Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jWiEb2V5OW8fEriF59jodxX9lXA.roa
File: jWiEb2V5OW8fEriF59jodxX9lXA.roa (raw, json)
Hash identifier: y0dbedpucoqAbSj0wSomy6SnXVAo+xgTth91xq/9nm8=
Subject key identifier: 8D:68:84:6F:65:79:39:6F:1F:12:B8:85:E7:D8:E8:77:15:FD:95:70
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018D16EFDA4C1EB3632813A7EA1595209B3B
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jWiEb2V5OW8fEriF59jodxX9lXA.roa
Signing time: Wed 17 Jan 2024 10:20:34 +0000
ROA not before: Wed 17 Jan 2024 10:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.86.158.0/24 maxlen: 24
85.117.240.0/24 maxlen: 24
2a09:ff00:8800::/37 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 13:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:ef:da:4c:1e:b3:63:28:13:a7:ea:15:95:20:9b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 17 10:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d68846f6579396f1f12b885e7d8e87715fd9570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:90:64:94:73:51:e5:42:72:29:f7:95:79:
8c:ca:6f:64:8b:d7:ee:91:4f:59:9b:73:cf:4c:e6:
96:68:d1:86:70:97:00:8a:bd:39:8a:cd:07:84:bd:
2b:6e:de:62:c1:03:ba:f0:e2:94:43:72:77:23:e4:
6d:8d:3d:f2:13:07:ef:b3:aa:3a:ca:d6:f9:49:85:
21:67:ed:64:c0:0d:76:e9:12:72:02:d2:c3:99:b3:
bc:99:7d:83:1b:4b:2a:fe:53:fb:83:df:cc:a8:0b:
9f:73:73:da:32:80:c7:0e:97:94:3b:77:94:ea:b5:
1a:5e:c9:5d:93:e3:58:46:28:95:f6:7d:de:95:58:
38:81:38:81:d6:b0:e7:4e:ac:3a:1c:cf:3e:f0:0b:
16:ed:8c:00:f1:31:39:50:da:aa:ad:bd:bd:be:e2:
0a:63:6f:16:b9:57:be:66:cf:ff:48:67:3b:ac:af:
2a:11:f5:cf:4f:42:54:db:31:6a:37:0e:17:8f:93:
15:be:76:33:ba:e7:c9:fe:17:5b:bb:86:04:3a:63:
65:2d:62:08:86:0e:d3:67:c1:bd:ca:04:10:49:4c:
8b:81:aa:51:cc:33:05:33:8a:d7:84:cd:92:ca:87:
08:8e:17:e9:51:df:63:7d:b5:9f:af:91:30:cb:23:
c0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:68:84:6F:65:79:39:6F:1F:12:B8:85:E7:D8:E8:77:15:FD:95:70
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/jWiEb2V5OW8fEriF59jodxX9lXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
85.117.240.0/24
IPv6:
2a09:ff00:8800::/37
Signature Algorithm: sha256WithRSAEncryption
62:43:93:e0:ad:cb:86:2d:07:29:2e:c2:15:25:94:0a:67:31:
8a:64:c9:e5:a6:50:9e:65:04:af:c6:4f:b0:2f:a2:38:e0:b9:
d1:7d:a7:7b:c0:6e:f3:7b:18:92:90:d0:34:fb:6a:a1:9f:f0:
2e:9b:0d:05:2d:15:07:5f:33:ce:08:7e:03:4b:12:ca:ea:ab:
f8:fc:85:17:a3:2c:40:72:62:0a:b6:ee:c2:71:ae:7f:f0:db:
56:8b:29:a3:3e:f2:62:4b:0c:c4:13:f6:26:30:87:1e:fc:87:
b9:55:3d:05:5b:d8:a4:2a:4d:e5:eb:27:04:f1:96:12:62:2a:
55:6c:da:81:96:f3:3f:88:8c:78:a1:b9:43:8e:b7:e1:d2:24:
05:94:2e:dd:20:64:32:d7:f8:2b:f7:05:f2:72:a9:0b:51:e8:
64:77:cd:ff:39:e5:ce:0a:a1:9c:56:4b:39:85:74:41:9b:e0:
ba:7b:8a:06:88:07:99:80:e5:70:f0:78:de:05:05:cd:86:6b:
08:b7:5b:bb:fd:d5:bd:14:12:80:04:55:ae:69:be:63:5b:4d:
bd:ec:cf:b1:5f:9a:b0:53:d6:a9:6e:31:36:95:a5:fa:17:4c:
21:81:ea:49:eb:d7:d2:88:dd:45:9c:4f:27:ed:26:5f:56:98:
10:bf:49:e4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY0W79pMHrNjKBOn6hWVIJs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTE3MTAyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDY4ODQ2ZjY1NzkzOTZmMWYxMmI4ODVlN2Q4ZTg3NzE1ZmQ5NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps6QZJRzUeVCcin3lXmMym9ki9fu
kU9Zm3PPTOaWaNGGcJcAir05is0HhL0rbt5iwQO68OKUQ3J3I+RtjT3yEwfvs6o6
ytb5SYUhZ+1kwA126RJyAtLDmbO8mX2DG0sq/lP7g9/MqAufc3PaMoDHDpeUO3eU
6rUaXsldk+NYRiiV9n3elVg4gTiB1rDnTqw6HM8+8AsW7YwA8TE5UNqqrb29vuIK
Y28WuVe+Zs//SGc7rK8qEfXPT0JU2zFqNw4Xj5MVvnYzuufJ/hdbu4YEOmNlLWII
hg7TZ8G9ygQQSUyLgapRzDMFM4rXhM2SyocIjhfpUd9jfbWfr5EwyyPAwQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI1ohG9leTlvHxK4hefY6HcV/ZVwMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvaldpRWIyVjVPVzhmRXJpRjU5am9keFg5bFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVaeAwQA
VXXwMA4EAgACMAgDBgMqCf8AiDANBgkqhkiG9w0BAQsFAAOCAQEAYkOT4K3Lhi0H
KS7CFSWUCmcximTJ5aZQnmUEr8ZPsC+iOOC50X2ne8Bu83sYkpDQNPtqoZ/wLpsN
BS0VB18zzgh+A0sSyuqr+PyFF6MsQHJiCrbuwnGuf/DbVospoz7yYksMxBP2JjCH
HvyHuVU9BVvYpCpN5esnBPGWEmIqVWzagZbzP4iMeKG5Q4634dIkBZQu3SBkMtf4
K/cF8nKpC1HoZHfN/znlzgqhnFZLOYV0QZvgunuKBogHmYDlcPB43gUFzYZrCLdb
u/3VvRQSgARVrmm+Y1tNvezPsV+asFPWqW4xNpWl+hdMIYHqSevX0ojdRZxPJ+0m
X1aYEL9J5A==
-----END CERTIFICATE-----
Generated at Wed Feb 7 17:43:47 2024 by rpki-client on console-fra.rpki-client.org