Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/hMCB0Siw1cKAy2JHS1gfCPzxj6Y.roa
File: hMCB0Siw1cKAy2JHS1gfCPzxj6Y.roa (raw, json)
Hash identifier: o9s7T89FqTI8/mChs6vzq2v3h988VF8UMEP0S8Oic+8=
Subject key identifier: 84:C0:81:D1:28:B0:D5:C2:80:CB:62:47:4B:58:1F:08:FC:F1:8F:A6
Certificate issuer: /CN=c67e2a46e34f491433c8b62f319b902bddfde831
Certificate serial: 018E0E57875EDBF678A386BDA5E8ED2EA250
Authority key identifier: C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/hMCB0Siw1cKAy2JHS1gfCPzxj6Y.roa
Signing time: Tue 05 Mar 2024 11:20:01 +0000
ROA not before: Tue 05 Mar 2024 11:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215845
IP address blocks: 45.143.221.0/24 maxlen: 24
77.247.108.0/24 maxlen: 24
185.53.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Mar 2024 13:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:57:87:5e:db:f6:78:a3:86:bd:a5:e8:ed:2e:a2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e2a46e34f491433c8b62f319b902bddfde831
Validity
Not Before: Mar 5 11:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84c081d128b0d5c280cb62474b581f08fcf18fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a7:cf:d2:ab:d6:dd:01:8d:29:d4:8a:25:93:
f5:ae:49:42:c8:4b:6b:01:53:4b:e1:d8:8f:05:ce:
e2:21:f0:6b:6c:8e:dd:56:21:95:bb:77:0a:7a:ca:
6e:37:bc:88:db:7e:5f:1c:54:23:33:b5:b1:b3:e7:
d1:bc:3d:bf:8b:c7:c9:b8:d5:50:f3:cd:ee:2b:34:
75:08:c5:d6:c2:cd:52:9f:c9:68:fa:9e:a5:09:c9:
be:0c:40:04:ef:3d:d9:2d:c9:73:b3:4c:7b:2a:44:
f2:5e:f9:d3:6c:db:93:5a:8c:e8:25:bf:d6:7e:48:
dc:01:9f:22:bf:77:cc:1c:eb:5f:f1:da:86:e4:cb:
6c:73:45:96:2e:89:ed:fb:01:af:e2:f7:69:f4:7c:
31:e5:19:fa:d3:74:4c:0b:b2:0f:24:40:77:c4:0b:
fc:5b:06:f4:66:8e:56:ae:86:9e:b8:9a:23:1c:39:
41:56:74:0d:da:42:10:15:35:00:e1:9b:34:92:41:
30:73:7c:31:89:e4:3b:b2:8f:1d:da:7f:31:08:99:
89:af:ed:d5:94:05:5e:d3:ce:f7:d3:95:a6:f1:fc:
9c:e2:e9:ee:97:a6:d3:db:79:ca:f8:fd:4e:77:42:
f0:4c:c8:a5:1e:4c:24:8d:7a:30:92:c6:b7:f5:6f:
51:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C0:81:D1:28:B0:D5:C2:80:CB:62:47:4B:58:1F:08:FC:F1:8F:A6
X509v3 Authority Key Identifier:
keyid:C6:7E:2A:46:E3:4F:49:14:33:C8:B6:2F:31:9B:90:2B:DD:FD:E8:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn4qRuNPSRQzyLYvMZuQK9396DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/hMCB0Siw1cKAy2JHS1gfCPzxj6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/80c568-bd15-4f32-8dd4-066866f2ded0/1/xn4qRuNPSRQzyLYvMZuQK9396DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.221.0/24
77.247.108.0/24
185.53.90.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:5d:46:4b:3d:4e:a5:9e:97:a5:75:42:52:0d:19:55:1b:55:
9d:35:42:03:25:bf:0c:3d:20:f3:fe:a4:90:94:17:e6:ae:ae:
43:80:dc:1d:cf:c4:d5:a2:26:2c:45:57:62:63:4c:c9:ca:01:
bb:bb:b6:7e:b8:2a:40:0b:d4:1e:fe:3b:0d:b4:94:95:df:3d:
ab:ab:8a:15:6e:52:5c:15:65:88:26:58:8f:30:36:fa:4e:a8:
c7:b0:30:1a:e2:81:60:e7:a5:15:0d:f6:7d:d1:fc:f3:f2:02:
de:19:72:f4:a0:2b:bc:84:84:8d:a6:15:e9:ba:5c:ed:28:aa:
68:45:22:17:34:da:39:d1:d8:cd:d3:78:10:8f:d9:0a:93:91:
08:2c:68:77:37:66:b0:48:2f:fd:0d:b7:e9:0e:07:48:ed:7b:
ea:73:ff:da:c0:2d:b3:ca:7b:e0:0f:7e:24:e5:3d:75:2b:67:
ad:df:01:9a:b1:3e:30:1d:ba:e6:94:74:53:21:1c:61:47:36:
5c:c8:fa:a6:1f:87:cc:b7:21:fa:67:ea:ba:70:69:b6:8a:11:
aa:59:f8:6c:65:b1:ff:bc:95:54:79:b6:cf:4c:03:db:aa:c1:
f4:52:96:bb:dc:ba:81:c8:e7:d2:d2:96:56:b2:e0:c9:be:1d:
a9:4f:65:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4OV4de2/Z4o4a9pejtLqJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2UyYTQ2ZTM0ZjQ5MTQzM2M4YjYyZjMxOWI5MDJiZGRm
ZGU4MzEwHhcNMjQwMzA1MTEyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGMwODFkMTI4YjBkNWMyODBjYjYyNDc0YjU4MWYwOGZjZjE4ZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1afP0qvW3QGNKdSKJZP1rklCyEtr
AVNL4diPBc7iIfBrbI7dViGVu3cKespuN7yI235fHFQjM7Wxs+fRvD2/i8fJuNVQ
883uKzR1CMXWws1Sn8lo+p6lCcm+DEAE7z3ZLclzs0x7KkTyXvnTbNuTWozoJb/W
fkjcAZ8iv3fMHOtf8dqG5Mtsc0WWLont+wGv4vdp9Hwx5Rn603RMC7IPJEB3xAv8
Wwb0Zo5WroaeuJojHDlBVnQN2kIQFTUA4Zs0kkEwc3wxieQ7so8d2n8xCJmJr+3V
lAVe087305Wm8fyc4unul6bT23nK+P1Od0LwTMilHkwkjXowksa39W9RsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITAgdEosNXCgMtiR0tYHwj88Y+mMB8GA1UdIwQY
MBaAFMZ+KkbjT0kUM8i2LzGbkCvd/egxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQt
MDY2ODY2ZjJkZWQwLzEvaE1DQjBTaXcxY0tBeTJKSFMxZ2ZDUHp4ajZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84MGM1NjgtYmQxNS00ZjMyLThkZDQtMDY2ODY2ZjJkZWQw
LzEveG40cVJ1TlBTUlF6eUxZdk1adVFLOTM5NkRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY/dAwQA
TfdsAwQAuTVaMA0GCSqGSIb3DQEBCwUAA4IBAQClXUZLPU6lnpeldUJSDRlVG1Wd
NUIDJb8MPSDz/qSQlBfmrq5DgNwdz8TVoiYsRVdiY0zJygG7u7Z+uCpAC9Qe/jsN
tJSV3z2rq4oVblJcFWWIJliPMDb6TqjHsDAa4oFg56UVDfZ90fzz8gLeGXL0oCu8
hISNphXpulztKKpoRSIXNNo50djN03gQj9kKk5EILGh3N2awSC/9DbfpDgdI7Xvq
c//awC2zynvgD34k5T11K2et3wGasT4wHbrmlHRTIRxhRzZcyPqmH4fMtyH6Z+q6
cGm2ihGqWfhsZbH/vJVUebbPTAPbqsH0Upa73LqByOfS0pZWsuDJvh2pT2VP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:39 2024 by rpki-client on console-fra.rpki-client.org