Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/RlH7rIr1obMiXkRyPLNWJYc_3dY.roa
File: RlH7rIr1obMiXkRyPLNWJYc_3dY.roa (raw, json)
Hash identifier: VFhST1XwYc5zpnQ8UneWgh3L3hrKOsEuk7P07hYUBVE=
Subject key identifier: 46:51:FB:AC:8A:F5:A1:B3:22:5E:44:72:3C:B3:56:25:87:3F:DD:D6
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 01910DC204A7B4F7CF8BC1BA72BF31CE8D70
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/RlH7rIr1obMiXkRyPLNWJYc_3dY.roa
Signing time: Thu 01 Aug 2024 11:45:04 +0000
ROA not before: Thu 01 Aug 2024 11:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57648
IP address blocks: 45.156.160.0/24 maxlen: 24
45.156.162.0/24 maxlen: 24
2a0f:2580:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 15 Aug 2024 18:21:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:c2:04:a7:b4:f7:cf:8b:c1:ba:72:bf:31:ce:8d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Aug 1 11:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4651fbac8af5a1b3225e44723cb35625873fddd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:62:29:ee:4e:b2:a0:44:2f:25:db:eb:f3:
74:63:62:e7:7e:a5:11:52:90:4e:8e:04:7a:cf:32:
e6:bf:fa:67:6a:e5:0f:0a:4a:18:cc:9e:2d:ab:35:
0a:78:31:40:36:8a:61:fa:29:25:0a:ef:e6:84:60:
9d:9e:2a:59:b8:d4:49:5a:d3:18:de:5b:f4:a4:1c:
72:d6:de:50:ce:ce:7c:76:f6:51:26:84:e9:72:43:
7d:d1:28:6d:b3:6d:a0:8c:fc:75:60:48:b4:2a:1f:
e4:7c:9a:91:03:8c:91:a1:c9:88:c1:53:c4:c6:8c:
17:a8:d3:71:08:3b:10:b8:59:ef:ce:17:dd:c5:be:
8c:7b:9a:2c:31:c7:c7:fd:22:31:1b:f9:cc:72:fe:
13:22:c4:a5:70:eb:38:38:01:f0:fd:ff:a8:2d:1c:
56:8b:a5:08:b2:7f:fd:6a:06:c5:89:f8:92:b3:d5:
34:60:08:7a:ca:49:40:8b:bf:9f:eb:25:d9:af:c7:
ee:85:eb:68:0e:84:66:fb:37:37:af:0b:2f:59:54:
c3:55:8e:b3:91:f6:cf:f1:14:b5:ce:17:0e:58:ff:
64:09:a5:e3:fc:19:8b:1d:5a:35:0e:b0:8f:94:ea:
b9:27:39:5a:4b:b4:dc:d1:6d:08:90:91:84:df:d1:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:51:FB:AC:8A:F5:A1:B3:22:5E:44:72:3C:B3:56:25:87:3F:DD:D6
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/RlH7rIr1obMiXkRyPLNWJYc_3dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.160.0/24
45.156.162.0/24
IPv6:
2a0f:2580:1000::/48
Signature Algorithm: sha256WithRSAEncryption
20:1d:df:b9:27:15:c7:0f:9d:d5:86:02:70:1c:59:c0:7d:8c:
09:74:56:3e:9c:89:ab:18:3e:7f:62:a1:4b:85:1a:5a:c3:87:
6e:7b:96:fa:f6:1e:57:b7:82:9e:ca:99:06:d1:09:f9:15:62:
20:cc:4b:bf:cd:83:f7:6f:f4:08:6b:1e:71:02:9a:1f:12:dd:
9e:76:ad:28:d8:05:25:51:03:e7:2c:af:bd:76:a7:53:7e:b1:
9d:fb:09:94:e6:06:31:5d:5c:97:1c:1f:b7:4c:1d:68:87:70:
16:c3:69:ae:d9:4b:22:9b:93:2d:0e:2b:18:9d:c7:8a:f9:d3:
a2:88:8a:d6:18:71:4f:5d:c6:32:a4:94:70:28:b8:f0:ed:cf:
be:84:8a:55:83:a7:d0:66:39:6f:f2:4a:e9:bb:d4:5f:52:ef:
2e:3d:34:99:b9:99:d4:f1:24:ae:12:59:f6:55:b0:b5:66:13:
d6:6c:1c:64:a9:b9:b1:71:73:9a:61:ee:8c:14:46:7f:5c:e6:
dd:da:8b:90:a9:ff:d7:32:75:8f:f3:2b:90:83:04:ce:ae:12:
8f:92:53:fc:6b:20:bc:53:fa:e7:e5:24:04:54:fe:fd:16:a7:
10:90:b6:fd:33:58:d5:78:d4:07:3d:92:e0:0a:5d:26:09:dd:
38:99:46:b3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZENwgSntPfPi8G6cr8xzo1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjQwODAxMTE0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjUxZmJhYzhhZjVhMWIzMjI1ZTQ0NzIzY2IzNTYyNTg3M2ZkZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhJiKe5OsqBELyXb6/N0Y2LnfqUR
UpBOjgR6zzLmv/pnauUPCkoYzJ4tqzUKeDFANoph+iklCu/mhGCdnipZuNRJWtMY
3lv0pBxy1t5Qzs58dvZRJoTpckN90Shts22gjPx1YEi0Kh/kfJqRA4yRocmIwVPE
xowXqNNxCDsQuFnvzhfdxb6Me5osMcfH/SIxG/nMcv4TIsSlcOs4OAHw/f+oLRxW
i6UIsn/9agbFifiSs9U0YAh6yklAi7+f6yXZr8fuhetoDoRm+zc3rwsvWVTDVY6z
kfbP8RS1zhcOWP9kCaXj/BmLHVo1DrCPlOq5JzlaS7Tc0W0IkJGE39GP7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEZR+6yK9aGzIl5EcjyzViWHP93WMB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvUmxIN3JJcjFvYk1pWGtSeVBMTldKWWNfM2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALZygAwQA
LZyiMA8EAgACMAkDBwAqDyWAEAAwDQYJKoZIhvcNAQELBQADggEBACAd37knFccP
ndWGAnAcWcB9jAl0Vj6ciasYPn9ioUuFGlrDh257lvr2Hle3gp7KmQbRCfkVYiDM
S7/Ng/dv9AhrHnECmh8S3Z52rSjYBSVRA+csr712p1N+sZ37CZTmBjFdXJccH7dM
HWiHcBbDaa7ZSyKbky0OKxidx4r506KIitYYcU9dxjKklHAouPDtz76EilWDp9Bm
OW/ySum71F9S7y49NJm5mdTxJK4SWfZVsLVmE9ZsHGSpubFxc5ph7owURn9c5t3a
i5Cp/9cydY/zK5CDBM6uEo+SU/xrILxT+uflJARU/v0WpxCQtv0zWNV41Ac9kuAK
XSYJ3TiZRrM=
-----END CERTIFICATE-----
Generated at Thu Aug 15 21:42:48 2024 by rpki-client on console-ams.rpki-client.org