Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/S2Hjr7GOcP_LDAnyr6FZdh-AvU8.roa
File: S2Hjr7GOcP_LDAnyr6FZdh-AvU8.roa (raw, json)
Hash identifier: YlJAiwZLH5kjlRZ8HnghcQxsfjpAP2RK0nK7DLXZlho=
Subject key identifier: 4B:61:E3:AF:B1:8E:70:FF:CB:0C:09:F2:AF:A1:59:76:1F:80:BD:4F
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 018571FA2C5971B584953E20E19567EEBFD7
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/S2Hjr7GOcP_LDAnyr6FZdh-AvU8.roa
Signing time: Mon 02 Jan 2023 10:14:58 +0000
ROA not before: Mon 02 Jan 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2830
IP address blocks: 145.46.144.0/20 maxlen: 20
145.46.192.0/19 maxlen: 19
145.46.224.0/20 maxlen: 20
145.46.128.0/20 maxlen: 20
2a10:3000::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:2c:59:71:b5:84:95:3e:20:e1:95:67:ee:bf:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Jan 2 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b61e3afb18e70ffcb0c09f2afa159761f80bd4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:02:2f:c2:8b:69:94:ef:33:0d:7d:26:16:1f:
fc:69:a4:d4:9c:de:6d:c7:b4:46:0d:36:57:e7:b1:
74:3b:72:cb:75:3f:7c:92:2d:1f:b8:56:cd:ea:30:
e3:b7:6c:98:dd:8e:2c:b0:6b:08:92:c5:08:d5:e6:
a1:52:98:ab:52:3e:05:b2:35:16:98:d5:b5:fa:1f:
1e:d3:85:7e:cf:4b:fb:fb:c4:bf:ad:49:82:53:46:
0c:ac:f3:c0:50:58:0f:7d:1c:71:f4:7e:8c:8f:20:
8c:b9:19:a5:0a:5b:89:74:c1:6b:d4:96:8b:f7:55:
dc:ff:5e:92:d4:9f:0b:93:f1:93:ee:fe:cd:09:b2:
00:d3:d2:5c:d4:eb:63:71:7b:22:59:31:6f:1e:85:
56:49:e9:54:07:e4:2e:dd:e0:1f:9e:04:34:c8:da:
c5:db:bc:b4:c8:51:30:6c:da:83:85:89:5f:c0:d0:
1f:e3:f3:af:63:06:62:0b:d0:e6:44:c7:17:c4:e3:
42:2e:d1:bb:30:dd:74:f1:cf:b0:6d:62:af:51:a5:
40:16:6a:4e:ca:48:92:29:cc:c0:67:5e:98:06:40:
51:87:5f:0e:a9:34:1f:03:68:4c:15:d6:e0:60:5d:
09:d6:63:0a:6a:c0:95:61:93:ff:b3:37:46:94:62:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:61:E3:AF:B1:8E:70:FF:CB:0C:09:F2:AF:A1:59:76:1F:80:BD:4F
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/S2Hjr7GOcP_LDAnyr6FZdh-AvU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.128.0/19
145.46.192.0-145.46.239.255
IPv6:
2a10:3000::/29
Signature Algorithm: sha256WithRSAEncryption
a0:de:68:d4:0a:be:58:87:91:3f:93:2d:dc:78:30:f3:59:3b:
6d:b3:73:17:36:73:94:8e:b8:a9:56:db:d4:35:ee:30:e4:5b:
8e:fa:2a:25:25:02:24:17:2a:a3:51:ec:44:0d:e5:01:2f:34:
6f:ef:fb:1a:bf:1d:b7:73:1b:96:3b:b0:19:60:71:4f:55:da:
d4:00:ec:67:e7:ee:1e:64:cc:51:3a:0a:38:b9:3c:6a:e6:79:
89:bb:91:04:3d:24:78:ad:4b:38:ff:56:dd:f9:ff:e1:cc:7e:
3a:6f:fe:3b:7e:c5:2c:63:f1:e1:88:9a:a8:62:65:99:55:67:
24:f7:93:61:a2:aa:57:ef:dd:da:53:82:88:06:6a:61:60:2e:
f8:70:5a:ae:ad:10:16:a4:00:f3:4c:7c:4a:13:b9:86:89:65:
70:d6:ff:b4:5f:90:dd:a5:47:f3:b7:f0:bc:77:8e:39:c2:3c:
29:ae:01:96:60:c7:9a:23:f9:30:d9:86:e2:0d:f9:5d:6c:02:
a8:37:84:45:a2:57:a6:88:a2:ee:4a:00:d2:8d:33:df:e4:0f:
19:93:3f:6a:60:39:b8:84:98:97:94:80:1f:4f:33:01:e3:08:
c9:5f:d0:c2:04:a0:9c:c2:65:80:6e:60:c5:fa:64:a5:29:34:
25:9d:eb:0e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVx+ixZcbWElT4g4ZVn7r/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYxZTNhZmIxOGU3MGZmY2IwYzA5ZjJhZmExNTk3NjFmODBiZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QIvwotplO8zDX0mFh/8aaTUnN5t
x7RGDTZX57F0O3LLdT98ki0fuFbN6jDjt2yY3Y4ssGsIksUI1eahUpirUj4FsjUW
mNW1+h8e04V+z0v7+8S/rUmCU0YMrPPAUFgPfRxx9H6MjyCMuRmlCluJdMFr1JaL
91Xc/16S1J8Lk/GT7v7NCbIA09Jc1OtjcXsiWTFvHoVWSelUB+Qu3eAfngQ0yNrF
27y0yFEwbNqDhYlfwNAf4/OvYwZiC9DmRMcXxONCLtG7MN108c+wbWKvUaVAFmpO
ykiSKczAZ16YBkBRh18OqTQfA2hMFdbgYF0J1mMKasCVYZP/szdGlGKJyQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEth46+xjnD/ywwJ8q+hWXYfgL1PMB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvUzJIanI3R09jUF9MREFueXI2RlpkaC1BdlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFkS6AMAwD
BAaRLsADBASRLuAwDQQCAAIwBwMFAyoQMAAwDQYJKoZIhvcNAQELBQADggEBAKDe
aNQKvliHkT+TLdx4MPNZO22zcxc2c5SOuKlW29Q17jDkW476KiUlAiQXKqNR7EQN
5QEvNG/v+xq/HbdzG5Y7sBlgcU9V2tQA7Gfn7h5kzFE6Cji5PGrmeYm7kQQ9JHit
Szj/Vt35/+HMfjpv/jt+xSxj8eGImqhiZZlVZyT3k2Giqlfv3dpTgogGamFgLvhw
Wq6tEBakAPNMfEoTuYaJZXDW/7RfkN2lR/O38Lx3jjnCPCmuAZZgx5oj+TDZhuIN
+V1sAqg3hEWiV6aIou5KANKNM9/kDxmTP2pgObiEmJeUgB9PMwHjCMlf0MIEoJzC
ZYBuYMX6ZKUpNCWd6w4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:20 2024 by rpki-client on console-ams.rpki-client.org