Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0e4506-174f-440a-a31c-bfff5142053f/1/O96rHrXzx2to5BtbVkr-ited5RA.roa
File: O96rHrXzx2to5BtbVkr-ited5RA.roa (raw, json)
Hash identifier: /67JBTBA4Ao1iXdj4k6XGkLpkWPdSWPT6BJCczEy1LA=
Subject key identifier: 3B:DE:AB:1E:B5:F3:C7:6B:68:E4:1B:5B:56:4A:FE:8A:D7:9D:E5:10
Certificate issuer: /CN=a52f6524085fa10e8c098ac2b5828a1f88c6913c
Certificate serial: 018573CCDB5CF29C7E8CF7AB3D2F298A6FCA
Authority key identifier: A5:2F:65:24:08:5F:A1:0E:8C:09:8A:C2:B5:82:8A:1F:88:C6:91:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS9lJAhfoQ6MCYrCtYKKH4jGkTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/0e4506-174f-440a-a31c-bfff5142053f/1/O96rHrXzx2to5BtbVkr-ited5RA.roa
Signing time: Mon 02 Jan 2023 18:44:43 +0000
ROA not before: Mon 02 Jan 2023 18:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208734
IP address blocks: 45.84.116.0/24 maxlen: 24
45.84.118.0/24 maxlen: 24
45.84.117.0/24 maxlen: 24
45.84.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:db:5c:f2:9c:7e:8c:f7:ab:3d:2f:29:8a:6f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52f6524085fa10e8c098ac2b5828a1f88c6913c
Validity
Not Before: Jan 2 18:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bdeab1eb5f3c76b68e41b5b564afe8ad79de510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c6:b7:37:ef:bb:dc:b8:4c:73:d1:97:a9:f3:
a6:8b:90:57:dd:20:55:1e:85:e1:e3:dd:32:72:6c:
e9:fe:8e:83:29:03:71:eb:e0:ed:3f:e3:f2:18:2d:
87:f0:a6:6e:66:f4:29:6b:14:02:57:2e:cc:3e:5e:
fb:bd:68:e4:6c:55:ff:0f:19:6a:99:4e:56:f9:e6:
e0:e0:71:33:f4:63:78:f2:4d:9c:63:e3:f9:be:33:
64:c3:7a:73:50:7d:39:7d:00:b0:02:03:ec:b0:e8:
71:09:10:e5:dc:2a:28:a7:b3:4d:5c:50:45:b8:1f:
c9:53:23:51:a2:00:98:b5:27:da:65:e8:6c:3f:3d:
e3:24:6e:05:53:e2:a0:8d:4d:a6:6a:1d:1b:0d:38:
d6:90:c0:ab:7e:eb:26:ad:39:4a:df:3d:c2:01:4a:
61:bb:82:8f:56:d2:00:be:fe:6e:71:7f:d1:b8:42:
53:15:21:f7:d3:f8:70:0f:33:b9:98:7c:c7:35:8f:
3f:66:19:4a:44:e3:68:60:02:de:a8:fe:92:5d:a1:
22:da:0f:99:d7:77:cf:b1:42:b2:92:1e:e7:a8:7a:
51:07:c6:08:f6:a5:18:e2:98:00:b4:28:d8:ef:79:
68:fc:57:31:a9:30:c0:27:4c:4c:ee:0b:97:7b:44:
cc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:DE:AB:1E:B5:F3:C7:6B:68:E4:1B:5B:56:4A:FE:8A:D7:9D:E5:10
X509v3 Authority Key Identifier:
keyid:A5:2F:65:24:08:5F:A1:0E:8C:09:8A:C2:B5:82:8A:1F:88:C6:91:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS9lJAhfoQ6MCYrCtYKKH4jGkTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0e4506-174f-440a-a31c-bfff5142053f/1/O96rHrXzx2to5BtbVkr-ited5RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0e4506-174f-440a-a31c-bfff5142053f/1/pS9lJAhfoQ6MCYrCtYKKH4jGkTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.116.0/22
Signature Algorithm: sha256WithRSAEncryption
70:19:46:9e:14:db:fc:a5:fe:1c:37:a2:32:14:91:52:cf:04:
82:c9:82:99:a6:bf:61:fd:56:e5:30:e8:cf:44:b5:db:d4:51:
91:c0:44:1e:a5:52:82:bc:ff:7d:03:03:10:65:8b:48:5f:33:
6e:33:3c:82:cb:fd:19:b2:81:31:1a:64:d5:00:e5:79:4b:13:
7c:ba:c8:2e:60:54:32:cb:bd:87:d0:47:6b:04:bc:e5:4a:de:
3d:78:c1:b1:23:e1:ff:f9:6a:4a:a3:5d:24:17:f5:91:ff:3e:
de:e1:8b:8a:41:29:ec:99:4b:d2:8b:41:5e:5d:46:e7:f3:ca:
84:77:85:e0:f4:9b:4d:3b:a1:33:39:f1:ab:ef:ca:75:60:dc:
ae:5d:73:0d:0b:39:df:a6:15:47:db:d3:a0:66:7a:b2:da:10:
4f:ab:1e:e2:a5:ef:15:f7:6f:83:80:9d:86:8b:b8:63:cd:9b:
d2:ec:61:05:a1:9b:32:ae:3c:6e:ee:de:3a:fd:a4:9d:86:57:
94:e8:4f:66:ed:83:7f:d8:00:0d:a2:3b:e2:74:ce:22:55:a8:
f8:da:13:b1:79:38:0c:c8:f0:52:a3:14:fa:dd:32:59:bf:a4:
b6:1e:29:f5:39:73:9b:32:69:48:93:0b:67:b7:44:7c:b2:c0:
fc:60:d4:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzzNtc8px+jPerPS8pim/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmY2NTI0MDg1ZmExMGU4YzA5OGFjMmI1ODI4YTFmODhj
NjkxM2MwHhcNMjMwMTAyMTg0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmRlYWIxZWI1ZjNjNzZiNjhlNDFiNWI1NjRhZmU4YWQ3OWRlNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8a3N++73LhMc9GXqfOmi5BX3SBV
HoXh490ycmzp/o6DKQNx6+DtP+PyGC2H8KZuZvQpaxQCVy7MPl77vWjkbFX/Dxlq
mU5W+ebg4HEz9GN48k2cY+P5vjNkw3pzUH05fQCwAgPssOhxCRDl3Coop7NNXFBF
uB/JUyNRogCYtSfaZehsPz3jJG4FU+KgjU2mah0bDTjWkMCrfusmrTlK3z3CAUph
u4KPVtIAvv5ucX/RuEJTFSH30/hwDzO5mHzHNY8/ZhlKRONoYALeqP6SXaEi2g+Z
13fPsUKykh7nqHpRB8YI9qUY4pgAtCjY73lo/FcxqTDAJ0xM7guXe0TMRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDveqx6188draOQbW1ZK/orXneUQMB8GA1UdIwQY
MBaAFKUvZSQIX6EOjAmKwrWCih+IxpE8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFM5bEpBaGZvUTZNQ1lyQ3RZS0tINGpHa1R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wZTQ1MDYtMTc0Zi00NDBhLWEzMWMt
YmZmZjUxNDIwNTNmLzEvTzk2ckhyWHp4MnRvNUJ0YlZrci1pdGVkNVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wZTQ1MDYtMTc0Zi00NDBhLWEzMWMtYmZmZjUxNDIwNTNm
LzEvcFM5bEpBaGZvUTZNQ1lyQ3RZS0tINGpHa1R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVR0MA0G
CSqGSIb3DQEBCwUAA4IBAQBwGUaeFNv8pf4cN6IyFJFSzwSCyYKZpr9h/VblMOjP
RLXb1FGRwEQepVKCvP99AwMQZYtIXzNuMzyCy/0ZsoExGmTVAOV5SxN8usguYFQy
y72H0EdrBLzlSt49eMGxI+H/+WpKo10kF/WR/z7e4YuKQSnsmUvSi0FeXUbn88qE
d4Xg9JtNO6EzOfGr78p1YNyuXXMNCznfphVH29OgZnqy2hBPqx7ipe8V92+DgJ2G
i7hjzZvS7GEFoZsyrjxu7t46/aSdhleU6E9m7YN/2AANojvidM4iVaj42hOxeTgM
yPBSoxT63TJZv6S2Hin1OXObMmlIkwtnt0R8ssD8YNSy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:35 2024 by rpki-client on console-ams.rpki-client.org