Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jw4LfT_P5gh5oSfV3uHEa907cGM.roa
File: jw4LfT_P5gh5oSfV3uHEa907cGM.roa (raw, json)
Hash identifier: dDQOW19jPI2oBlC0iF9yETL+BL2Qx48a7hIxbjdWzF8=
Subject key identifier: 8F:0E:0B:7D:3F:CF:E6:08:79:A1:27:D5:DE:E1:C4:6B:DD:3B:70:63
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018D5B4C3E92BE2D031BC0F00F9ED688A713
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jw4LfT_P5gh5oSfV3uHEa907cGM.roa
Signing time: Tue 30 Jan 2024 16:55:39 +0000
ROA not before: Tue 30 Jan 2024 16:55:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48728
IP address blocks: 45.95.240.0/24 maxlen: 24
2a0f:15c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 31 Jan 2024 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:4c:3e:92:be:2d:03:1b:c0:f0:0f:9e:d6:88:a7:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 30 16:55:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f0e0b7d3fcfe60879a127d5dee1c46bdd3b7063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:29:66:c2:ad:a1:a9:b3:f1:3a:31:1e:64:0f:
31:cf:3c:0e:5a:93:07:92:a6:a8:91:0a:4c:72:d3:
fd:e9:3a:a7:89:11:9c:c6:b2:87:26:7d:15:a2:83:
7a:2e:6d:75:8e:1b:7b:55:f0:ac:f4:e5:3b:a4:1c:
2f:ec:25:47:a0:c7:ae:59:0a:e4:46:fd:96:0f:3e:
14:11:69:57:f3:8d:79:47:0f:97:15:8a:eb:d5:8a:
61:92:bf:51:05:36:3b:b4:7a:ff:31:42:20:b0:0a:
9b:f4:a8:bf:39:d3:7b:a2:20:e9:5f:3d:7f:a3:1b:
c2:ce:c9:76:27:a4:9e:96:6b:85:84:30:76:1d:3f:
7a:15:af:18:ad:b6:98:70:d6:bf:b9:8f:7f:79:ea:
26:d2:81:3e:4f:6c:fc:fb:8e:00:a5:59:3f:9a:d5:
80:66:67:5e:a1:44:d4:61:9c:2c:e8:e3:f5:9f:e8:
4f:11:20:5b:76:9b:60:0a:10:a8:59:5a:41:ac:a8:
5a:00:80:85:71:b9:b9:e0:54:ba:2b:69:61:37:74:
d2:1d:1c:93:41:12:7a:c3:60:82:86:e4:44:6b:1a:
08:73:d6:85:de:dc:d9:56:d7:c4:b0:97:d7:f5:69:
64:48:14:e0:a3:77:7f:22:c8:f9:8d:60:a7:cd:cc:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0E:0B:7D:3F:CF:E6:08:79:A1:27:D5:DE:E1:C4:6B:DD:3B:70:63
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jw4LfT_P5gh5oSfV3uHEa907cGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.240.0/24
IPv6:
2a0f:15c2::/32
Signature Algorithm: sha256WithRSAEncryption
a5:bd:c5:d3:c4:e1:65:98:6b:3b:04:f4:ea:28:5c:05:a4:71:
a9:f4:b3:40:24:0c:aa:23:aa:66:6d:38:c0:fe:12:18:1c:9a:
d1:5b:59:8e:d9:3b:b2:e4:49:38:d3:34:19:61:1b:48:f1:f9:
e6:c6:d5:28:41:2e:95:10:71:98:40:22:a5:f9:6a:04:d1:36:
4a:bf:16:cc:85:03:e7:20:28:72:98:20:26:37:33:f5:7e:79:
c1:16:13:8b:0e:62:63:02:23:41:60:ed:3d:45:13:89:4f:b9:
d7:b8:24:20:d0:23:34:ee:20:39:32:26:9d:1b:1c:2e:3e:c4:
6d:a6:0b:2f:f8:59:8e:cd:1b:3c:c6:bb:9f:5f:a1:2b:71:13:
09:68:d9:78:11:95:ad:b9:44:b8:aa:38:e0:73:ef:a1:8d:3d:
95:01:e2:94:7b:2b:db:ac:06:d2:20:28:6a:a0:d9:9b:50:ba:
f1:fa:2e:6c:89:d2:56:aa:7a:77:78:4f:0f:ef:dd:5d:76:58:
39:cb:8f:4e:6d:d2:07:64:b8:a6:0c:6a:35:75:3f:9b:fb:2c:
22:af:68:f4:08:db:28:af:bb:0f:2a:b8:d2:ae:f5:2f:4a:0d:
6d:9f:3b:e1:7e:df:01:04:df:20:b4:42:4f:ec:86:cf:b1:17:
4e:05:df:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1bTD6Svi0DG8DwD57WiKcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTMwMTY1NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjBlMGI3ZDNmY2ZlNjA4NzlhMTI3ZDVkZWUxYzQ2YmRkM2I3MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvilmwq2hqbPxOjEeZA8xzzwOWpMH
kqaokQpMctP96TqniRGcxrKHJn0VooN6Lm11jht7VfCs9OU7pBwv7CVHoMeuWQrk
Rv2WDz4UEWlX8415Rw+XFYrr1Yphkr9RBTY7tHr/MUIgsAqb9Ki/OdN7oiDpXz1/
oxvCzsl2J6SelmuFhDB2HT96Fa8YrbaYcNa/uY9/eeom0oE+T2z8+44ApVk/mtWA
ZmdeoUTUYZws6OP1n+hPESBbdptgChCoWVpBrKhaAICFcbm54FS6K2lhN3TSHRyT
QRJ6w2CChuREaxoIc9aF3tzZVtfEsJfX9WlkSBTgo3d/Isj5jWCnzcxTywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8OC30/z+YIeaEn1d7hxGvdO3BjMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvanc0TGZUX1A1Z2g1b1NmVjN1SEVhOTA3Y0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALV/wMA0E
AgACMAcDBQAqDxXCMA0GCSqGSIb3DQEBCwUAA4IBAQClvcXTxOFlmGs7BPTqKFwF
pHGp9LNAJAyqI6pmbTjA/hIYHJrRW1mO2Tuy5Ek40zQZYRtI8fnmxtUoQS6VEHGY
QCKl+WoE0TZKvxbMhQPnIChymCAmNzP1fnnBFhOLDmJjAiNBYO09RROJT7nXuCQg
0CM07iA5MiadGxwuPsRtpgsv+FmOzRs8xrufX6ErcRMJaNl4EZWtuUS4qjjgc++h
jT2VAeKUeyvbrAbSIChqoNmbULrx+i5sidJWqnp3eE8P791ddlg5y49ObdIHZLim
DGo1dT+b+ywir2j0CNsor7sPKrjSrvUvSg1tnzvhft8BBN8gtEJP7IbPsRdOBd8+
-----END CERTIFICATE-----
Generated at Wed Jan 31 05:26:00 2024 by rpki-client on console-ams.rpki-client.org