Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fdeWHkx67wTELHjonNEgbBCiEx0.roa
File: fdeWHkx67wTELHjonNEgbBCiEx0.roa (raw, json)
Hash identifier: YRLYjYzl9iN4C6W/uOwZMPSDI/vsy46O3nRqZf15WGw=
Subject key identifier: 7D:D7:96:1E:4C:7A:EF:04:C4:2C:78:E8:9C:D1:20:6C:10:A2:13:1D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3F2AB620FBD4DFCE022A23F9BEDC
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fdeWHkx67wTELHjonNEgbBCiEx0.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203363
IP address blocks: 2.58.201.0/24 maxlen: 24
2.58.203.0/24 maxlen: 24
45.80.193.0/24 maxlen: 24
45.67.84.0/24 maxlen: 24
45.67.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:17:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:2a:b6:20:fb:d4:df:ce:02:2a:23:f9:be:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dd7961e4c7aef04c42c78e89cd1206c10a2131d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b9:3b:63:63:88:b5:37:46:c5:05:05:fe:45:
d9:f2:ae:3d:31:45:33:81:79:3d:71:8e:fd:34:f0:
86:40:d6:be:82:98:cb:a9:5c:07:87:34:cc:8c:95:
37:13:c3:19:60:70:7f:b3:c7:8e:18:0e:ab:df:3c:
d5:ba:82:eb:5d:e8:0f:28:31:c1:d1:2d:0b:ba:9f:
9c:5b:7d:36:03:ac:e9:7a:f1:fa:19:cf:5c:47:97:
25:db:c7:a6:47:64:02:63:66:39:e8:7b:5f:a8:f6:
3f:ec:4f:5f:f7:46:1d:cc:1a:91:e0:9e:f4:32:91:
cf:a8:2a:62:75:37:ff:fa:4f:21:1b:09:15:c2:be:
8f:41:c5:5e:c8:4b:05:cd:a4:92:a8:61:51:1f:06:
f3:d6:bd:e5:c0:57:04:82:3a:cd:a4:e4:50:2e:c0:
12:fc:c5:cb:1f:94:bb:b2:62:4d:81:02:3f:91:13:
e0:de:09:b5:21:cc:19:ee:c7:ab:ba:1f:b9:d2:89:
49:c9:b5:32:35:64:99:d3:43:59:70:3d:3c:8f:de:
0b:29:b9:e8:ec:20:2b:29:85:00:78:af:5e:01:f3:
f4:d0:85:02:81:d5:27:76:fe:6d:e6:b5:4d:37:71:
06:33:0e:ea:72:2f:4e:e4:a4:dc:3a:98:ee:ff:13:
30:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D7:96:1E:4C:7A:EF:04:C4:2C:78:E8:9C:D1:20:6C:10:A2:13:1D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/fdeWHkx67wTELHjonNEgbBCiEx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.201.0/24
2.58.203.0/24
45.67.84.0/23
45.80.193.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:bb:b9:ca:ba:91:c1:a9:ac:27:16:39:63:22:05:f0:b8:76:
dc:65:c5:eb:0f:80:16:62:c8:81:fa:7a:ff:cc:ed:03:5d:50:
76:6e:29:8e:51:5a:28:b9:8b:81:1e:68:2f:27:83:a9:2e:0d:
fb:f0:1e:58:65:17:dc:73:5c:bc:3f:48:e0:f1:41:04:50:07:
55:05:d8:21:2b:2b:02:2e:15:28:b5:57:47:ff:d1:8b:e2:96:
c2:2e:a0:ac:ca:35:f9:b4:42:f0:fb:31:ad:07:ba:4f:64:fd:
72:70:03:87:6b:a8:91:dc:e9:9d:10:1c:7e:33:b9:59:8e:6e:
ef:29:bf:24:e1:7b:42:c0:fd:88:6e:ec:9f:1a:c7:5b:77:cb:
9f:18:49:49:e4:e4:62:8e:f8:81:76:e6:f8:67:37:1c:a9:ce:
cb:89:47:76:10:6e:cf:b0:ab:bc:28:8e:d3:a9:48:12:fd:70:
1e:e8:f7:83:7f:3f:ee:ed:b8:af:26:10:7c:ce:f8:29:ec:b1:
9d:41:63:09:09:ca:8c:59:b1:b1:ae:b7:f8:31:67:2d:05:92:
55:00:b8:f1:3e:c2:1e:8f:2d:c1:91:fc:c3:ff:40:be:f6:af:
53:f3:75:3b:f5:46:42:3f:51:3a:5e:a1:f1:27:4d:61:ec:1f:
5f:49:79:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTj8qtiD71N/OAioj+b7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ3OTYxZTRjN2FlZjA0YzQyYzc4ZTg5Y2QxMjA2YzEwYTIxMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrk7Y2OItTdGxQUF/kXZ8q49MUUz
gXk9cY79NPCGQNa+gpjLqVwHhzTMjJU3E8MZYHB/s8eOGA6r3zzVuoLrXegPKDHB
0S0Lup+cW302A6zpevH6Gc9cR5cl28emR2QCY2Y56HtfqPY/7E9f90YdzBqR4J70
MpHPqCpidTf/+k8hGwkVwr6PQcVeyEsFzaSSqGFRHwbz1r3lwFcEgjrNpORQLsAS
/MXLH5S7smJNgQI/kRPg3gm1IcwZ7seruh+50olJybUyNWSZ00NZcD08j94LKbno
7CArKYUAeK9eAfP00IUCgdUndv5t5rVNN3EGMw7qci9O5KTcOpju/xMwDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH3Xlh5Meu8ExCx46JzRIGwQohMdMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZmRlV0hreDY3d1RFTEhqb25ORWdiQkNpRXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjrJAwQA
AjrLAwQBLUNUAwQALVDBMA0GCSqGSIb3DQEBCwUAA4IBAQAfu7nKupHBqawnFjlj
IgXwuHbcZcXrD4AWYsiB+nr/zO0DXVB2bimOUVoouYuBHmgvJ4OpLg378B5YZRfc
c1y8P0jg8UEEUAdVBdghKysCLhUotVdH/9GL4pbCLqCsyjX5tELw+zGtB7pPZP1y
cAOHa6iR3OmdEBx+M7lZjm7vKb8k4XtCwP2IbuyfGsdbd8ufGElJ5ORijviBdub4
Zzccqc7LiUd2EG7PsKu8KI7TqUgS/XAe6PeDfz/u7bivJhB8zvgp7LGdQWMJCcqM
WbGxrrf4MWctBZJVALjxPsIejy3BkfzD/0C+9q9T83U79UZCP1E6XqHxJ01h7B9f
SXkv
-----END CERTIFICATE-----
Generated at Tue Feb 6 15:18:27 2024 by rpki-client on console-fra.rpki-client.org