Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Fg0ipgNTr93OXee_l2M9cDWvV_A.roa
File: Fg0ipgNTr93OXee_l2M9cDWvV_A.roa (raw, json)
Hash identifier: FOjAHRNdQ5tc7+SjINfeSuI3MDKjuk+Ex5roy5Qis20=
Subject key identifier: 16:0D:22:A6:03:53:AF:DD:CE:5D:E7:BF:97:63:3D:70:35:AF:57:F0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0185E89714FD627E6091901AB2DD1175B906
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Fg0ipgNTr93OXee_l2M9cDWvV_A.roa
Signing time: Wed 25 Jan 2023 11:01:33 +0000
ROA not before: Wed 25 Jan 2023 11:01:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.90.19.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 20 Feb 2023 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:97:14:fd:62:7e:60:91:90:1a:b2:dd:11:75:b9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 25 11:01:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=160d22a60353afddce5de7bf97633d7035af57f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:4c:d4:79:2a:a0:67:87:fa:cf:67:48:21:
47:05:fb:1d:b1:e5:08:50:d6:de:03:77:03:f5:27:
0b:e2:0e:26:7d:c9:d6:7a:42:86:14:77:77:62:e7:
15:ca:69:93:90:b1:52:f2:21:78:90:8e:4c:29:bf:
2a:04:e1:2f:00:cf:40:60:66:19:a2:ed:5b:5b:0b:
86:e9:75:cf:0d:ea:72:1b:fe:3b:29:84:6f:09:28:
ef:2d:ff:d0:99:dd:0d:6c:d2:22:d8:63:9e:47:07:
40:15:03:c6:25:3c:62:9f:83:58:c0:7b:50:6b:06:
b6:7d:ba:2b:63:10:ba:96:be:63:c7:32:86:62:e2:
ba:ad:23:1b:a6:9f:34:8c:bc:e3:44:6c:73:c5:6e:
d9:89:1e:c5:53:55:f3:d3:0a:44:66:56:b1:87:98:
b3:c2:14:96:c0:3d:bd:b8:7c:a2:5f:27:07:39:0e:
bb:87:8e:b4:76:d9:d0:de:c5:86:7c:c9:6d:a7:8b:
8a:d4:3c:b3:d0:89:2d:81:79:b0:86:46:ac:e0:ea:
8e:a1:a8:42:ca:e2:f5:fa:30:5f:cd:75:8a:df:2c:
29:13:da:94:1b:1a:42:b3:ec:1b:09:ac:d4:b0:ef:
1d:b6:a6:9c:71:9e:1c:f2:82:c7:fc:77:4d:a3:fc:
10:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0D:22:A6:03:53:AF:DD:CE:5D:E7:BF:97:63:3D:70:35:AF:57:F0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Fg0ipgNTr93OXee_l2M9cDWvV_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
45.147.224.0/24
185.225.0.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:cc:85:1b:bd:cc:0d:bd:cf:b9:05:9b:16:dd:c3:c6:c3:30:
a5:2a:94:fb:4b:79:89:d1:e5:6a:d3:eb:1b:18:42:9c:81:1d:
01:61:ca:52:4b:96:b8:69:6f:64:1f:ba:40:5a:8c:a8:ad:e0:
29:f5:89:21:97:a2:5e:5b:d2:95:27:82:1d:f9:9f:8f:a3:b9:
c8:59:5b:33:92:67:ed:42:1f:fd:c1:ec:f2:dd:52:08:0b:af:
64:c0:cf:63:35:1f:c7:1b:4c:17:8f:ec:54:79:db:5e:6c:ac:
d5:09:30:7d:e0:82:7f:ac:03:ba:7a:d9:c6:eb:00:eb:6b:de:
88:0a:8b:bb:1d:8a:78:ae:1d:e7:8a:91:07:d2:12:ff:40:16:
c3:0b:49:b5:5f:e7:84:8e:b0:98:63:db:96:e5:45:93:9e:e2:
e7:53:ed:fd:36:5b:bf:14:26:7a:3f:da:6e:ee:40:17:a0:e6:
ab:37:be:46:5b:21:58:1e:63:2a:81:6d:f5:ff:9f:00:da:2c:
a2:49:8a:4c:ea:0c:35:34:48:02:e6:24:53:48:27:23:02:a6:
f5:c1:f6:aa:ab:ae:10:a6:af:7d:26:bd:73:bc:31:e8:c2:b3:
ce:76:06:d2:e7:46:5a:3c:e3:38:f8:eb:0c:7b:50:a4:0a:cf:
02:7c:90:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXolxT9Yn5gkZAast0RdbkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTI1MTEwMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjBkMjJhNjAzNTNhZmRkY2U1ZGU3YmY5NzYzM2Q3MDM1YWY1N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsFM1HkqoGeH+s9nSCFHBfsdseUI
UNbeA3cD9ScL4g4mfcnWekKGFHd3YucVymmTkLFS8iF4kI5MKb8qBOEvAM9AYGYZ
ou1bWwuG6XXPDepyG/47KYRvCSjvLf/Qmd0NbNIi2GOeRwdAFQPGJTxin4NYwHtQ
awa2fborYxC6lr5jxzKGYuK6rSMbpp80jLzjRGxzxW7ZiR7FU1Xz0wpEZlaxh5iz
whSWwD29uHyiXycHOQ67h460dtnQ3sWGfMltp4uK1Dyz0IktgXmwhkas4OqOoahC
yuL1+jBfzXWK3ywpE9qUGxpCs+wbCazUsO8dtqaccZ4c8oLH/HdNo/wQ+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBYNIqYDU6/dzl3nv5djPXA1r1fwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRmcwaXBnTlRyOTNPWGVlX2wyTTljRFd2Vl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVoTAwQA
LZPgAwQBueEAMA0GCSqGSIb3DQEBCwUAA4IBAQCezIUbvcwNvc+5BZsW3cPGwzCl
KpT7S3mJ0eVq0+sbGEKcgR0BYcpSS5a4aW9kH7pAWoyoreAp9Ykhl6JeW9KVJ4Id
+Z+Po7nIWVszkmftQh/9wezy3VIIC69kwM9jNR/HG0wXj+xUedtebKzVCTB94IJ/
rAO6etnG6wDra96ICou7HYp4rh3nipEH0hL/QBbDC0m1X+eEjrCYY9uW5UWTnuLn
U+39Nlu/FCZ6P9pu7kAXoOarN75GWyFYHmMqgW31/58A2iyiSYpM6gw1NEgC5iRT
SCcjAqb1wfaqq64Qpq99Jr1zvDHowrPOdgbS50ZaPOM4+OsMe1CkCs8CfJDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org