Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/2s5NNhAsWXtiGUzVGisHNE6hob0.roa
File: 2s5NNhAsWXtiGUzVGisHNE6hob0.roa (raw, json)
Hash identifier: /n/obgJQMtVSqovc00kz0d51DYUudx0svWt4EX5C158=
Subject key identifier: DA:CE:4D:36:10:2C:59:7B:62:19:4C:D5:1A:2B:07:34:4E:A1:A1:BD
Certificate issuer: /CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Certificate serial: 0185718C18B8A2DD005DE782ACA35749B840
Authority key identifier: 6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/2s5NNhAsWXtiGUzVGisHNE6hob0.roa
Signing time: Mon 02 Jan 2023 08:14:44 +0000
ROA not before: Mon 02 Jan 2023 08:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 45.140.192.0/24 maxlen: 24
45.140.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:18:b8:a2:dd:00:5d:e7:82:ac:a3:57:49:b8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cd98c2c54b0cbea134e27a981cfdde73236e055
Validity
Not Before: Jan 2 08:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dace4d36102c597b62194cd51a2b07344ea1a1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:2a:7a:b1:b9:05:23:82:4f:d8:5b:2e:01:
c4:55:2b:f7:fd:fa:d3:fd:28:a1:98:ca:a0:25:a9:
aa:97:a0:1a:63:42:6f:5d:ab:07:07:d9:8c:18:6d:
d2:67:ed:af:dc:5f:75:a4:05:fe:d5:64:ca:a5:0f:
ce:ce:b8:dc:1d:09:b9:68:51:8c:88:fa:34:de:cc:
aa:7c:60:fb:4b:ee:6f:98:68:99:9e:60:b0:bc:1f:
ff:dd:26:6e:a8:75:c9:19:fb:2c:7f:55:8f:65:d5:
de:5a:83:92:20:67:a7:2a:ce:da:dd:66:b4:81:2e:
d6:6d:13:07:96:21:d2:21:b3:f7:84:ac:9d:f6:6c:
02:23:ef:60:4a:d0:50:22:d2:6b:c7:66:80:b3:81:
84:18:8f:23:3f:c6:89:37:c5:0f:3f:14:cb:a4:95:
0a:73:1b:51:45:a5:c0:c2:b1:3f:cf:8b:ba:c5:f9:
e8:ad:bd:ed:8e:90:47:03:03:7f:52:ec:c4:5a:9d:
9f:b7:0b:f6:30:30:1e:88:16:42:ed:6d:10:5b:0d:
4f:52:47:76:e4:94:a3:63:54:23:2c:87:d7:95:c3:
73:bb:6e:7b:eb:de:a2:c0:72:81:e1:e1:86:ee:1e:
b3:bd:42:0b:e6:97:07:05:61:bc:e1:58:53:fd:78:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CE:4D:36:10:2C:59:7B:62:19:4C:D5:1A:2B:07:34:4E:A1:A1:BD
X509v3 Authority Key Identifier:
keyid:6C:D9:8C:2C:54:B0:CB:EA:13:4E:27:A9:81:CF:DD:E7:32:36:E0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNmMLFSwy-oTTiepgc_d5zI24FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/2s5NNhAsWXtiGUzVGisHNE6hob0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/01638c-6cb9-4589-909b-d37df634a929/1/bNmMLFSwy-oTTiepgc_d5zI24FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.192.0/23
Signature Algorithm: sha256WithRSAEncryption
65:07:d3:e3:2b:39:7d:ea:d9:d7:af:eb:89:84:04:06:cb:72:
5c:7c:69:52:a6:7a:c2:72:f6:e2:3d:8d:f7:42:8a:ac:fb:10:
f0:32:4b:3d:b3:b8:a0:f7:1d:a7:b4:78:4e:22:c5:c2:7a:c0:
c0:c9:cb:1e:4b:f7:04:ce:7e:2f:17:5c:32:82:18:7e:5c:d6:
a1:56:a4:b8:6a:44:d2:f7:3f:ac:a2:f9:3a:dd:0b:46:c0:a4:
3b:24:4e:64:5e:18:95:00:4c:0f:43:5f:8e:46:da:f4:2c:d6:
dc:1a:63:81:8d:59:8d:88:e8:3a:c6:dd:ae:b6:a1:b1:92:f7:
d0:b2:ae:96:86:f3:2b:c5:58:84:2a:21:3a:02:5c:e2:7f:df:
f5:61:26:0a:92:20:77:fa:b4:d4:5a:4d:95:e3:72:e8:db:38:
c5:d4:d0:d7:1f:84:99:6a:6c:96:7d:01:72:6d:e8:1f:90:b0:
2c:84:37:fb:36:cf:2b:eb:1f:54:79:98:f9:3c:80:c8:0d:77:
3b:aa:d9:ab:9e:f0:4f:06:ce:05:d6:7a:e2:70:32:d1:2f:53:
2a:4a:77:2a:0e:f6:e5:08:42:1a:cf:66:68:ee:3a:31:3d:40:
eb:0f:f1:c7:ed:ec:34:46:2c:e1:70:ba:08:b9:de:78:bb:99:
b2:be:89:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjBi4ot0AXeeCrKNXSbhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZDk4YzJjNTRiMGNiZWExMzRlMjdhOTgxY2ZkZGU3MzIz
NmUwNTUwHhcNMjMwMTAyMDgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNlNGQzNjEwMmM1OTdiNjIxOTRjZDUxYTJiMDczNDRlYTFhMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzgqerG5BSOCT9hbLgHEVSv3/frT
/SihmMqgJamql6AaY0JvXasHB9mMGG3SZ+2v3F91pAX+1WTKpQ/OzrjcHQm5aFGM
iPo03syqfGD7S+5vmGiZnmCwvB//3SZuqHXJGfssf1WPZdXeWoOSIGenKs7a3Wa0
gS7WbRMHliHSIbP3hKyd9mwCI+9gStBQItJrx2aAs4GEGI8jP8aJN8UPPxTLpJUK
cxtRRaXAwrE/z4u6xfnorb3tjpBHAwN/UuzEWp2ftwv2MDAeiBZC7W0QWw1PUkd2
5JSjY1QjLIfXlcNzu257696iwHKB4eGG7h6zvUIL5pcHBWG84VhT/Xj8SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrOTTYQLFl7YhlM1RorBzROoaG9MB8GA1UdIwQY
MBaAFGzZjCxUsMvqE04nqYHP3ecyNuBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWIt
ZDM3ZGY2MzRhOTI5LzEvMnM1Tk5oQXNXWHRpR1V6Vkdpc0hORTZob2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMTYzOGMtNmNiOS00NTg5LTkwOWItZDM3ZGY2MzRhOTI5
LzEvYk5tTUxGU3d5LW9UVGllcGdjX2Q1ekkyNEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYzAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlB9PjKzl96tnXr+uJhAQGy3JcfGlSpnrCcvbiPY33
Qoqs+xDwMks9s7ig9x2ntHhOIsXCesDAycseS/cEzn4vF1wyghh+XNahVqS4akTS
9z+sovk63QtGwKQ7JE5kXhiVAEwPQ1+ORtr0LNbcGmOBjVmNiOg6xt2utqGxkvfQ
sq6WhvMrxViEKiE6Alzif9/1YSYKkiB3+rTUWk2V43Lo2zjF1NDXH4SZamyWfQFy
begfkLAshDf7Ns8r6x9UeZj5PIDIDXc7qtmrnvBPBs4F1nricDLRL1MqSncqDvbl
CEIaz2Zo7joxPUDrD/HH7ew0RizhcLoIud54u5myvomV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:45 2024 by rpki-client on console-ams.rpki-client.org