Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/sUciJ9pMDPMZwcfBCoU9zbhHrpY.roa
File: sUciJ9pMDPMZwcfBCoU9zbhHrpY.roa (raw, json)
Hash identifier: t8Cx4QL7+xYmqsqFpHOUot++O+IEbhzRxxsRG5bVy1E=
Subject key identifier: B1:47:22:27:DA:4C:0C:F3:19:C1:C7:C1:0A:85:3D:CD:B8:47:AE:96
Certificate issuer: /CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Certificate serial: 018570C2C83C05C2A34A07F1EB4472B0789B
Authority key identifier: 51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/sUciJ9pMDPMZwcfBCoU9zbhHrpY.roa
Signing time: Mon 02 Jan 2023 04:34:51 +0000
ROA not before: Mon 02 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 45.156.96.0/24 maxlen: 24
45.156.98.0/24 maxlen: 24
45.156.97.0/24 maxlen: 24
45.156.99.0/24 maxlen: 24
2a0f:1c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c8:3c:05:c2:a3:4a:07:f1:eb:44:72:b0:78:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a0d9825103d9da4761efa91a60ea2ca758d003
Validity
Not Before: Jan 2 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1472227da4c0cf319c1c7c10a853dcdb847ae96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:04:25:e0:38:1d:16:73:33:30:16:11:66:6b:
78:f7:e9:84:d4:ce:1d:b9:f2:14:b3:8b:cf:6c:35:
ef:f0:90:30:52:b1:07:cb:3b:4d:73:a1:20:86:9a:
68:42:a7:44:3b:31:0f:62:60:0c:32:da:00:7b:6a:
31:ed:f7:8b:8c:b7:c4:30:1c:a2:be:f6:6c:6e:85:
06:7a:13:b4:4f:29:c0:bb:ec:d5:55:5f:fb:22:68:
88:ce:93:ca:26:37:19:71:a3:3e:34:9b:03:58:52:
98:0c:80:4b:2f:c0:4f:88:1d:85:a4:33:82:86:25:
0d:16:2f:e4:67:f8:64:e1:94:d0:25:02:65:75:fe:
04:79:67:73:06:d2:a4:68:60:f3:fa:69:5c:44:52:
ac:c9:ba:40:a1:11:99:e1:e5:64:92:e2:7b:30:e5:
9a:dd:b7:9e:e1:7c:e8:80:89:57:6a:cf:48:24:2a:
48:1e:6b:69:82:2a:b9:97:fd:c4:ca:da:88:24:8c:
bc:85:2b:49:e7:d8:59:17:22:bd:7c:b2:88:54:dc:
b3:4b:fd:bc:e2:b3:0e:de:4c:29:97:ef:47:27:e2:
3f:89:f4:a3:ad:41:7e:3e:cf:d6:79:c4:e3:ce:e6:
44:25:42:23:7a:ad:29:ac:7b:a3:83:d6:02:b8:bb:
2d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:47:22:27:DA:4C:0C:F3:19:C1:C7:C1:0A:85:3D:CD:B8:47:AE:96
X509v3 Authority Key Identifier:
keyid:51:A0:D9:82:51:03:D9:DA:47:61:EF:A9:1A:60:EA:2C:A7:58:D0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaDZglED2dpHYe-pGmDqLKdY0AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/sUciJ9pMDPMZwcfBCoU9zbhHrpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b4f49b-75e5-4864-908e-6a3df01a3236/1/UaDZglED2dpHYe-pGmDqLKdY0AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.96.0/22
IPv6:
2a0f:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
81:44:5b:f5:0a:b7:f2:93:2e:bf:1d:4c:48:47:ee:ba:f6:f6:
9d:1a:dc:2b:a3:cb:bc:0a:b0:0c:62:4d:a6:e8:4b:ac:0e:5b:
7e:24:0a:93:ac:08:32:fe:4d:df:04:41:39:99:6f:ae:c1:95:
8a:96:74:d1:f6:4b:28:ab:4e:e2:a8:71:5d:c9:a7:70:79:bb:
2a:9d:1e:a2:4f:9a:12:9b:90:db:a3:c4:60:c5:68:d2:50:70:
d5:8c:fe:97:2c:11:a6:6a:f8:18:68:45:ba:f6:7b:58:44:8d:
b5:75:d1:78:cb:9f:c7:dd:6c:50:9b:ea:60:47:88:ce:04:13:
56:61:31:92:d5:43:92:8d:99:b9:d0:4b:a3:f2:b9:fb:0a:39:
db:76:aa:3c:1b:bc:cc:54:b3:d9:9d:12:f4:3a:c4:c3:d9:f1:
3b:19:0a:7f:10:4f:b8:02:ec:41:24:32:5b:83:9e:56:bd:4b:
af:9f:31:8c:77:52:52:4a:48:7a:60:fa:76:28:37:7a:66:ff:
aa:0c:74:f9:ad:1b:e9:e8:0d:16:67:b5:7d:70:3f:0b:95:0b:
2b:b7:82:0a:ed:df:a8:b9:0e:e3:98:74:ba:4a:b0:9d:19:56:
be:fb:48:05:90:21:12:82:0d:7e:64:9e:04:df:b5:60:86:df:
4a:1a:56:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwwsg8BcKjSgfx60RysHibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTBkOTgyNTEwM2Q5ZGE0NzYxZWZhOTFhNjBlYTJjYTc1
OGQwMDMwHhcNMjMwMTAyMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ3MjIyN2RhNGMwY2YzMTljMWM3YzEwYTg1M2RjZGI4NDdhZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwQl4DgdFnMzMBYRZmt49+mE1M4d
ufIUs4vPbDXv8JAwUrEHyztNc6EghppoQqdEOzEPYmAMMtoAe2ox7feLjLfEMByi
vvZsboUGehO0TynAu+zVVV/7ImiIzpPKJjcZcaM+NJsDWFKYDIBLL8BPiB2FpDOC
hiUNFi/kZ/hk4ZTQJQJldf4EeWdzBtKkaGDz+mlcRFKsybpAoRGZ4eVkkuJ7MOWa
3bee4XzogIlXas9IJCpIHmtpgiq5l/3EytqIJIy8hStJ59hZFyK9fLKIVNyzS/28
4rMO3kwpl+9HJ+I/ifSjrUF+Ps/WecTjzuZEJUIjeq0prHujg9YCuLst6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLFHIifaTAzzGcHHwQqFPc24R66WMB8GA1UdIwQY
MBaAFFGg2YJRA9naR2HvqRpg6iynWNADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUt
NmEzZGYwMWEzMjM2LzEvc1VjaUo5cE1EUE1ad2NmQkNvVTl6YmhIcnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNGY0OWItNzVlNS00ODY0LTkwOGUtNmEzZGYwMWEzMjM2
LzEvVWFEWmdsRUQyZHBIWWUtcEdtRHFMS2RZMEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZxgMA0E
AgACMAcDBQMqDxyAMA0GCSqGSIb3DQEBCwUAA4IBAQCBRFv1Crfyky6/HUxIR+66
9vadGtwro8u8CrAMYk2m6EusDlt+JAqTrAgy/k3fBEE5mW+uwZWKlnTR9ksoq07i
qHFdyadwebsqnR6iT5oSm5Dbo8RgxWjSUHDVjP6XLBGmavgYaEW69ntYRI21ddF4
y5/H3WxQm+pgR4jOBBNWYTGS1UOSjZm50Euj8rn7Cjnbdqo8G7zMVLPZnRL0OsTD
2fE7GQp/EE+4AuxBJDJbg55WvUuvnzGMd1JSSkh6YPp2KDd6Zv+qDHT5rRvp6A0W
Z7V9cD8LlQsrt4IK7d+ouQ7jmHS6SrCdGVa++0gFkCESgg1+ZJ4E37Vght9KGlYZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:31 2024 by rpki-client on console-ams.rpki-client.org