Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/TfLMhTUwD6K8HX2PWh8F_QCm_3s.roa
File: TfLMhTUwD6K8HX2PWh8F_QCm_3s.roa (raw, json)
Hash identifier: FSOuyfOSwZkodSEP5N45wVqjkQovDzQcwoLpgzNHZzw=
Subject key identifier: 4D:F2:CC:85:35:30:0F:A2:BC:1D:7D:8F:5A:1F:05:FD:00:A6:FF:7B
Certificate issuer: /CN=061474cecdf5f503adab60fc55ee7f78a0dba9f2
Certificate serial: 01856CC1677842B595A3B964E37973467E33
Authority key identifier: 06:14:74:CE:CD:F5:F5:03:AD:AB:60:FC:55:EE:7F:78:A0:DB:A9:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhR0zs319QOtq2D8Ve5_eKDbqfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/TfLMhTUwD6K8HX2PWh8F_QCm_3s.roa
Signing time: Sun 01 Jan 2023 09:54:52 +0000
ROA not before: Sun 01 Jan 2023 09:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208925
IP address blocks: 45.14.250.0/24 maxlen: 24
45.14.249.0/24 maxlen: 24
45.14.248.0/24 maxlen: 24
45.14.248.0/22 maxlen: 22
45.14.251.0/24 maxlen: 24
2a12:d340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:67:78:42:b5:95:a3:b9:64:e3:79:73:46:7e:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=061474cecdf5f503adab60fc55ee7f78a0dba9f2
Validity
Not Before: Jan 1 09:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4df2cc8535300fa2bc1d7d8f5a1f05fd00a6ff7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a2:da:4b:c1:eb:7d:73:84:3a:5a:7e:87:ad:
99:9d:ab:ef:ef:1c:40:26:96:fd:81:88:0e:57:01:
5d:1e:85:dc:3a:2f:7d:3c:f5:d8:50:ee:5b:2d:80:
b5:e9:73:65:61:97:c4:1f:8d:9b:11:5a:f6:29:fc:
c8:90:8c:08:25:dd:a1:22:3f:af:88:75:16:be:4a:
42:bc:48:30:e7:36:54:ca:76:e2:59:39:1e:c9:a6:
0d:e0:fd:91:fa:bc:1a:a2:61:8a:93:26:d8:1b:3e:
aa:fb:33:0f:bf:b5:5e:ac:21:90:3b:c6:a3:a8:f8:
10:e9:67:57:a3:9b:f4:c3:2f:3c:30:d3:da:eb:61:
aa:05:89:c2:11:12:a2:50:09:15:f1:cf:f5:1b:87:
ae:1a:d7:6c:e2:d5:71:d9:61:0e:05:1b:4e:08:85:
21:70:ac:18:e2:d1:ae:84:f2:a0:08:0a:6c:4b:1a:
cf:99:dd:e6:e7:80:d7:88:a8:26:f6:99:1a:99:55:
2e:49:ca:3b:bb:23:40:bb:9a:c7:20:62:6e:83:d4:
62:9f:e3:12:c1:d9:63:6f:2a:0a:2d:a6:a4:de:ce:
bc:7a:9f:b6:88:f5:3e:f3:02:74:d0:2c:15:f1:5c:
af:0a:ff:b0:c5:e6:2e:3e:2a:1a:44:bb:9c:90:ea:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F2:CC:85:35:30:0F:A2:BC:1D:7D:8F:5A:1F:05:FD:00:A6:FF:7B
X509v3 Authority Key Identifier:
keyid:06:14:74:CE:CD:F5:F5:03:AD:AB:60:FC:55:EE:7F:78:A0:DB:A9:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhR0zs319QOtq2D8Ve5_eKDbqfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/TfLMhTUwD6K8HX2PWh8F_QCm_3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/BhR0zs319QOtq2D8Ve5_eKDbqfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.248.0/22
IPv6:
2a12:d340::/29
Signature Algorithm: sha256WithRSAEncryption
b0:0b:97:d1:79:63:88:cf:5e:dc:62:a5:82:da:06:5d:10:a3:
25:24:70:5e:60:c0:11:31:c4:ea:7e:d8:63:a1:14:19:fc:99:
1f:87:57:9e:71:fb:95:0b:7f:21:0e:d5:ed:ef:7f:a2:1b:27:
f8:c0:bf:1b:c0:53:3f:b3:82:0e:ee:bf:e7:14:98:60:4d:f8:
22:f8:6b:d0:35:d2:87:d0:7f:ee:7b:15:bd:49:93:bd:ed:0a:
6f:50:d8:81:a2:3b:cf:43:fd:2e:9e:e2:3b:04:e1:74:60:5d:
f1:cf:73:90:3b:05:45:b6:87:dd:b8:b9:fa:50:f6:86:d5:5e:
69:12:de:27:ca:57:6d:4e:be:82:a2:0d:c9:82:34:8e:6c:17:
3e:05:02:51:59:89:a6:69:a2:ba:d0:fc:d9:9d:f1:16:31:84:
11:2d:85:b7:e2:76:e0:12:72:db:e7:db:b7:77:bb:1e:0b:40:
5f:ea:84:66:17:32:0b:9d:d0:bd:5b:e7:ed:29:74:cd:2c:76:
99:4c:e1:6c:fa:85:48:a6:04:2d:7c:e1:d4:53:46:c5:18:53:
80:3f:b8:98:4c:79:21:93:8e:3a:55:8a:99:85:8c:97:a6:8a:
55:5d:65:0f:e5:31:8a:9b:84:9b:ea:07:c0:58:86:c5:7d:b1:
39:2c:74:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswWd4QrWVo7lk43lzRn4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MTQ3NGNlY2RmNWY1MDNhZGFiNjBmYzU1ZWU3Zjc4YTBk
YmE5ZjIwHhcNMjMwMTAxMDk1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYyY2M4NTM1MzAwZmEyYmMxZDdkOGY1YTFmMDVmZDAwYTZmZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6LaS8HrfXOEOlp+h62Znavv7xxA
Jpb9gYgOVwFdHoXcOi99PPXYUO5bLYC16XNlYZfEH42bEVr2KfzIkIwIJd2hIj+v
iHUWvkpCvEgw5zZUynbiWTkeyaYN4P2R+rwaomGKkybYGz6q+zMPv7VerCGQO8aj
qPgQ6WdXo5v0wy88MNPa62GqBYnCERKiUAkV8c/1G4euGtds4tVx2WEOBRtOCIUh
cKwY4tGuhPKgCApsSxrPmd3m54DXiKgm9pkamVUuSco7uyNAu5rHIGJug9Rin+MS
wdljbyoKLaak3s68ep+2iPU+8wJ00CwV8VyvCv+wxeYuPioaRLuckOq1MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE3yzIU1MA+ivB19j1ofBf0Apv97MB8GA1UdIwQY
MBaAFAYUdM7N9fUDratg/FXuf3ig26nyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmhSMHpzMzE5UU90cTJEOFZlNV9lS0RicWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NmRmZjMtYWJlNS00OGZiLWFhMjUt
NTI2ZTdmNmQ3ZjViLzEvVGZMTWhUVXdENks4SFgyUFdoOEZfUUNtXzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NmRmZjMtYWJlNS00OGZiLWFhMjUtNTI2ZTdmNmQ3ZjVi
LzEvQmhSMHpzMzE5UU90cTJEOFZlNV9lS0RicWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ74MA0E
AgACMAcDBQMqEtNAMA0GCSqGSIb3DQEBCwUAA4IBAQCwC5fReWOIz17cYqWC2gZd
EKMlJHBeYMARMcTqfthjoRQZ/Jkfh1eecfuVC38hDtXt73+iGyf4wL8bwFM/s4IO
7r/nFJhgTfgi+GvQNdKH0H/uexW9SZO97QpvUNiBojvPQ/0unuI7BOF0YF3xz3OQ
OwVFtofduLn6UPaG1V5pEt4nyldtTr6Cog3JgjSObBc+BQJRWYmmaaK60PzZnfEW
MYQRLYW34nbgEnLb59u3d7seC0Bf6oRmFzILndC9W+ftKXTNLHaZTOFs+oVIpgQt
fOHUU0bFGFOAP7iYTHkhk446VYqZhYyXpopVXWUP5TGKm4Sb6gfAWIbFfbE5LHSJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org