Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0a50d0-564f-40e0-8589-c9f7d02f90c0/1/1NpTN-HURuLni185UtO-OBesl9A.roa
File: 1NpTN-HURuLni185UtO-OBesl9A.roa (raw, json)
Hash identifier: OomPWFsMLS6Pg0csbHWUdeJxAtRAm2GP+ASHLHfrPNY=
Subject key identifier: D4:DA:53:37:E1:D4:46:E2:E7:8B:5F:39:52:D3:BE:38:17:AC:97:D0
Certificate issuer: /CN=fbf2a5a5df4d95ac0115caedad194b62688f2bba
Certificate serial: 0186C791E6A1687CB523DE9A2F8188D36B3F
Authority key identifier: FB:F2:A5:A5:DF:4D:95:AC:01:15:CA:ED:AD:19:4B:62:68:8F:2B:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_Klpd9NlawBFcrtrRlLYmiPK7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/0a50d0-564f-40e0-8589-c9f7d02f90c0/1/1NpTN-HURuLni185UtO-OBesl9A.roa
Signing time: Thu 09 Mar 2023 18:11:13 +0000
ROA not before: Thu 09 Mar 2023 18:11:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208603
IP address blocks: 45.90.252.0/22 maxlen: 24
45.90.254.0/24 maxlen: 24
45.90.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:91:e6:a1:68:7c:b5:23:de:9a:2f:81:88:d3:6b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf2a5a5df4d95ac0115caedad194b62688f2bba
Validity
Not Before: Mar 9 18:11:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4da5337e1d446e2e78b5f3952d3be3817ac97d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:61:97:41:65:85:61:f2:04:b9:ed:01:dc:
14:bc:b5:fd:73:5f:6b:c7:31:cf:84:f3:76:2f:99:
b3:b2:01:61:51:cb:b7:0b:85:56:fa:55:80:7b:9b:
ff:0e:ee:2e:de:d5:51:72:56:b3:a3:a8:9a:03:c6:
e7:55:1b:37:d6:b3:9c:93:53:f0:1f:d9:01:83:e5:
7f:69:5c:1c:0f:0c:4f:19:89:38:99:ba:53:0d:d1:
8f:55:4b:28:78:06:ec:10:69:5e:cd:db:18:a0:d0:
94:96:87:61:c0:48:99:47:ce:04:0b:64:1f:a4:e8:
99:66:b1:68:a8:80:e2:40:3d:b1:bc:c2:58:5c:70:
66:4b:d7:17:ed:52:f5:8c:8d:5a:a6:c5:85:db:02:
0e:a4:73:8f:60:3b:4f:c5:b5:c4:6f:39:59:04:fc:
ac:77:09:9d:74:4a:d8:eb:97:de:bd:5a:e1:a8:36:
35:f7:4e:57:86:14:ea:94:a6:55:9f:a2:79:2c:3a:
19:17:35:ec:99:c4:f4:b9:17:72:3b:3e:62:fb:07:
d9:d3:7b:87:a8:ba:fa:76:d2:21:5a:d9:1b:1a:da:
0e:7c:b2:fa:7b:03:10:2a:f0:aa:ce:fb:c4:60:af:
ea:b3:84:a4:c7:3c:fa:f8:b3:93:e6:d2:0f:b6:06:
80:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DA:53:37:E1:D4:46:E2:E7:8B:5F:39:52:D3:BE:38:17:AC:97:D0
X509v3 Authority Key Identifier:
keyid:FB:F2:A5:A5:DF:4D:95:AC:01:15:CA:ED:AD:19:4B:62:68:8F:2B:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_Klpd9NlawBFcrtrRlLYmiPK7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0a50d0-564f-40e0-8589-c9f7d02f90c0/1/1NpTN-HURuLni185UtO-OBesl9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0a50d0-564f-40e0-8589-c9f7d02f90c0/1/1-_Klpd9NlawBFcrtrRlLYmiPK7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:93:18:3e:aa:ef:8d:7c:00:ec:97:1c:b1:91:ac:c5:c1:14:
cc:05:5c:3c:8c:c2:b7:b5:dc:c6:49:75:cf:ec:e7:59:a8:c9:
51:53:19:37:29:e0:ef:41:33:1c:c5:2c:44:ed:1a:03:18:86:
45:24:e3:01:7a:d4:6d:73:2c:fa:6e:06:d1:ef:6d:eb:9a:e0:
34:65:2f:a1:f1:41:d6:5b:dd:85:8d:5e:da:eb:f6:61:4d:26:
ae:e0:80:37:c1:62:6e:93:76:84:e7:10:f5:e2:a7:72:92:ca:
78:61:e0:3e:54:34:d9:30:e3:19:ec:7d:aa:c0:b5:fd:5f:2d:
e3:ca:b7:2b:70:e5:93:34:96:cc:e8:7f:c1:12:b2:43:41:f7:
12:64:1d:06:ff:3b:9d:c4:99:aa:76:f0:30:de:e3:11:7f:17:
de:aa:ee:c5:7f:c0:61:2e:f8:65:35:4b:a8:79:a0:50:f1:a6:
2e:5e:df:d5:54:20:09:eb:58:ed:75:5f:5a:87:99:9f:8f:4c:
be:35:99:9d:f9:a9:16:fa:9a:66:6d:a1:6a:9f:a1:48:0a:fb:
b5:fd:7e:e9:2c:a3:12:06:43:3d:00:b4:2a:57:f5:cb:e1:dc:
45:7e:7b:5c:e6:5d:9c:cc:d2:07:92:22:02:08:71:1e:8c:0e:
5f:32:f5:f3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYbHkeahaHy1I96aL4GI02s/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjJhNWE1ZGY0ZDk1YWMwMTE1Y2FlZGFkMTk0YjYyNjg4
ZjJiYmEwHhcNMjMwMzA5MTgxMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRhNTMzN2UxZDQ0NmUyZTc4YjVmMzk1MmQzYmUzODE3YWM5N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4phl0FlhWHyBLntAdwUvLX9c19r
xzHPhPN2L5mzsgFhUcu3C4VW+lWAe5v/Du4u3tVRclazo6iaA8bnVRs31rOck1Pw
H9kBg+V/aVwcDwxPGYk4mbpTDdGPVUsoeAbsEGlezdsYoNCUlodhwEiZR84EC2Qf
pOiZZrFoqIDiQD2xvMJYXHBmS9cX7VL1jI1apsWF2wIOpHOPYDtPxbXEbzlZBPys
dwmddErY65fevVrhqDY1905XhhTqlKZVn6J5LDoZFzXsmcT0uRdyOz5i+wfZ03uH
qLr6dtIhWtkbGtoOfLL6ewMQKvCqzvvEYK/qs4Skxzz6+LOT5tIPtgaAgQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNTaUzfh1Ebi54tfOVLTvjgXrJfQMB8GA1UdIwQY
MBaAFPvypaXfTZWsARXK7a0ZS2Jojyu6MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fS2xwZDlObGF3QkZjcnRyUmxMWW1pUEs3by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2EvMGE1MGQwLTU2NGYtNDBlMC04NTg5
LWM5ZjdkMDJmOTBjMC8xLzFOcFROLUhVUnVMbmkxODVVdE8tT0Jlc2w5QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvMGE1MGQwLTU2NGYtNDBlMC04NTg5LWM5ZjdkMDJmOTBj
MC8xLzEtX0tscGQ5Tmxhd0JGY3J0clJsTFltaVBLN28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItWvww
DQYJKoZIhvcNAQELBQADggEBACqTGD6q7418AOyXHLGRrMXBFMwFXDyMwre13MZJ
dc/s51moyVFTGTcp4O9BMxzFLETtGgMYhkUk4wF61G1zLPpuBtHvbeua4DRlL6Hx
QdZb3YWNXtrr9mFNJq7ggDfBYm6TdoTnEPXip3KSynhh4D5UNNkw4xnsfarAtf1f
LePKtytw5ZM0lszof8ESskNB9xJkHQb/O53Emap28DDe4xF/F96q7sV/wGEu+GU1
S6h5oFDxpi5e39VUIAnrWO11X1qHmZ+PTL41mZ35qRb6mmZtoWqfoUgK+7X9fuks
oxIGQz0AtCpX9cvh3EV+e1zmXZzM0geSIgIIcR6MDl8y9fM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:53 2024 by rpki-client on console-fra.rpki-client.org