Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/GuoeAmP7BqqrlHEcY8NZnpVsG2s.roa
File: GuoeAmP7BqqrlHEcY8NZnpVsG2s.roa (raw, json)
Hash identifier: zJZdEo2DLRvvHLnvsg+D8YR5j61uQJjcMWKXAkFoPrk=
Subject key identifier: 1A:EA:1E:02:63:FB:06:AA:AB:94:71:1C:63:C3:59:9E:95:6C:1B:6B
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 018570C2C776AE9F95EACB208C7075E724F9
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/GuoeAmP7BqqrlHEcY8NZnpVsG2s.roa
Signing time: Mon 02 Jan 2023 04:34:51 +0000
ROA not before: Mon 02 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.156.97.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.96.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c7:76:ae:9f:95:ea:cb:20:8c:70:75:e7:24:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Jan 2 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1aea1e0263fb06aaab94711c63c3599e956c1b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:06:ee:68:c2:d5:4f:42:65:a8:2a:9f:6a:62:
88:8e:a5:9c:4e:de:13:9f:75:15:9e:87:15:0f:b0:
38:d3:d3:db:ca:d1:0a:ba:8e:2d:30:7d:54:e2:56:
2e:71:3c:61:43:c1:8b:dc:e8:ca:a3:46:b6:72:73:
5b:32:18:23:5e:a4:29:6e:64:85:59:9c:3f:be:c7:
92:e0:80:d5:2f:fe:0a:b1:5f:49:65:c1:b6:ba:15:
2a:f6:07:61:68:f5:31:3c:09:78:37:65:09:8f:eb:
45:13:1c:58:e8:50:01:10:0a:aa:31:ec:67:3e:05:
58:70:bf:93:7c:51:50:33:a3:1f:2f:b1:31:c2:2e:
14:be:63:88:3e:c2:b7:a3:86:07:d8:be:22:46:e1:
b2:e3:f8:e9:7d:da:1d:2c:18:73:09:5a:9a:42:30:
4f:1b:66:56:ff:7a:24:4a:e2:b8:da:8d:c6:ed:c3:
21:a0:4c:7a:53:70:96:3e:a3:e6:b3:14:d3:f7:40:
0c:d6:88:3d:9e:4a:7e:6a:28:a1:8d:4d:74:0a:a5:
c5:c0:13:4c:d3:38:ed:ea:2a:09:69:19:a9:ee:5e:
5f:29:52:11:93:28:d9:54:4d:df:85:1f:74:b5:9e:
e2:e1:d6:4e:2c:01:3f:a9:8b:48:fe:2d:28:bb:67:
ec:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:EA:1E:02:63:FB:06:AA:AB:94:71:1C:63:C3:59:9E:95:6C:1B:6B
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/GuoeAmP7BqqrlHEcY8NZnpVsG2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
39:a4:1a:ae:ec:ef:5a:8c:d1:69:82:36:d6:ba:bb:e5:4c:51:
57:21:05:25:eb:d2:de:ff:a6:0d:1c:10:04:cc:ca:08:b7:98:
da:4d:a0:2a:a6:fe:75:7a:07:59:53:48:12:fa:6e:58:01:b7:
a9:8d:5a:ad:f7:d9:be:8a:5c:a9:be:38:c6:eb:db:df:c3:4f:
be:e4:33:fa:76:56:b4:d5:4d:95:d7:98:66:82:b7:20:54:40:
07:04:58:65:c6:4f:b0:8c:2f:97:43:dc:05:ee:f1:b9:92:55:
ae:fa:29:1d:3f:e9:5b:83:2c:1c:51:81:d3:b8:f7:4e:69:64:
3d:27:be:21:32:57:1c:79:d1:e4:7a:b9:94:3a:b6:fb:ff:95:
df:5d:77:e3:bb:fb:c1:f8:b1:10:2c:f5:4b:cf:26:40:59:e4:
de:09:da:b8:7f:af:e0:dc:7c:60:a7:e5:e0:3b:15:e4:c0:09:
11:da:fc:ef:58:9a:ad:95:78:8a:c7:6c:c3:b7:49:9f:5f:79:
04:62:67:aa:6e:27:3c:3f:6a:62:6a:af:ef:68:1c:50:9f:2d:
d9:75:cf:82:4c:43:29:96:d8:76:08:2c:f3:25:03:5c:e4:4c:
28:1e:6a:c9:09:28:75:88:b9:3d:78:ca:cd:a4:83:7c:53:1b:
85:d7:db:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwwsd2rp+V6ssgjHB15yT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjMwMTAyMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWVhMWUwMjYzZmIwNmFhYWI5NDcxMWM2M2MzNTk5ZTk1NmMxYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQbuaMLVT0JlqCqfamKIjqWcTt4T
n3UVnocVD7A409PbytEKuo4tMH1U4lYucTxhQ8GL3OjKo0a2cnNbMhgjXqQpbmSF
WZw/vseS4IDVL/4KsV9JZcG2uhUq9gdhaPUxPAl4N2UJj+tFExxY6FABEAqqMexn
PgVYcL+TfFFQM6MfL7Exwi4UvmOIPsK3o4YH2L4iRuGy4/jpfdodLBhzCVqaQjBP
G2ZW/3okSuK42o3G7cMhoEx6U3CWPqPmsxTT90AM1og9nkp+aiihjU10CqXFwBNM
0zjt6ioJaRmp7l5fKVIRkyjZVE3fhR90tZ7i4dZOLAE/qYtI/i0ou2fszwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBrqHgJj+waqq5RxHGPDWZ6VbBtrMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvR3VvZUFtUDdCcXFybEhFY1k4TlpucFZzRzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQA5pBqu7O9ajNFpgjbWurvl
TFFXIQUl69Le/6YNHBAEzMoIt5jaTaAqpv51egdZU0gS+m5YAbepjVqt99m+ilyp
vjjG69vfw0++5DP6dla01U2V15hmgrcgVEAHBFhlxk+wjC+XQ9wF7vG5klWu+ikd
P+lbgywcUYHTuPdOaWQ9J74hMlccedHkermUOrb7/5XfXXfju/vB+LEQLPVLzyZA
WeTeCdq4f6/g3Hxgp+XgOxXkwAkR2vzvWJqtlXiKx2zDt0mfX3kEYmeqbic8P2pi
aq/vaBxQny3Zdc+CTEMplth2CCzzJQNc5EwoHmrJCSh1iLk9eMrNpIN8UxuF19sN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org