Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/3VlZays9LCpR7o8ijlnBFzNmw8E.roa
File: 3VlZays9LCpR7o8ijlnBFzNmw8E.roa (raw, json)
Hash identifier: v9Dcrg3wDEpAXkvfYPYV1FxWVZo3BDbfmvP0Y2S56MQ=
Subject key identifier: DD:59:59:6B:2B:3D:2C:2A:51:EE:8F:22:8E:59:C1:17:33:66:C3:C1
Certificate issuer: /CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Certificate serial: 018CC2DAFB98B980D9677175189E6003FAF3
Authority key identifier: E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/3VlZays9LCpR7o8ijlnBFzNmw8E.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207944
IP address blocks: 45.151.176.0/22 maxlen: 22
45.151.176.0/24 maxlen: 24
45.151.179.0/24 maxlen: 24
45.151.178.0/24 maxlen: 24
45.151.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 08:50:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fb:98:b9:80:d9:67:71:75:18:9e:60:03:fa:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8e7271136b21a158aef409d30e2c6001d5b0da9
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd59596b2b3d2c2a51ee8f228e59c1173366c3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7e:51:4e:84:df:6c:67:44:91:92:f4:45:57:
f4:55:64:a7:51:00:07:ae:91:a1:a2:a9:d9:a4:4c:
12:e6:3f:09:90:b8:61:c8:5a:d6:be:45:5c:22:9f:
19:d7:33:51:60:eb:32:b3:2a:1f:c1:cc:c1:fe:3e:
9a:d7:df:21:f9:7a:f6:3a:0c:7a:18:26:16:ce:10:
7f:68:5a:ae:13:e3:c5:42:c4:bd:bf:8c:18:ea:75:
61:9e:ff:e6:73:38:0d:51:15:f7:07:f5:49:4d:28:
21:a2:e3:97:82:58:53:2a:46:77:f3:f9:b0:6b:14:
05:86:c2:e2:e5:6a:b2:dc:d6:54:f5:8d:b9:11:8a:
ef:92:22:24:ac:25:46:d2:82:10:8f:9b:11:88:40:
7e:b3:ae:f3:5f:76:f1:63:e7:1c:c8:05:33:1c:0d:
d7:10:3f:27:c8:92:be:5d:37:11:5b:f1:1c:45:3b:
11:bd:13:16:29:db:16:55:90:16:ec:af:27:c7:00:
c9:7d:1b:73:5e:d4:2d:26:eb:bc:5b:3b:0b:35:68:
9a:1b:ab:9b:52:d6:7b:81:0a:fa:2f:c9:1d:d3:13:
a4:d2:d7:5b:6a:66:51:b5:6c:79:5b:da:75:a9:79:
b6:63:ee:a3:d2:db:03:b0:13:8d:f8:8f:38:ee:63:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:59:59:6B:2B:3D:2C:2A:51:EE:8F:22:8E:59:C1:17:33:66:C3:C1
X509v3 Authority Key Identifier:
keyid:E8:E7:27:11:36:B2:1A:15:8A:EF:40:9D:30:E2:C6:00:1D:5B:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6OcnETayGhWK70CdMOLGAB1bDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/3VlZays9LCpR7o8ijlnBFzNmw8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/cbf425-b958-4e49-9c96-8356d2d42771/1/6OcnETayGhWK70CdMOLGAB1bDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.176.0/22
Signature Algorithm: sha256WithRSAEncryption
39:3f:9c:49:69:96:aa:22:f2:9f:13:63:f6:4c:18:33:cd:e1:
1c:c9:96:f7:38:91:20:29:c4:e4:99:62:70:d2:07:38:14:f5:
16:0d:6e:cd:00:af:ee:f9:7a:a4:87:80:8f:cd:38:7f:04:c8:
de:f2:96:ac:e6:a4:7a:f7:81:40:8a:58:00:c5:95:f4:9d:97:
a9:f7:c2:12:de:3a:9f:ac:33:19:4f:9b:cb:2c:c3:85:37:6d:
f3:83:fc:54:9e:af:63:e9:72:4c:dc:9b:44:e5:c2:76:da:fb:
ea:78:af:29:ad:d0:ff:14:9d:00:04:ad:7f:19:85:d3:87:21:
d0:40:82:c0:ef:ec:0c:58:35:c5:9c:9a:83:bc:d1:29:71:79:
f7:e8:4f:b9:de:67:6d:94:ac:74:f6:d4:99:32:23:2e:e8:ef:
08:23:80:14:67:d0:84:b4:4f:1a:60:aa:55:cc:16:9d:c1:c5:
f9:b2:6e:9a:29:97:70:c6:a0:c4:92:e3:04:93:2a:52:36:f3:
36:1c:f2:52:1e:14:56:ba:e5:9f:75:05:7a:2b:28:e3:fa:5c:
3b:c9:67:ce:fa:dc:18:7a:31:3a:85:b5:13:e7:12:52:cf:a9:
b1:8a:01:ff:6f:23:65:d1:de:8f:c2:c1:84:a8:9c:8a:f1:16:
f8:12:a9:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2vuYuYDZZ3F1GJ5gA/rzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZTcyNzExMzZiMjFhMTU4YWVmNDA5ZDMwZTJjNjAwMWQ1
YjBkYTkwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU5NTk2YjJiM2QyYzJhNTFlZThmMjI4ZTU5YzExNzMzNjZjM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn5RToTfbGdEkZL0RVf0VWSnUQAH
rpGhoqnZpEwS5j8JkLhhyFrWvkVcIp8Z1zNRYOsysyofwczB/j6a198h+Xr2Ogx6
GCYWzhB/aFquE+PFQsS9v4wY6nVhnv/mczgNURX3B/VJTSghouOXglhTKkZ38/mw
axQFhsLi5Wqy3NZU9Y25EYrvkiIkrCVG0oIQj5sRiEB+s67zX3bxY+ccyAUzHA3X
ED8nyJK+XTcRW/EcRTsRvRMWKdsWVZAW7K8nxwDJfRtzXtQtJuu8WzsLNWiaG6ub
UtZ7gQr6L8kd0xOk0tdbamZRtWx5W9p1qXm2Y+6j0tsDsBON+I847mOw4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1ZWWsrPSwqUe6PIo5ZwRczZsPBMB8GA1UdIwQY
MBaAFOjnJxE2shoViu9AnTDixgAdWw2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYt
ODM1NmQyZDQyNzcxLzEvM1ZsWmF5czlMQ3BSN284aWpsbkJGek5tdzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9jYmY0MjUtYjk1OC00ZTQ5LTljOTYtODM1NmQyZDQyNzcx
LzEvNk9jbkVUYXlHaFdLNzBDZE1PTEdBQjFiRGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZewMA0G
CSqGSIb3DQEBCwUAA4IBAQA5P5xJaZaqIvKfE2P2TBgzzeEcyZb3OJEgKcTkmWJw
0gc4FPUWDW7NAK/u+Xqkh4CPzTh/BMje8pas5qR694FAilgAxZX0nZep98IS3jqf
rDMZT5vLLMOFN23zg/xUnq9j6XJM3JtE5cJ22vvqeK8prdD/FJ0ABK1/GYXThyHQ
QILA7+wMWDXFnJqDvNEpcXn36E+53mdtlKx09tSZMiMu6O8II4AUZ9CEtE8aYKpV
zBadwcX5sm6aKZdwxqDEkuMEkypSNvM2HPJSHhRWuuWfdQV6Kyjj+lw7yWfO+twY
ejE6hbUT5xJSz6mxigH/byNl0d6PwsGEqJyK8Rb4Eqmv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org