Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/06lUonzXc8emc0jcvu1QW_kkr0s.roa
File: 06lUonzXc8emc0jcvu1QW_kkr0s.roa (raw, json)
Hash identifier: qJVEbZFZmcJvGZZcbgqFNbtv58wMHxn83qeHWGw7eVc=
Subject key identifier: D3:A9:54:A2:7C:D7:73:C7:A6:73:48:DC:BE:ED:50:5B:F9:24:AF:4B
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01895071F12C44D8E9527229C4F993A65457
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/06lUonzXc8emc0jcvu1QW_kkr0s.roa
Signing time: Thu 13 Jul 2023 18:09:51 +0000
ROA not before: Thu 13 Jul 2023 18:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
2a07:c6c0:36::/48 maxlen: 48
2a07:c6c0:37::/48 maxlen: 48
2a0c:3ac0::/48 maxlen: 48
2a07:c6c0:35::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Jul 2023 13:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:71:f1:2c:44:d8:e9:52:72:29:c4:f9:93:a6:54:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 13 18:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3a954a27cd773c7a67348dcbeed505bf924af4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:21:9a:b0:93:52:34:b5:83:98:80:23:66:95:
9c:90:c5:07:02:f2:d6:7f:21:9e:2b:f6:d5:03:65:
ca:a2:4e:a5:94:da:77:27:2f:0c:f7:42:c5:4a:79:
a8:a1:6a:ea:c7:46:cf:d6:c8:fb:9f:ba:bb:f6:ee:
77:ee:7b:1a:79:88:f0:12:ea:b0:fe:a7:d4:99:e6:
d6:53:67:42:68:ef:dd:72:45:b1:17:0d:40:2c:a4:
37:cd:2b:38:13:ba:21:a1:92:e0:da:12:86:e3:3d:
52:c9:93:2a:75:2a:ca:b5:2c:6a:03:23:c4:b1:59:
8f:56:29:27:ce:3c:ef:51:88:9f:d9:bf:03:d7:93:
e3:19:b5:cc:4e:fd:38:33:87:4f:18:d7:3d:bf:a9:
85:3d:5d:3a:e2:9d:20:5e:e8:06:7f:89:f0:78:94:
a5:66:69:28:74:c4:e9:18:e7:86:d8:ca:6b:8d:b9:
74:8c:03:0b:55:84:6b:f8:49:f7:05:c5:ab:9a:7a:
ad:88:46:9b:6a:02:4c:39:81:6a:32:ed:f2:f4:f3:
25:68:5f:8a:fb:88:eb:a5:43:63:43:01:c6:d0:79:
0f:13:b6:b8:76:fa:a2:be:55:6c:d7:f6:69:0a:41:
48:e1:c0:9a:99:c9:b2:54:bb:3a:fb:3d:3e:4f:c2:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A9:54:A2:7C:D7:73:C7:A6:73:48:DC:BE:ED:50:5B:F9:24:AF:4B
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/06lUonzXc8emc0jcvu1QW_kkr0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.141.0/24
104.232.36.0/24
IPv6:
2a07:c6c0:35::-2a07:c6c0:37:ffff:ffff:ffff:ffff:ffff
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
51:0a:b6:c4:5c:a7:76:c4:89:f3:0c:ab:dc:ff:93:0a:a1:f3:
c2:e0:8c:b3:62:4c:15:ff:8a:a8:b9:d3:f5:de:04:fd:a7:af:
5f:b4:81:3d:e6:54:f5:ab:39:5e:12:d3:c8:5b:43:ac:b8:2a:
c0:de:b5:4c:da:ff:07:68:62:e3:b7:97:60:d1:78:3f:21:8c:
37:77:50:e2:18:f5:51:af:44:c7:9a:d1:65:ad:49:bc:73:c8:
f7:e0:4a:4c:8c:cc:43:ff:81:6d:23:6f:2a:56:15:12:4f:01:
af:1b:14:31:3d:cd:a9:9b:ad:38:dc:5d:37:51:dd:63:83:f3:
35:85:e2:32:35:7c:15:6c:89:2f:a4:d9:09:36:a4:35:4f:e1:
5d:5d:e8:6d:96:bc:0f:01:fb:cf:1d:d0:96:d3:83:ab:a0:94:
cd:f0:65:52:67:60:08:55:db:d0:33:86:64:23:ec:13:31:68:
94:58:2c:88:42:4e:78:58:b0:b2:a0:e0:25:7d:f8:05:6c:73:
72:d7:06:cc:cd:cc:4e:d1:1d:09:24:72:91:4b:20:78:04:76:
f0:05:57:36:0f:38:f0:b4:24:65:6a:df:4f:40:07:d2:3f:ed:
c4:bc:18:eb:f1:4c:52:71:e4:29:10:0c:59:62:a7:b8:1f:1d:
5c:16:3b:59
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYlQcfEsRNjpUnIpxPmTplRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwNzEzMTgwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E5NTRhMjdjZDc3M2M3YTY3MzQ4ZGNiZWVkNTA1YmY5MjRhZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiGasJNSNLWDmIAjZpWckMUHAvLW
fyGeK/bVA2XKok6llNp3Jy8M90LFSnmooWrqx0bP1sj7n7q79u537nsaeYjwEuqw
/qfUmebWU2dCaO/dckWxFw1ALKQ3zSs4E7ohoZLg2hKG4z1SyZMqdSrKtSxqAyPE
sVmPViknzjzvUYif2b8D15PjGbXMTv04M4dPGNc9v6mFPV064p0gXugGf4nweJSl
ZmkodMTpGOeG2Mprjbl0jAMLVYRr+En3BcWrmnqtiEabagJMOYFqMu3y9PMlaF+K
+4jrpUNjQwHG0HkPE7a4dvqivlVs1/ZpCkFI4cCamcmyVLs6+z0+T8KkZQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFNOpVKJ813PHpnNI3L7tUFv5JK9LMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMDZsVW9uelhjOGVtYzBqY3Z1MVFXX2trcjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQALUONAwQA
aOgkMCMEAgACMB0wEgMHACoHxsAANQMHAyoHxsAAMAMHACoMOsAAADANBgkqhkiG
9w0BAQsFAAOCAQEAUQq2xFyndsSJ8wyr3P+TCqHzwuCMs2JMFf+KqLnT9d4E/aev
X7SBPeZU9as5XhLTyFtDrLgqwN61TNr/B2hi47eXYNF4PyGMN3dQ4hj1Ua9Ex5rR
Za1JvHPI9+BKTIzMQ/+BbSNvKlYVEk8BrxsUMT3NqZutONxdN1HdY4PzNYXiMjV8
FWyJL6TZCTakNU/hXV3obZa8DwH7zx3QltODq6CUzfBlUmdgCFXb0DOGZCPsEzFo
lFgsiEJOeFiwsqDgJX34BWxzctcGzM3MTtEdCSRykUsgeAR28AVXNg848LQkZWrf
T0AH0j/txLwY6/FMUnHkKRAMWWKnuB8dXBY7WQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:16 2024 by rpki-client on console-ams.rpki-client.org