e:1c80:a::/48
2a0e:1c80:e::/48
2a0e:1c80:11::-2a0e:1c80:12:ffff:ffff:ffff:ffff:ffff
2a0e:1c80:14::/47
Signature Algorithm: sha256WithRSAEncryption
9d:d1:2c:96:27:c3:71:68:a3:db:42:9b:26:d0:2a:fe:ec:f4:
c1:b7:44:cc:22:35:42:5a:30:71:07:48:66:cd:f3:96:35:2e:
8f:a9:58:ee:4b:b6:83:d5:09:1a:44:ee:9a:4b:13:13:54:eb:
ed:11:9c:e9:b7:ff:ec:42:3f:12:8d:39:22:be:08:6a:a7:af:
ef:bd:f3:19:e9:c4:12:4f:5a:b7:11:e1:e7:76:0f:11:30:23:
d5:e1:77:16:7a:52:3b:7b:e3:c5:45:7e:68:aa:3d:42:4d:fa:
0c:df:ed:bb:fd:40:63:38:c9:ee:04:29:40:66:9f:89:51:a2:
bf:49:82:96:62:96:87:39:8c:6c:5e:75:00:39:58:a8:c0:05:
71:54:9c:fc:99:8a:e8:6b:16:5b:7e:dd:5b:0d:c0:66:ec:b8:
95:3d:df:20:62:cc:a3:79:e2:44:1d:7f:02:76:79:78:e3:0d:
11:b1:cd:57:81:4e:48:f8:61:fc:c8:03:ed:bf:bb:b9:04:dd:
a9:77:4a:0c:ef:a4:54:82:19:6e:d4:2b:f8:f5:62:69:45:61:
d3:99:73:90:df:36:b1:85:52:4f:82:e2:54:96:76:b6:b1:7c:
ed:3c:65:2a:78:44:30:8f:4e:e7:ca:6c:12:a0:47:63:55:af:
1d:fc:2f:8a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYuPHXwcTIOzMG6Ni0ncrODrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjMxMTAyMDgxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2MyOTIyZmZjYjQ1YTcxMzUwNzVhMjI2NmUyODhiZDk3YWRjZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTTSdeKPuA7Gdz4kTQIkhWW4Y1U3
3cNR2t5ExvU/BYFCglOnuOLht11V0t4SqVCjdznfQXQrLxQ3h7+kPocYSbJYGm2Z
rPZ3qQj7H0oexP+XGLfj90Bgiaq6WEIq3I8LCX8OoWLrv3jraqz3qFmNdYGq1hiu
+6vBthSlVtM7hoeYKzih2dASMJFqcPgGsI+f+7V0elIy/NnFT4BzbsT3rnpZG5Xc
zk5y2Zp7ozMUcySwEHcDlIVC8igQA6H6IiijeMF0W0ang8wRgNgzbMZIs6OzIFs4
OeeiecfuTofV+RgEE9MLVIZZZVUMFqDRVDVjvandMS8jtyP7CkadSCGBNQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFOPCki/8tFpxNQdaImbiiL2Xrc5qMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvNDhLU0xfeTBXbkUxQjFvaVp1S0l2WmV0em1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAMBAIAATAGAwQALQ8SMDUE
AgACMC8DBwAqDhyAAAoDBwAqDhyAAA4wEgMHACoOHIAAEQMHACoOHIAAEgMHASoO
HIAAFDANBgkqhkiG9w0BAQsFAAOCAQEAndEslifDcWij20KbJtAq/uz0wbdEzCI1
QlowcQdIZs3zljUuj6lY7ku2g9UJGkTumksTE1Tr7RGc6bf/7EI/Eo05Ir4Iaqev
773zGenEEk9atxHh53YPETAj1eF3FnpSO3vjxUV+aKo9Qk36DN/tu/1AYzjJ7gQp
QGafiVGiv0mClmKWhzmMbF51ADlYqMAFcVSc/JmK6GsWW37dWw3AZuy4lT3fIGLM
o3niRB1/AnZ5eOMNEbHNV4FOSPhh/MgD7b+7uQTdqXdKDO+kVIIZbtQr+PViaUVh
05lzkN82sYVST4LiVJZ2trF87TxlKnhEMI9O58psEqBHY1WvHfwvig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:01 2024 by rpki-client on console-ams.rpki-client.org