Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/tDQKdZ4f__uixxSdDqnxGsPKNNc.roa
File: tDQKdZ4f__uixxSdDqnxGsPKNNc.roa (raw, json)
Hash identifier: CZ9kxIyNgZl8e3LjGOgFLxXNk9Nav8+qbuAOqLeJ3SE=
Subject key identifier: B4:34:0A:75:9E:1F:FF:FB:A2:C7:14:9D:0E:A9:F1:1A:C3:CA:34:D7
Certificate issuer: /CN=b960b14746c5875244ae3b694162ec6d8c63255e
Certificate serial: 0185706767ADD2291AD43E63850279CC3D8A
Authority key identifier: B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/tDQKdZ4f__uixxSdDqnxGsPKNNc.roa
Signing time: Mon 02 Jan 2023 02:55:03 +0000
ROA not before: Mon 02 Jan 2023 02:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208390
IP address blocks: 45.135.209.0/24 maxlen: 24
45.135.208.0/24 maxlen: 24
45.135.208.0/22 maxlen: 22
2a0e:8ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:67:ad:d2:29:1a:d4:3e:63:85:02:79:cc:3d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b960b14746c5875244ae3b694162ec6d8c63255e
Validity
Not Before: Jan 2 02:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4340a759e1ffffba2c7149d0ea9f11ac3ca34d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cb:51:f0:02:f4:99:44:4f:62:af:ba:0b:34:
fc:f5:b8:07:75:08:9c:b2:63:a8:ce:ee:38:34:0a:
11:e7:80:45:66:0f:23:5a:2c:96:f2:87:96:47:4a:
89:02:f4:f4:fd:72:4a:99:f7:f1:ed:a0:aa:c9:28:
f0:35:b2:1e:4b:d1:33:11:7b:a8:e4:2f:3e:bd:d5:
09:9e:17:0a:5a:0c:bf:57:7a:b5:89:1f:bd:10:65:
89:33:f0:f4:ce:53:f0:8f:e7:16:27:2f:bd:f7:e3:
f4:03:9f:02:0b:ca:4c:59:b3:43:ce:2f:40:fd:b4:
6e:74:94:e1:dc:5b:41:b1:48:a0:6d:aa:71:f3:44:
fe:10:c0:72:fd:50:3f:0d:4c:00:88:34:11:1e:a7:
ab:71:d1:bd:c1:59:ce:f9:8a:5c:c0:69:c9:ee:da:
57:44:7d:33:90:eb:ed:84:4c:e3:7d:12:da:94:e6:
da:90:0e:9b:30:7e:bf:85:84:59:34:f7:46:94:92:
11:4c:ef:3a:d1:41:12:cb:ba:aa:09:90:63:55:8a:
45:6b:e3:09:73:23:4c:b0:40:fb:64:fd:ed:ce:ac:
c5:11:6d:8e:d1:ac:28:0b:c2:c2:db:96:ec:05:32:
7d:f3:a8:ee:83:d3:6b:c9:7b:d0:46:d2:fc:0e:b3:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:34:0A:75:9E:1F:FF:FB:A2:C7:14:9D:0E:A9:F1:1A:C3:CA:34:D7
X509v3 Authority Key Identifier:
keyid:B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/tDQKdZ4f__uixxSdDqnxGsPKNNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.208.0/22
IPv6:
2a0e:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
51:ee:60:54:dc:90:4e:42:51:5d:d7:0e:c7:73:4a:1a:72:6c:
dd:d1:84:9f:32:4c:74:ff:36:98:99:db:0d:2f:76:cb:19:9b:
b1:2a:a0:6b:c0:7a:8c:d7:85:7d:d7:17:a5:2a:83:3c:f2:f8:
7e:f9:c4:92:bf:d5:4e:80:20:ba:f8:4f:17:c5:97:c4:8a:80:
76:d9:28:e0:8a:8b:f8:c7:a8:24:04:4f:33:76:7c:45:82:1a:
e0:3f:fb:03:47:ce:76:bd:a6:db:3a:4a:d5:95:e4:d6:c9:b9:
da:b7:63:53:49:42:8f:e1:49:60:b9:d7:1b:38:27:49:f0:2a:
7f:8c:ff:7f:f0:f5:c4:bf:a0:00:27:f4:02:18:78:bf:b6:67:
fd:f3:13:a5:a0:87:43:dc:1d:83:4b:f3:b7:84:5f:b8:33:b5:
23:01:55:47:01:49:99:86:2a:62:8d:95:6e:fb:c8:a3:16:cd:
a9:18:db:18:16:ee:df:60:52:ba:ab:62:6a:cb:2b:cf:04:30:
01:2f:64:40:b9:26:e2:00:5c:f8:8e:92:19:03:33:40:0a:6d:
a4:05:3c:4d:2e:ce:f2:14:98:46:e5:8b:8f:7f:57:47:91:52:
66:70:9d:9d:ca:67:79:92:fe:f6:ef:05:43:0f:fd:2a:39:8c:
94:d8:0a:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZ2et0ika1D5jhQJ5zD2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NjBiMTQ3NDZjNTg3NTI0NGFlM2I2OTQxNjJlYzZkOGM2
MzI1NWUwHhcNMjMwMTAyMDI1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM0MGE3NTllMWZmZmZiYTJjNzE0OWQwZWE5ZjExYWMzY2EzNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhstR8AL0mURPYq+6CzT89bgHdQic
smOozu44NAoR54BFZg8jWiyW8oeWR0qJAvT0/XJKmffx7aCqySjwNbIeS9EzEXuo
5C8+vdUJnhcKWgy/V3q1iR+9EGWJM/D0zlPwj+cWJy+99+P0A58CC8pMWbNDzi9A
/bRudJTh3FtBsUigbapx80T+EMBy/VA/DUwAiDQRHqercdG9wVnO+YpcwGnJ7tpX
RH0zkOvthEzjfRLalObakA6bMH6/hYRZNPdGlJIRTO860UESy7qqCZBjVYpFa+MJ
cyNMsED7ZP3tzqzFEW2O0awoC8LC25bsBTJ986jug9NryXvQRtL8DrO+ZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLQ0CnWeH//7oscUnQ6p8RrDyjTXMB8GA1UdIwQY
MBaAFLlgsUdGxYdSRK47aUFi7G2MYyVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTkt
MTg4ODJhMjgwOWIyLzEvdERRS2RaNGZfX3VpeHhTZERxbnhHc1BLTk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTktMTg4ODJhMjgwOWIy
LzEvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYfQMA0E
AgACMAcDBQMqDo7AMA0GCSqGSIb3DQEBCwUAA4IBAQBR7mBU3JBOQlFd1w7Hc0oa
cmzd0YSfMkx0/zaYmdsNL3bLGZuxKqBrwHqM14V91xelKoM88vh++cSSv9VOgCC6
+E8XxZfEioB22Sjgiov4x6gkBE8zdnxFghrgP/sDR852vabbOkrVleTWybnat2NT
SUKP4UlgudcbOCdJ8Cp/jP9/8PXEv6AAJ/QCGHi/tmf98xOloIdD3B2DS/O3hF+4
M7UjAVVHAUmZhipijZVu+8ijFs2pGNsYFu7fYFK6q2JqyyvPBDABL2RAuSbiAFz4
jpIZAzNACm2kBTxNLs7yFJhG5YuPf1dHkVJmcJ2dymd5kv727wVDD/0qOYyU2Ark
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:48 2024 by rpki-client on console-fra.rpki-client.org