Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/af_aRZMnHoT0PyGXv8yFHkk4Nfg.roa
File: af_aRZMnHoT0PyGXv8yFHkk4Nfg.roa (raw, json)
Hash identifier: lEC9MIHdcufseDT/eV1KV7mZ/uQuu3vJ0HsmpSSsC9o=
Subject key identifier: 69:FF:DA:45:93:27:1E:84:F4:3F:21:97:BF:CC:85:1E:49:38:35:F8
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018C6F3D6F4FCCDEA8C7F2886EA167943676
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/af_aRZMnHoT0PyGXv8yFHkk4Nfg.roa
Signing time: Fri 15 Dec 2023 20:49:06 +0000
ROA not before: Fri 15 Dec 2023 20:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47895
IP address blocks: 45.132.252.0/24 maxlen: 24
45.132.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:3d:6f:4f:cc:de:a8:c7:f2:88:6e:a1:67:94:36:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Dec 15 20:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ffda4593271e84f43f2197bfcc851e493835f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1d:db:8e:a7:95:4c:ac:5a:c8:79:16:53:3d:
f1:39:c2:20:41:10:12:9a:63:32:3d:e6:dc:7e:c4:
4d:3c:0f:4f:09:34:1b:fa:72:09:73:cd:e9:0e:a1:
11:92:d4:67:c8:0e:18:fd:f0:4e:12:53:a2:43:ae:
5d:b7:f6:50:49:e9:a6:0f:18:6b:09:35:23:9d:3a:
6c:35:81:7e:1b:f7:99:05:2e:8a:9e:ea:12:ab:60:
39:a9:5e:f7:94:dd:f3:9c:72:52:74:a5:00:16:8f:
be:7f:10:38:dd:80:a6:87:8c:ab:eb:e4:b4:ac:ee:
59:2d:f6:72:f7:c5:51:d6:9b:bd:42:3d:0b:26:71:
30:ff:4a:a7:c4:e4:f4:67:ee:4d:73:85:c7:f1:d8:
e3:db:71:02:23:05:04:dc:c5:b2:2e:91:8c:23:d8:
68:1b:b6:86:93:f9:fb:47:ec:f0:55:39:96:90:13:
55:36:7a:5b:7b:64:df:60:99:53:9c:11:b8:53:28:
54:ac:11:25:54:08:35:97:09:18:fd:aa:b0:5a:c0:
d9:4d:69:f3:95:0c:c5:d4:5c:49:99:8c:75:11:97:
14:5a:1d:e0:17:34:b7:9d:c1:dc:e2:20:b8:b7:d5:
11:1d:ed:71:4c:f8:b0:b3:a5:be:cb:86:a2:db:c7:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:DA:45:93:27:1E:84:F4:3F:21:97:BF:CC:85:1E:49:38:35:F8
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/af_aRZMnHoT0PyGXv8yFHkk4Nfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:f2:d8:b7:47:a3:a3:bf:30:36:00:10:53:29:fe:12:02:bd:
36:17:08:24:df:52:72:6c:a0:e6:c6:46:c0:d7:cc:e3:1f:25:
d3:b3:30:5b:dd:bc:ac:28:70:b6:93:e2:41:95:52:34:51:28:
43:6d:ec:3c:4e:02:89:c4:80:03:0d:dd:e3:e2:c0:44:14:77:
78:55:25:c8:67:3a:3a:ef:44:41:d2:ea:b1:e6:71:5c:55:98:
e7:b5:16:0e:ce:16:44:57:f1:fd:0e:22:e5:f0:6f:87:ff:aa:
9f:d8:7c:b7:d5:7e:e4:da:dc:e7:d0:06:0f:22:7c:4f:59:de:
4d:8f:ad:b2:23:e5:97:e8:9a:08:73:0c:8a:2b:43:e5:9c:c2:
58:f8:f8:a9:25:6e:7a:9f:67:7d:6b:3a:31:c4:1b:fc:73:bf:
79:a9:1f:3b:28:90:c3:27:5f:ea:ec:6c:8d:a6:45:e4:07:f0:
ca:8c:cc:e1:f6:7a:4d:02:2b:33:5a:37:94:ec:9e:e4:cf:35:
ad:30:25:b3:97:16:90:6a:33:2b:e7:b8:27:cc:8c:a4:cc:6f:
cc:0c:dc:c2:5b:4b:30:c5:f4:f3:93:34:0d:53:31:4c:92:e8:
b6:4d:a0:65:1c:1d:4d:49:28:48:88:76:0f:3d:79:5c:68:f9:
4b:86:4a:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxvPW9PzN6ox/KIbqFnlDZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMjE1MjA0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmZGE0NTkzMjcxZTg0ZjQzZjIxOTdiZmNjODUxZTQ5MzgzNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0x3bjqeVTKxayHkWUz3xOcIgQRAS
mmMyPebcfsRNPA9PCTQb+nIJc83pDqERktRnyA4Y/fBOElOiQ65dt/ZQSemmDxhr
CTUjnTpsNYF+G/eZBS6KnuoSq2A5qV73lN3znHJSdKUAFo++fxA43YCmh4yr6+S0
rO5ZLfZy98VR1pu9Qj0LJnEw/0qnxOT0Z+5Nc4XH8djj23ECIwUE3MWyLpGMI9ho
G7aGk/n7R+zwVTmWkBNVNnpbe2TfYJlTnBG4UyhUrBElVAg1lwkY/aqwWsDZTWnz
lQzF1FxJmYx1EZcUWh3gFzS3ncHc4iC4t9URHe1xTPiws6W+y4ai28cxNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn/2kWTJx6E9D8hl7/MhR5JODX4MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYWZfYVJaTW5Ib1QwUHlHWHY4eUZIa2s0TmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYT8MA0G
CSqGSIb3DQEBCwUAA4IBAQBe8ti3R6OjvzA2ABBTKf4SAr02Fwgk31JybKDmxkbA
18zjHyXTszBb3bysKHC2k+JBlVI0UShDbew8TgKJxIADDd3j4sBEFHd4VSXIZzo6
70RB0uqx5nFcVZjntRYOzhZEV/H9DiLl8G+H/6qf2Hy31X7k2tzn0AYPInxPWd5N
j62yI+WX6JoIcwyKK0PlnMJY+PipJW56n2d9azoxxBv8c795qR87KJDDJ1/q7GyN
pkXkB/DKjMzh9npNAiszWjeU7J7kzzWtMCWzlxaQajMr57gnzIykzG/MDNzCW0sw
xfTzkzQNUzFMkui2TaBlHB1NSShIiHYPPXlcaPlLhkrg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org