Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HR9zwoh2fAM2Sxd2DoxRYyTPKLs.roa
File: HR9zwoh2fAM2Sxd2DoxRYyTPKLs.roa (raw, json)
Hash identifier: 0jUiwjl/XCxoqxrnr4COIq1EA6jawAQ3R9GzrFo2K2I=
Subject key identifier: 1D:1F:73:C2:88:76:7C:03:36:4B:17:76:0E:8C:51:63:24:CF:28:BB
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C1EF9A8A76B0DAFF079891B2D9ED5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HR9zwoh2fAM2Sxd2DoxRYyTPKLs.roa
Signing time: Mon 02 Jan 2023 05:54:57 +0000
ROA not before: Mon 02 Jan 2023 05:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47895
IP address blocks: 45.132.253.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
45.132.252.0/22 maxlen: 22
45.132.255.0/24 maxlen: 24
45.132.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 12:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1e:f9:a8:a7:6b:0d:af:f0:79:89:1b:2d:9e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d1f73c288767c03364b17760e8c516324cf28bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:6b:3a:26:b4:42:eb:ee:3e:68:73:f7:12:61:
14:36:30:65:3f:9c:05:6e:5e:8b:3f:b3:e4:ef:22:
b4:35:fe:6c:b7:68:e1:cb:69:eb:f3:ed:17:d9:4e:
be:60:3d:36:b9:e8:ae:ae:ae:01:5d:32:2a:f6:31:
06:97:c0:99:9c:13:0e:7d:dc:df:62:67:d0:9c:7d:
37:6a:73:10:0e:17:a0:79:14:e9:5d:dc:1d:79:d9:
88:54:ca:99:08:41:a4:13:07:e7:df:7d:7a:0a:c6:
ce:6c:d5:78:50:e7:f4:c7:87:01:d7:3b:fc:1a:a0:
ba:97:dd:9d:3e:e8:23:4b:e8:33:84:75:8c:27:5f:
10:a3:e7:ba:3d:73:20:46:35:63:3c:cc:9d:0b:31:
29:31:1c:e6:85:af:b9:68:9d:26:c6:85:ba:a9:91:
12:0b:af:82:c8:8d:43:d4:31:df:d5:4d:67:d7:7f:
22:d1:1a:b9:4d:bc:fc:aa:7a:bf:9d:0a:5d:83:c9:
e2:6b:62:55:79:fd:39:7b:4b:31:53:c8:dc:28:4c:
23:6e:1c:55:b1:91:01:41:0f:07:cb:33:41:2d:5a:
19:c8:1e:e5:c4:53:23:3f:7f:36:3b:ee:15:62:fb:
52:b9:39:8f:fa:43:f8:45:bf:1c:c6:9d:45:e7:ef:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1F:73:C2:88:76:7C:03:36:4B:17:76:0E:8C:51:63:24:CF:28:BB
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HR9zwoh2fAM2Sxd2DoxRYyTPKLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.252.0/22
Signature Algorithm: sha256WithRSAEncryption
43:7b:4b:ce:03:18:51:02:c6:dd:a5:42:67:9d:1b:96:66:86:
9d:ae:27:83:d9:08:d6:02:86:e9:19:3e:f6:d9:5a:35:ef:b9:
d2:be:b7:b1:c2:b1:e1:50:cd:4c:49:2a:ce:58:fb:e7:cb:80:
01:4a:1b:b0:d6:c0:75:3b:cc:60:43:0a:2c:65:ca:73:f0:0e:
7f:9d:c1:d9:10:a0:9f:af:f0:fb:58:08:69:f7:cf:96:50:77:
a4:87:bb:00:14:68:74:e8:03:b9:47:f1:d2:09:d2:4e:3d:36:
d8:fc:b5:03:ae:88:4b:86:10:0b:b4:0a:a9:d9:46:9b:71:73:
1c:61:5f:f6:5f:e2:83:1a:42:a2:57:e2:f0:58:41:e8:a0:9c:
d4:89:8e:7d:3d:3f:06:a0:76:37:87:54:47:59:7e:57:18:91:
23:30:e9:7e:dc:20:5e:03:c2:86:2c:03:d2:7c:90:ff:3f:3c:
32:56:00:cb:80:f7:2f:66:2b:8e:37:22:95:de:f8:46:a8:65:
1c:e8:7e:92:52:e1:92:8c:a5:03:3d:53:04:96:b7:7f:72:7b:
ee:79:4a:9e:11:be:cb:eb:1d:90:41:f0:1e:ee:ea:fe:d5:ec:
28:60:db:c0:ec:18:41:71:54:03:aa:82:37:96:8f:51:1b:d4:
06:f0:91:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDB75qKdrDa/weYkbLZ7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDFmNzNjMjg4NzY3YzAzMzY0YjE3NzYwZThjNTE2MzI0Y2YyOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92s6JrRC6+4+aHP3EmEUNjBlP5wF
bl6LP7Pk7yK0Nf5st2jhy2nr8+0X2U6+YD02ueiurq4BXTIq9jEGl8CZnBMOfdzf
YmfQnH03anMQDhegeRTpXdwdedmIVMqZCEGkEwfn3316CsbObNV4UOf0x4cB1zv8
GqC6l92dPugjS+gzhHWMJ18Qo+e6PXMgRjVjPMydCzEpMRzmha+5aJ0mxoW6qZES
C6+CyI1D1DHf1U1n138i0Rq5Tbz8qnq/nQpdg8nia2JVef05e0sxU8jcKEwjbhxV
sZEBQQ8HyzNBLVoZyB7lxFMjP382O+4VYvtSuTmP+kP4Rb8cxp1F5+/90wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0fc8KIdnwDNksXdg6MUWMkzyi7MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSFI5endvaDJmQU0yU3hkMkRveFJZeVRQS0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYT8MA0G
CSqGSIb3DQEBCwUAA4IBAQBDe0vOAxhRAsbdpUJnnRuWZoadrieD2QjWAobpGT72
2Vo177nSvrexwrHhUM1MSSrOWPvny4ABShuw1sB1O8xgQwosZcpz8A5/ncHZEKCf
r/D7WAhp98+WUHekh7sAFGh06AO5R/HSCdJOPTbY/LUDrohLhhALtAqp2UabcXMc
YV/2X+KDGkKiV+LwWEHooJzUiY59PT8GoHY3h1RHWX5XGJEjMOl+3CBeA8KGLAPS
fJD/PzwyVgDLgPcvZiuONyKV3vhGqGUc6H6SUuGSjKUDPVMElrd/cnvueUqeEb7L
6x2QQfAe7ur+1ewoYNvA7BhBcVQDqoI3lo9RG9QG8JGv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org