Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/cilbT0Shzv8KyldC_RdYv6ysTRY.roa
File: cilbT0Shzv8KyldC_RdYv6ysTRY.roa (raw, json)
Hash identifier: Y5ErwGnU+JO4HwmL76Dt0GBj5qHK4wV5FL7g3wGempk=
Subject key identifier: 72:29:5B:4F:44:A1:CE:FF:0A:CA:57:42:FD:17:58:BF:AC:AC:4D:16
Certificate issuer: /CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Certificate serial: 01856F39120893E4A1580BEACFDAE8E3357B
Authority key identifier: 82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/cilbT0Shzv8KyldC_RdYv6ysTRY.roa
Signing time: Sun 01 Jan 2023 21:24:49 +0000
ROA not before: Sun 01 Jan 2023 21:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208804
IP address blocks: 45.13.152.0/24 maxlen: 24
45.13.153.0/24 maxlen: 24
45.13.154.0/24 maxlen: 24
45.13.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:12:08:93:e4:a1:58:0b:ea:cf:da:e8:e3:35:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8251e7fb6b960d406b2236d25e4e20e245359db2
Validity
Not Before: Jan 1 21:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72295b4f44a1ceff0aca5742fd1758bfacac4d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:89:a7:e2:ea:63:80:9c:dc:b9:ff:9e:53:93:
0a:18:f6:e7:0c:fe:20:9e:09:33:53:a9:af:97:74:
a0:f7:6e:7b:7a:55:77:f7:ea:0b:83:be:38:93:60:
c4:f0:17:49:68:f7:d8:47:fd:c2:73:11:ce:09:0b:
56:2c:e8:c7:a0:4b:d9:ba:02:71:6e:81:57:c1:c0:
42:60:96:5c:5c:52:d1:3c:e6:74:e9:c3:89:54:dc:
8f:af:4d:b5:24:be:05:ca:6f:d2:24:00:f4:34:9b:
e9:ec:c5:b6:6e:9a:85:f3:90:a8:48:1c:df:40:a2:
04:7e:4e:cd:76:91:bb:2b:2d:93:86:15:53:36:6e:
68:9b:c5:d1:d6:ae:97:4a:45:be:da:cc:4e:70:85:
7f:c2:d9:46:24:5e:d1:89:a7:47:17:82:d2:4d:43:
a2:b9:9a:30:9e:5d:a3:89:27:f9:f3:12:89:69:a6:
22:1c:6d:c7:7d:ce:d9:71:32:bc:49:3a:b2:a7:42:
f4:51:8b:1a:e5:3f:2b:74:90:81:3a:33:e0:18:db:
80:1a:e0:63:26:23:1e:18:7f:df:e7:30:20:f9:73:
32:4a:f0:66:c1:d5:ce:a9:fc:8b:e4:df:3f:58:75:
a6:5c:ec:a0:11:b9:a5:0c:f1:3d:78:a9:fc:d4:74:
89:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:29:5B:4F:44:A1:CE:FF:0A:CA:57:42:FD:17:58:BF:AC:AC:4D:16
X509v3 Authority Key Identifier:
keyid:82:51:E7:FB:6B:96:0D:40:6B:22:36:D2:5E:4E:20:E2:45:35:9D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/glHn-2uWDUBrIjbSXk4g4kU1nbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/cilbT0Shzv8KyldC_RdYv6ysTRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/ff0e61-1c92-418c-9267-d3a487295491/1/glHn-2uWDUBrIjbSXk4g4kU1nbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.152.0/22
Signature Algorithm: sha256WithRSAEncryption
08:c0:de:4d:4a:de:2d:09:d4:4f:19:77:2f:42:77:7d:e6:d2:
9d:aa:5c:5e:fc:e8:9b:bb:e8:39:97:ea:5a:ae:e4:f3:20:bc:
a4:5d:99:b1:57:a0:88:c8:5a:87:a5:30:bb:57:5b:07:a2:5a:
ff:3e:ff:08:7e:63:6e:18:f7:4c:31:91:ca:56:dc:3c:a8:ed:
bf:01:49:ec:1b:1c:a1:70:bd:3a:bc:c8:ce:b8:16:70:e1:1c:
72:5d:97:fe:27:dd:b9:ff:d5:52:8b:6b:1c:5d:d3:1b:63:ec:
7c:1e:ac:c6:2f:32:86:1c:c2:ba:5b:41:71:03:a6:82:bf:a1:
9c:42:53:55:bb:af:a6:20:f4:32:78:5b:a4:dc:81:59:c6:97:
3b:d9:81:90:45:a1:6c:86:d6:fd:0d:cb:0e:c4:f2:cc:ca:e5:
9c:8a:2a:ec:3e:42:48:46:fd:9f:0d:9f:19:ab:cc:51:6f:26:
2f:33:6b:e1:24:59:6c:6e:ac:e8:e8:cd:39:f4:46:11:aa:e2:
1b:43:15:94:10:c7:ed:e9:20:06:c5:34:1d:b6:f4:2d:2e:a4:
42:2c:27:ef:ec:7f:dd:00:57:bf:55:76:24:6c:d4:c7:2f:43:
a4:96:a9:6d:bc:63:94:d9:44:d1:49:a5:1e:85:db:d2:1b:ea:
a4:7b:a6:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvORIIk+ShWAvqz9ro4zV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNTFlN2ZiNmI5NjBkNDA2YjIyMzZkMjVlNGUyMGUyNDUz
NTlkYjIwHhcNMjMwMTAxMjEyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjI5NWI0ZjQ0YTFjZWZmMGFjYTU3NDJmZDE3NThiZmFjYWM0ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmomn4upjgJzcuf+eU5MKGPbnDP4g
ngkzU6mvl3Sg9257elV39+oLg744k2DE8BdJaPfYR/3CcxHOCQtWLOjHoEvZugJx
boFXwcBCYJZcXFLRPOZ06cOJVNyPr021JL4Fym/SJAD0NJvp7MW2bpqF85CoSBzf
QKIEfk7NdpG7Ky2ThhVTNm5om8XR1q6XSkW+2sxOcIV/wtlGJF7RiadHF4LSTUOi
uZownl2jiSf58xKJaaYiHG3Hfc7ZcTK8STqyp0L0UYsa5T8rdJCBOjPgGNuAGuBj
JiMeGH/f5zAg+XMySvBmwdXOqfyL5N8/WHWmXOygEbmlDPE9eKn81HSJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIpW09Eoc7/CspXQv0XWL+srE0WMB8GA1UdIwQY
MBaAFIJR5/trlg1AayI20l5OIOJFNZ2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjct
ZDNhNDg3Mjk1NDkxLzEvY2lsYlQwU2h6djhLeWxkQ19SZFl2NnlzVFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mZjBlNjEtMWM5Mi00MThjLTkyNjctZDNhNDg3Mjk1NDkx
LzEvZ2xIbi0ydVdEVUJySWpiU1hrNGc0a1UxbmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ2YMA0G
CSqGSIb3DQEBCwUAA4IBAQAIwN5NSt4tCdRPGXcvQnd95tKdqlxe/Oibu+g5l+pa
ruTzILykXZmxV6CIyFqHpTC7V1sHolr/Pv8IfmNuGPdMMZHKVtw8qO2/AUnsGxyh
cL06vMjOuBZw4RxyXZf+J925/9VSi2scXdMbY+x8HqzGLzKGHMK6W0FxA6aCv6Gc
QlNVu6+mIPQyeFuk3IFZxpc72YGQRaFshtb9DcsOxPLMyuWciirsPkJIRv2fDZ8Z
q8xRbyYvM2vhJFlsbqzo6M059EYRquIbQxWUEMft6SAGxTQdtvQtLqRCLCfv7H/d
AFe/VXYkbNTHL0OklqltvGOU2UTRSaUehdvSG+qke6ax
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:42 2024 by rpki-client on console-ams.rpki-client.org