Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/tj0fkDh6L5MYoJm5-stz76z0bYk.roa
File: tj0fkDh6L5MYoJm5-stz76z0bYk.roa (raw, json)
Hash identifier: cQ1H7xO2GcxInpO7wAYM/oJt/fE91Z1fJa5jSdVr5aM=
Subject key identifier: B6:3D:1F:90:38:7A:2F:93:18:A0:99:B9:FA:CB:73:EF:AC:F4:6D:89
Certificate issuer: /CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Certificate serial: 018A1BEE63E72E6B60482A9AB47251DC525A
Authority key identifier: C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/tj0fkDh6L5MYoJm5-stz76z0bYk.roa
Signing time: Tue 22 Aug 2023 06:28:42 +0000
ROA not before: Tue 22 Aug 2023 06:28:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208569
IP address blocks: 45.128.10.0/24 maxlen: 24
45.128.8.0/22 maxlen: 22
45.128.11.0/24 maxlen: 24
45.128.8.0/24 maxlen: 24
45.128.9.0/24 maxlen: 24
2a0e:3b40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:ee:63:e7:2e:6b:60:48:2a:9a:b4:72:51:dc:52:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3831edc0ba07c7e34aba701c3573d8e72af18fe
Validity
Not Before: Aug 22 06:28:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63d1f90387a2f9318a099b9facb73efacf46d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2c:0a:65:eb:9c:52:c9:c2:ad:3d:a3:a4:33:
b9:fd:fe:12:7c:9d:4a:fc:bb:d2:15:e6:95:85:a5:
fb:65:49:37:0f:a2:c4:f8:e3:7a:a9:9b:d4:4f:41:
06:01:7b:fb:22:b9:da:17:f6:46:f7:fc:96:95:a1:
c3:a9:cf:22:4c:54:d9:a3:35:8e:f4:97:a7:a8:e7:
4b:2e:48:07:bd:8e:5e:c1:05:54:36:9c:c3:5c:f5:
ea:8c:1c:30:25:e9:da:ea:84:33:1a:67:4c:e8:86:
bc:1d:3e:88:6e:b4:6b:cf:2e:c3:9a:b9:69:9d:55:
a4:7f:31:f4:a6:eb:10:a0:60:bc:2b:c5:62:b4:3a:
94:b9:2b:87:af:08:fb:58:c4:63:37:d5:30:c0:bc:
78:41:72:13:a3:f9:a6:81:81:71:21:c6:01:ea:6f:
fb:27:60:62:83:30:48:63:8d:c2:b4:7e:16:be:32:
28:30:19:61:2e:7b:94:7d:40:89:66:e1:41:82:26:
37:99:3c:67:b9:e5:f7:ff:b0:21:80:56:61:46:25:
b0:ab:2d:f3:e0:31:54:76:ff:fd:5c:e3:f3:00:8c:
c6:01:aa:b1:93:ef:fa:c2:9c:1f:b1:74:34:32:2e:
a4:64:3b:44:b9:ea:dc:a9:eb:a2:1b:4d:7f:8a:e1:
26:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3D:1F:90:38:7A:2F:93:18:A0:99:B9:FA:CB:73:EF:AC:F4:6D:89
X509v3 Authority Key Identifier:
keyid:C3:83:1E:DC:0B:A0:7C:7E:34:AB:A7:01:C3:57:3D:8E:72:AF:18:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4Me3AugfH40q6cBw1c9jnKvGP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/tj0fkDh6L5MYoJm5-stz76z0bYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/7f1275-12fc-4397-9e3b-edf6cad1249d/1/w4Me3AugfH40q6cBw1c9jnKvGP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.8.0/22
IPv6:
2a0e:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:dc:6d:7a:4c:fd:a7:1b:d2:be:7f:bd:63:88:35:23:4c:fb:
3a:9e:af:8c:8a:5c:d2:7d:89:cb:b6:d8:42:52:1b:4c:9b:dd:
3d:9b:2e:ed:8d:e3:6c:a6:11:e1:59:8f:b6:69:b5:49:44:cf:
f4:c4:f7:93:a1:fb:b9:7f:d7:ec:6c:ac:00:52:b0:27:18:22:
e2:10:13:b6:31:ee:61:93:a6:22:bd:9a:0c:3f:df:95:48:cf:
fc:33:81:b3:e5:50:2d:5d:f2:45:1a:62:79:c3:61:cd:fb:c7:
c7:47:79:12:a9:2d:bd:01:f6:5d:d5:11:36:d9:42:91:c7:11:
8e:c6:08:ff:ba:29:f9:25:a4:94:da:d7:6a:25:f9:c6:57:d1:
0e:97:12:11:1a:10:6f:ac:c7:52:36:5a:e9:58:4f:87:40:22:
d4:ed:a0:b8:3a:f7:cb:78:58:fa:4d:2c:59:7d:3d:27:37:02:
02:9a:9c:42:26:b7:ae:ec:ad:c9:ea:88:85:45:cf:1a:c5:7f:
c9:f5:c1:ab:2c:94:9b:15:41:f5:6f:9f:d4:ae:64:00:e3:96:
59:9f:2d:f4:89:c9:aa:ca:2f:05:01:5b:ca:4f:30:0f:97:18:
6c:ea:44:8c:6e:b0:f3:e0:62:a3:d7:32:79:99:44:b9:81:2d:
07:de:c9:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYob7mPnLmtgSCqatHJR3FJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODMxZWRjMGJhMDdjN2UzNGFiYTcwMWMzNTczZDhlNzJh
ZjE4ZmUwHhcNMjMwODIyMDYyODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNkMWY5MDM4N2EyZjkzMThhMDk5YjlmYWNiNzNlZmFjZjQ2ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwywKZeucUsnCrT2jpDO5/f4SfJ1K
/LvSFeaVhaX7ZUk3D6LE+ON6qZvUT0EGAXv7IrnaF/ZG9/yWlaHDqc8iTFTZozWO
9JenqOdLLkgHvY5ewQVUNpzDXPXqjBwwJena6oQzGmdM6Ia8HT6IbrRrzy7Dmrlp
nVWkfzH0pusQoGC8K8VitDqUuSuHrwj7WMRjN9UwwLx4QXITo/mmgYFxIcYB6m/7
J2BigzBIY43CtH4WvjIoMBlhLnuUfUCJZuFBgiY3mTxnueX3/7AhgFZhRiWwqy3z
4DFUdv/9XOPzAIzGAaqxk+/6wpwfsXQ0Mi6kZDtEuercqeuiG01/iuEm+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLY9H5A4ei+TGKCZufrLc++s9G2JMB8GA1UdIwQY
MBaAFMODHtwLoHx+NKunAcNXPY5yrxj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRNZTNBdWdmSDQwcTZjQncxYzlqbkt2R1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83ZjEyNzUtMTJmYy00Mzk3LTllM2It
ZWRmNmNhZDEyNDlkLzEvdGowZmtEaDZMNU1Zb0ptNS1zdHo3NnowYllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83ZjEyNzUtMTJmYy00Mzk3LTllM2ItZWRmNmNhZDEyNDlk
LzEvdzRNZTNBdWdmSDQwcTZjQncxYzlqbkt2R1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYAIMA0E
AgACMAcDBQMqDjtAMA0GCSqGSIb3DQEBCwUAA4IBAQAf3G16TP2nG9K+f71jiDUj
TPs6nq+MilzSfYnLtthCUhtMm909my7tjeNsphHhWY+2abVJRM/0xPeTofu5f9fs
bKwAUrAnGCLiEBO2Me5hk6YivZoMP9+VSM/8M4Gz5VAtXfJFGmJ5w2HN+8fHR3kS
qS29AfZd1RE22UKRxxGOxgj/uin5JaSU2tdqJfnGV9EOlxIRGhBvrMdSNlrpWE+H
QCLU7aC4OvfLeFj6TSxZfT0nNwICmpxCJreu7K3J6oiFRc8axX/J9cGrLJSbFUH1
b5/UrmQA45ZZny30icmqyi8FAVvKTzAPlxhs6kSMbrDz4GKj1zJ5mUS5gS0H3skO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:27 2024 by rpki-client on console-ams.rpki-client.org