Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/bee483-eeb3-4c53-a456-fb4c54b6733a/1/U9PYl3HxafAb7kPiMbzyOEszEhY.roa
File: U9PYl3HxafAb7kPiMbzyOEszEhY.roa (raw, json)
Hash identifier: WXqZ5Fre21AwnbXzUf7rpUoXAgX0DG4qI2rXcUeHn0Q=
Subject key identifier: 53:D3:D8:97:71:F1:69:F0:1B:EE:43:E2:31:BC:F2:38:4B:33:12:16
Certificate issuer: /CN=6dd1dc4d2eb7bf2a3f08d545755477055143f174
Certificate serial: 019244647ABADAE2E37F4D3028C76E05B3D6
Authority key identifier: 6D:D1:DC:4D:2E:B7:BF:2A:3F:08:D5:45:75:54:77:05:51:43:F1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bdHcTS63vyo_CNVFdVR3BVFD8XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/bee483-eeb3-4c53-a456-fb4c54b6733a/1/U9PYl3HxafAb7kPiMbzyOEszEhY.roa
Signing time: Mon 30 Sep 2024 19:24:48 +0000
ROA not before: Mon 30 Sep 2024 19:24:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212635
IP address blocks: 45.159.140.0/22 maxlen: 24
2a10:6e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Nov 2024 18:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:44:64:7a:ba:da:e2:e3:7f:4d:30:28:c7:6e:05:b3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dd1dc4d2eb7bf2a3f08d545755477055143f174
Validity
Not Before: Sep 30 19:24:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53d3d89771f169f01bee43e231bcf2384b331216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e3:0c:28:47:43:12:b3:be:14:0e:dc:2f:98:
81:f9:10:ee:d3:b5:65:6a:8b:91:9b:b2:14:c9:32:
35:68:ea:09:15:35:77:ac:84:66:50:5a:16:2b:f0:
f6:2b:12:bc:a6:6c:a0:e6:6b:d8:57:0e:54:c0:01:
73:c9:f6:a9:ba:ab:5c:86:29:54:49:18:9d:cf:39:
47:e5:2d:70:2d:dc:a2:5d:89:1c:dc:0f:f3:c8:a1:
8f:74:2f:dc:26:97:88:df:c7:c7:5e:04:d7:e3:a9:
48:99:2a:e8:46:27:f6:ad:08:ef:47:41:ff:88:d1:
d8:2e:b6:5d:26:93:20:7b:8d:d9:a3:82:06:2d:1e:
36:11:ad:7f:be:63:80:fd:ed:c5:93:15:a2:7e:6a:
8b:60:a6:c9:fe:28:ea:14:c4:cb:bd:eb:f1:82:f0:
eb:a2:c0:4c:08:71:60:74:ee:f8:74:d4:e5:a7:05:
bf:a9:04:71:c3:05:23:a1:a9:87:64:e9:48:ea:a3:
fa:10:40:92:9f:85:5b:76:0d:76:69:58:c7:fb:e9:
4b:80:c1:3f:71:69:62:78:13:9e:bf:89:35:42:a0:
e3:d8:e1:5f:4b:88:5a:69:3e:64:9e:c5:04:4e:42:
96:c0:d0:76:9c:a9:ff:4e:59:f5:27:8c:19:01:bb:
ee:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D3:D8:97:71:F1:69:F0:1B:EE:43:E2:31:BC:F2:38:4B:33:12:16
X509v3 Authority Key Identifier:
keyid:6D:D1:DC:4D:2E:B7:BF:2A:3F:08:D5:45:75:54:77:05:51:43:F1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdHcTS63vyo_CNVFdVR3BVFD8XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bee483-eeb3-4c53-a456-fb4c54b6733a/1/U9PYl3HxafAb7kPiMbzyOEszEhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/bee483-eeb3-4c53-a456-fb4c54b6733a/1/bdHcTS63vyo_CNVFdVR3BVFD8XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.140.0/22
IPv6:
2a10:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
03:fa:58:57:b3:14:47:79:aa:9f:0b:7f:68:ff:09:0a:02:93:
c2:d3:81:63:3d:bc:78:bc:c8:18:f9:dd:f5:1a:8f:95:41:dc:
cb:90:d7:20:dd:29:a2:90:5c:25:4c:7a:0e:cf:30:c2:e9:8e:
f6:2b:cb:76:42:08:df:f6:4f:cb:c6:44:d2:ad:cd:a0:f3:bc:
38:7c:91:0c:de:82:13:37:71:60:a7:22:8f:72:84:12:e1:fa:
d1:77:78:12:6e:8a:46:6c:f8:86:85:97:73:33:cf:be:d4:b5:
b3:e2:42:2f:e1:4b:6b:2f:9b:58:fc:66:15:68:a0:f0:16:a7:
54:ab:2c:c1:b0:d0:e4:87:79:ee:9d:c8:c0:6d:83:93:a5:e3:
05:63:02:8a:c8:2e:be:74:de:e8:6b:b9:5c:ab:e6:95:92:b4:
d8:08:04:75:df:d8:0e:af:6e:8a:fd:b0:66:5b:72:5e:32:2c:
32:24:3c:0f:7f:21:ff:b8:fe:c5:62:09:8c:20:bd:55:f0:bb:
5b:68:be:5b:b3:ca:1d:df:7b:7e:7c:be:fe:60:9c:2b:d9:b6:
ff:b7:24:ae:9f:5e:74:6e:77:5e:24:c2:a9:a4:77:a1:e2:ef:
b1:66:6d:50:57:4c:be:0b:4b:a6:28:9c:73:c6:12:d2:3a:01:
d1:8d:1c:a0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJEZHq62uLjf00wKMduBbPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDFkYzRkMmViN2JmMmEzZjA4ZDU0NTc1NTQ3NzA1NTE0
M2YxNzQwHhcNMjQwOTMwMTkyNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QzZDg5NzcxZjE2OWYwMWJlZTQzZTIzMWJjZjIzODRiMzMxMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eMMKEdDErO+FA7cL5iB+RDu07Vl
aouRm7IUyTI1aOoJFTV3rIRmUFoWK/D2KxK8pmyg5mvYVw5UwAFzyfapuqtchilU
SRidzzlH5S1wLdyiXYkc3A/zyKGPdC/cJpeI38fHXgTX46lImSroRif2rQjvR0H/
iNHYLrZdJpMge43Zo4IGLR42Ea1/vmOA/e3FkxWifmqLYKbJ/ijqFMTLvevxgvDr
osBMCHFgdO74dNTlpwW/qQRxwwUjoamHZOlI6qP6EECSn4Vbdg12aVjH++lLgME/
cWlieBOev4k1QqDj2OFfS4haaT5knsUETkKWwNB2nKn/Tln1J4wZAbvu7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFPT2Jdx8WnwG+5D4jG88jhLMxIWMB8GA1UdIwQY
MBaAFG3R3E0ut78qPwjVRXVUdwVRQ/F0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRIY1RTNjN2eW9fQ05WRmRWUjNCVkZEOFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iZWU0ODMtZWViMy00YzUzLWE0NTYt
ZmI0YzU0YjY3MzNhLzEvVTlQWWwzSHhhZkFiN2tQaU1ienlPRXN6RWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iZWU0ODMtZWViMy00YzUzLWE0NTYtZmI0YzU0YjY3MzNh
LzEvYmRIY1RTNjN2eW9fQ05WRmRWUjNCVkZEOFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ+MMA0E
AgACMAcDBQMqEG5AMA0GCSqGSIb3DQEBCwUAA4IBAQAD+lhXsxRHeaqfC39o/wkK
ApPC04FjPbx4vMgY+d31Go+VQdzLkNcg3SmikFwlTHoOzzDC6Y72K8t2Qgjf9k/L
xkTSrc2g87w4fJEM3oITN3FgpyKPcoQS4frRd3gSbopGbPiGhZdzM8++1LWz4kIv
4UtrL5tY/GYVaKDwFqdUqyzBsNDkh3nuncjAbYOTpeMFYwKKyC6+dN7oa7lcq+aV
krTYCAR139gOr26K/bBmW3JeMiwyJDwPfyH/uP7FYgmMIL1V8LtbaL5bs8od33t+
fL7+YJwr2bb/tySun150bndeJMKppHeh4u+xZm1QV0y+C0umKJxzxhLSOgHRjRyg
-----END CERTIFICATE-----
Generated at Wed Nov 6 20:24:34 2024 by rpki-client on console-fra.rpki-client.org