Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/1-2rzQgG5nVeHKMdEPtZ88ZFlqBY.roa
File: 1-2rzQgG5nVeHKMdEPtZ88ZFlqBY.roa (raw, json)
Hash identifier: byjvr7KatHT/vSmB0KpHQTTjYN12WSsqnupj2Eujxmw=
Subject key identifier: FB:6A:F3:42:01:B9:9D:57:87:28:C7:44:3E:D6:7C:F1:91:65:A8:16
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB85AD1C4E0C387F158889E5E757C29
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/1-2rzQgG5nVeHKMdEPtZ88ZFlqBY.roa
Signing time: Sun 01 Jan 2023 09:44:59 +0000
ROA not before: Sun 01 Jan 2023 09:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 45.81.129.0/24 maxlen: 24
45.81.130.0/23 maxlen: 23
45.133.237.0/24 maxlen: 24
45.133.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5a:d1:c4:e0:c3:87:f1:58:88:9e:5e:75:7c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb6af34201b99d578728c7443ed67cf19165a816
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:97:c3:2d:be:f7:0f:29:75:4a:87:7e:87:fa:
35:c6:b6:11:e9:ca:35:5d:a1:de:63:bb:f5:5a:2a:
bf:a5:18:5d:f0:6e:75:33:da:91:cb:9d:ad:9c:5b:
f7:f2:3a:7b:bc:2b:d3:6d:de:24:88:b1:0d:88:b6:
60:d7:72:e5:b6:cc:99:15:cc:6b:19:ea:d1:f2:77:
1f:49:71:6a:ae:c0:22:9f:b4:9f:1d:36:41:45:d3:
c7:5e:05:1f:f2:1c:49:14:f8:b9:09:cd:43:1d:71:
cc:2d:c0:8e:42:81:fa:e9:cf:94:99:70:b1:a7:92:
76:ff:f5:8b:93:0c:13:cb:d5:ff:22:e9:be:07:cd:
dc:a5:27:f2:89:93:af:db:a4:54:1c:2d:ab:25:4f:
ef:0e:28:9e:ce:2d:cf:51:95:d4:a0:92:42:72:c1:
8a:db:aa:b5:78:34:71:75:dd:2c:af:d1:ce:66:a9:
06:98:b9:4d:ce:ab:92:b0:dd:14:98:96:8b:73:72:
08:39:f7:26:84:6c:f7:c9:1a:f7:07:8c:11:70:3f:
d4:0b:9a:b6:a1:b8:bd:1b:94:91:52:3e:35:e2:3f:
95:29:1d:52:71:c4:74:5f:c9:68:f6:f1:8c:6d:7d:
3e:88:4c:98:ee:26:cf:d6:d3:41:fe:10:d2:75:09:
ee:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6A:F3:42:01:B9:9D:57:87:28:C7:44:3E:D6:7C:F1:91:65:A8:16
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/1-2rzQgG5nVeHKMdEPtZ88ZFlqBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.129.0-45.81.131.255
45.133.236.0/23
Signature Algorithm: sha256WithRSAEncryption
43:c4:be:5c:63:65:cf:c4:1e:df:6f:7c:bc:89:ca:08:b8:ca:
2e:04:e2:51:30:59:4f:b5:ec:69:64:e0:61:97:e9:2a:2d:e5:
6e:37:49:37:19:88:94:11:48:5c:b9:dd:17:9b:32:be:27:c5:
fd:5d:c1:fa:ef:29:2b:52:7d:2e:fd:96:ae:8f:21:fe:5b:c3:
c1:5d:45:c6:16:61:57:fe:ae:e8:45:1c:4e:3e:c1:63:aa:eb:
95:99:eb:b9:e5:9d:9a:3c:df:db:08:0a:34:ad:a2:78:64:66:
8f:c1:73:de:cd:24:f4:ac:8b:a6:4e:12:f0:88:af:89:ed:e2:
c2:77:4a:29:b3:17:1b:9f:d3:5c:69:2c:69:d6:32:84:6c:a4:
a1:ae:9c:39:59:f5:60:4a:ee:bd:ba:62:f1:13:96:c5:30:c2:
7a:d0:f6:21:8a:af:4e:64:e7:c2:b6:2c:a5:12:a6:57:48:d5:
01:ed:34:66:cc:b6:47:bd:b4:bf:10:2d:36:d0:ee:59:f1:cb:
63:54:18:f1:0d:22:6d:d3:fc:91:e6:56:d4:99:4d:5c:80:fe:
e1:47:8f:3b:6f:8f:0f:e3:89:c7:da:6e:73:27:b1:8c:9a:b8:
75:a0:a6:1d:b3:65:ef:08:09:64:ff:6a:a3:1e:9c:97:c0:95:
e7:ea:a6:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsuFrRxODDh/FYiJ5edXwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZhZjM0MjAxYjk5ZDU3ODcyOGM3NDQzZWQ2N2NmMTkxNjVhODE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJfDLb73Dyl1Sod+h/o1xrYR6co1
XaHeY7v1Wiq/pRhd8G51M9qRy52tnFv38jp7vCvTbd4kiLENiLZg13LltsyZFcxr
GerR8ncfSXFqrsAin7SfHTZBRdPHXgUf8hxJFPi5Cc1DHXHMLcCOQoH66c+UmXCx
p5J2//WLkwwTy9X/Ium+B83cpSfyiZOv26RUHC2rJU/vDiiezi3PUZXUoJJCcsGK
26q1eDRxdd0sr9HOZqkGmLlNzquSsN0UmJaLc3IIOfcmhGz3yRr3B4wRcD/UC5q2
obi9G5SRUj414j+VKR1SccR0X8lo9vGMbX0+iEyY7ibP1tNB/hDSdQnuHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPtq80IBuZ1XhyjHRD7WfPGRZagWMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvMS0ycnpRZ0c1blZlSEtNZEVQdFo4OFpGbHFCWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvNGRlODg5LWRjOWQtNDFlNS1iM2FhLTBkN2I1NTFmODI4
Yy8xL1d5M1pfbUtMYThFQlFkNENRWFpxRzNwakdUOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQALVGB
AwQCLVGAAwQBLYXsMA0GCSqGSIb3DQEBCwUAA4IBAQBDxL5cY2XPxB7fb3y8icoI
uMouBOJRMFlPtexpZOBhl+kqLeVuN0k3GYiUEUhcud0XmzK+J8X9XcH67ykrUn0u
/ZaujyH+W8PBXUXGFmFX/q7oRRxOPsFjquuVmeu55Z2aPN/bCAo0raJ4ZGaPwXPe
zST0rIumThLwiK+J7eLCd0opsxcbn9NcaSxp1jKEbKShrpw5WfVgSu69umLxE5bF
MMJ60PYhiq9OZOfCtiylEqZXSNUB7TRmzLZHvbS/EC020O5Z8ctjVBjxDSJt0/yR
5lbUmU1cgP7hR487b48P44nH2m5zJ7GMmrh1oKYds2XvCAlk/2qjHpyXwJXn6qZE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org