Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bLkCrv17R4Icop6c24viIMav3HM.roa
File: bLkCrv17R4Icop6c24viIMav3HM.roa (raw, json)
Hash identifier: N1MjIi+q+2dADU76sE9pkDw29GbQMXeKa84Pul+JZeU=
Subject key identifier: 6C:B9:02:AE:FD:7B:47:82:1C:A2:9E:9C:DB:8B:E2:20:C6:AF:DC:73
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018BFD1F322F09B7A6FDB75B4EC969F8CC93
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bLkCrv17R4Icop6c24viIMav3HM.roa
Signing time: Thu 23 Nov 2023 16:59:21 +0000
ROA not before: Thu 23 Nov 2023 16:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47895
IP address blocks: 45.132.253.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
45.132.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 15 Dec 2023 20:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:1f:32:2f:09:b7:a6:fd:b7:5b:4e:c9:69:f8:cc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Nov 23 16:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cb902aefd7b47821ca29e9cdb8be220c6afdc73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ad:f6:88:38:78:dd:d7:c0:85:b7:8e:63:1f:
e8:84:f8:e8:6a:f4:10:4f:72:00:da:36:09:07:aa:
b3:34:c7:bb:a2:b6:c5:80:7f:9a:53:98:ee:81:25:
2e:e5:49:2c:f6:a7:8a:ae:e9:c8:8e:31:97:b0:49:
da:c1:2e:a3:43:6e:56:8b:e7:23:42:38:c2:ea:e0:
f8:2d:87:a1:33:17:3f:1f:d4:b1:8b:b6:41:85:9a:
2f:b2:93:ee:cd:ea:f0:b7:68:fd:f1:fe:45:ea:f4:
5e:35:46:0d:0b:fe:17:00:f0:d9:35:ac:8c:6f:42:
90:29:b6:61:62:06:4e:12:2e:6f:11:ff:63:d3:de:
48:27:b5:34:65:5c:8f:84:5e:44:eb:6b:65:a3:42:
23:c6:5b:d3:06:19:c3:2b:ba:1d:76:4b:85:a5:f6:
6f:24:b5:ca:2c:e1:1d:97:bb:c4:52:7c:49:23:8d:
95:49:45:78:62:c2:61:9b:bf:d5:42:c4:d9:96:fb:
29:d9:d7:6a:53:3a:f6:23:4c:ee:9c:25:20:b3:a4:
92:82:e5:fb:fd:dd:ee:55:1b:f7:18:a1:ca:49:1b:
87:dc:d4:c3:be:92:3c:1d:a0:92:6b:6f:0b:22:aa:
bc:de:50:f3:8e:a3:7b:01:ce:74:68:4a:ab:03:c2:
45:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B9:02:AE:FD:7B:47:82:1C:A2:9E:9C:DB:8B:E2:20:C6:AF:DC:73
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bLkCrv17R4Icop6c24viIMav3HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.252.0/22
Signature Algorithm: sha256WithRSAEncryption
91:aa:bf:6c:1c:2d:44:2b:31:03:7e:2a:ca:ad:d7:82:77:bc:
66:55:4d:5b:ee:79:3c:c2:bd:6c:da:c2:ca:f6:1d:79:d3:35:
83:92:f9:19:da:1d:3c:99:0b:1a:2a:d3:1b:28:7e:8a:41:7c:
a7:1a:e9:8a:d7:9a:ae:dc:6f:79:f3:c2:6b:51:7f:bc:26:09:
6e:cc:f2:ad:b0:0f:5a:24:22:f1:63:0f:45:8a:b9:bb:cc:19:
6b:7d:90:0a:4e:c9:e5:a8:56:59:7f:82:21:4d:00:9e:b4:0a:
f4:5d:6e:4e:34:e2:b9:a1:8d:51:25:c3:37:0c:2a:4e:9c:89:
29:f7:99:18:73:e3:0a:b3:3e:4a:ee:0a:38:f9:84:69:00:ed:
8e:cc:9d:e4:68:df:d0:39:18:b9:ce:af:6f:b7:1e:3b:e7:0b:
44:07:d1:03:1e:ac:b1:6a:3f:71:b8:5a:5b:9c:57:8b:48:87:
9d:29:e1:c3:84:72:c8:01:17:34:95:a4:4d:0f:2e:ea:01:4e:
7b:cf:c0:f5:ec:9b:41:28:08:6b:f0:4d:62:85:08:b0:af:00:
2a:87:18:74:21:e0:10:1a:36:63:b7:2f:3e:b3:3c:6f:0f:b4:
2a:6a:7f:d5:a1:96:4a:4e:69:66:c5:25:02:46:a3:36:f6:10:
87:c3:35:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv9HzIvCbem/bdbTslp+MyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTIzMTY1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2I5MDJhZWZkN2I0NzgyMWNhMjllOWNkYjhiZTIyMGM2YWZkYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq32iDh43dfAhbeOYx/ohPjoavQQ
T3IA2jYJB6qzNMe7orbFgH+aU5jugSUu5Uks9qeKrunIjjGXsEnawS6jQ25Wi+cj
QjjC6uD4LYehMxc/H9Sxi7ZBhZovspPuzerwt2j98f5F6vReNUYNC/4XAPDZNayM
b0KQKbZhYgZOEi5vEf9j095IJ7U0ZVyPhF5E62tlo0IjxlvTBhnDK7oddkuFpfZv
JLXKLOEdl7vEUnxJI42VSUV4YsJhm7/VQsTZlvsp2ddqUzr2I0zunCUgs6SSguX7
/d3uVRv3GKHKSRuH3NTDvpI8HaCSa28LIqq83lDzjqN7Ac50aEqrA8JFHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGy5Aq79e0eCHKKenNuL4iDGr9xzMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYkxrQ3J2MTdSNEljb3A2YzI0dmlJTWF2M0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYT8MA0G
CSqGSIb3DQEBCwUAA4IBAQCRqr9sHC1EKzEDfirKrdeCd7xmVU1b7nk8wr1s2sLK
9h150zWDkvkZ2h08mQsaKtMbKH6KQXynGumK15qu3G9588JrUX+8JgluzPKtsA9a
JCLxYw9Firm7zBlrfZAKTsnlqFZZf4IhTQCetAr0XW5ONOK5oY1RJcM3DCpOnIkp
95kYc+MKsz5K7go4+YRpAO2OzJ3kaN/QORi5zq9vtx475wtEB9EDHqyxaj9xuFpb
nFeLSIedKeHDhHLIARc0laRNDy7qAU57z8D17JtBKAhr8E1ihQiwrwAqhxh0IeAQ
GjZjty8+szxvD7Qqan/VoZZKTmlmxSUCRqM29hCHwzUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org