Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/1-L06XOXXNiPAI75WO5p-su3K6kw.roa
File: 1-L06XOXXNiPAI75WO5p-su3K6kw.roa (raw, json)
Hash identifier: r11EOqogsBhaXEzOrHXxZpJ/xFhRwozl2ktz4b9z3F4=
Subject key identifier: F8:BD:3A:5C:E5:D7:36:23:C0:23:BE:56:3B:9A:7E:B2:ED:CA:EA:4C
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018E19ECEBFEA74C27D776271E5EDEB4D754
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/1-L06XOXXNiPAI75WO5p-su3K6kw.roa
Signing time: Thu 07 Mar 2024 17:19:01 +0000
ROA not before: Thu 07 Mar 2024 17:19:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11325
IP address blocks: 2.57.248.0/22 maxlen: 22
45.80.96.0/22 maxlen: 22
45.85.128.0/23 maxlen: 23
171.22.61.0/24 maxlen: 24
171.22.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 26 Mar 2024 14:25:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:ec:eb:fe:a7:4c:27:d7:76:27:1e:5e:de:b4:d7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Mar 7 17:19:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8bd3a5ce5d73623c023be563b9a7eb2edcaea4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:01:79:e1:c2:ae:1e:44:42:9e:c1:e2:8f:c3:
8c:bd:bb:79:37:5e:77:66:f0:ed:2a:b0:47:38:30:
27:45:31:63:a1:22:5b:b5:5a:c1:19:00:a7:83:12:
5f:b1:0b:29:b6:e1:5d:33:c3:c5:4d:24:72:57:d9:
48:be:4d:99:ba:e2:2c:8b:b0:72:48:51:0b:ca:10:
7c:3b:6c:22:e5:18:47:97:84:91:43:f6:c4:4a:bb:
fb:5a:4c:0c:94:d3:b0:7e:ff:92:1d:1d:c2:a1:8b:
9e:60:3b:85:f5:96:53:9c:19:6f:4c:e2:cc:31:c9:
7d:79:16:7a:38:fd:62:3f:e7:bb:da:c1:f5:66:b1:
62:cb:ef:e7:ff:df:8f:7d:3a:0c:e6:c8:03:70:4c:
96:8a:85:ec:c4:f1:05:d8:2b:6d:54:b4:62:21:da:
1a:5a:27:f0:9b:e4:64:be:39:66:a5:c9:3e:e3:a0:
81:8c:15:ab:df:00:86:8f:0f:81:59:21:50:7b:8b:
41:dc:44:1e:43:27:3e:e2:28:a5:0f:f3:50:0b:56:
17:ff:d6:46:dd:d6:74:2f:65:01:e7:c2:2b:39:42:
17:c6:15:40:98:ce:e8:1a:e5:e1:68:30:b0:6a:b9:
59:d8:13:7f:04:b8:9b:19:b4:8b:b2:07:28:36:80:
ba:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BD:3A:5C:E5:D7:36:23:C0:23:BE:56:3B:9A:7E:B2:ED:CA:EA:4C
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/1-L06XOXXNiPAI75WO5p-su3K6kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.248.0/22
45.80.96.0/22
45.85.128.0/23
171.22.61.0-171.22.63.255
Signature Algorithm: sha256WithRSAEncryption
1d:38:8d:dc:79:3e:bb:b0:6b:08:c3:1c:c3:43:94:b6:2e:1a:
e4:8e:05:d7:c6:72:8e:09:d0:8d:15:08:42:92:25:ce:e7:2a:
88:4c:17:36:2d:61:0e:c3:3f:6e:27:98:5c:3c:42:9f:b9:20:
2f:f9:e0:f9:64:56:af:7c:29:2f:a5:a0:f8:06:13:0f:c2:89:
fc:db:e6:cb:a6:5c:73:3c:c9:a3:21:a3:4b:41:0b:e8:7b:32:
8d:f7:0d:d7:88:25:51:59:cd:d1:f9:06:f5:54:79:98:be:56:
ec:0e:e4:31:1b:07:8b:cc:c3:5b:d5:1c:c6:c3:4b:1a:35:24:
05:87:27:c5:c2:95:31:48:5e:85:26:1c:f0:dc:dc:65:90:4a:
0d:52:38:64:37:dd:22:35:0f:22:fd:d0:3c:f2:0b:dd:29:ba:
c2:57:66:19:09:0e:9c:2d:91:38:df:89:5a:ca:44:6d:37:2e:
b7:a6:1b:6a:cc:a2:1b:a5:94:62:15:fe:77:68:65:40:4e:c2:
3a:9c:63:fb:3e:b9:a5:e8:3d:ae:f7:f3:ba:79:09:e8:61:39:
8b:c8:b6:b1:0e:11:5f:35:6e:54:1f:71:a6:78:e3:a2:a1:0e:
22:be:f2:c6:aa:0f:f9:33:38:2d:e1:4b:f5:dd:e6:c1:4d:2a:
d0:1d:63:c2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4Z7Ov+p0wn13YnHl7etNdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMzA3MTcxOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJkM2E1Y2U1ZDczNjIzYzAyM2JlNTYzYjlhN2ViMmVkY2FlYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgF54cKuHkRCnsHij8OMvbt5N153
ZvDtKrBHODAnRTFjoSJbtVrBGQCngxJfsQsptuFdM8PFTSRyV9lIvk2ZuuIsi7By
SFELyhB8O2wi5RhHl4SRQ/bESrv7WkwMlNOwfv+SHR3CoYueYDuF9ZZTnBlvTOLM
Mcl9eRZ6OP1iP+e72sH1ZrFiy+/n/9+PfToM5sgDcEyWioXsxPEF2CttVLRiIdoa
Wifwm+Rkvjlmpck+46CBjBWr3wCGjw+BWSFQe4tB3EQeQyc+4iilD/NQC1YX/9ZG
3dZ0L2UB58IrOUIXxhVAmM7oGuXhaDCwarlZ2BN/BLibGbSLsgcoNoC6zQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPi9Olzl1zYjwCO+VjuafrLtyupMMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvMS1MMDZYT1hYTmlQQUk3NVdPNXAtc3UzSzZrdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvZTA0NzJhLTNhZGYtNDNjZC1iZjMwLTczOTIzZGFlZjEx
NC8xL2hUUHZSaEZ2MmRJYi0xTS1STDNsRjRrTUpOdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAgI5+AME
Ai1QYAMEAS1VgDAMAwQAqxY9AwQGqxYAMA0GCSqGSIb3DQEBCwUAA4IBAQAdOI3c
eT67sGsIwxzDQ5S2LhrkjgXXxnKOCdCNFQhCkiXO5yqITBc2LWEOwz9uJ5hcPEKf
uSAv+eD5ZFavfCkvpaD4BhMPwon82+bLplxzPMmjIaNLQQvoezKN9w3XiCVRWc3R
+Qb1VHmYvlbsDuQxGweLzMNb1RzGw0saNSQFhyfFwpUxSF6FJhzw3NxlkEoNUjhk
N90iNQ8i/dA88gvdKbrCV2YZCQ6cLZE434laykRtNy63phtqzKIbpZRiFf53aGVA
TsI6nGP7Prml6D2u9/O6eQnoYTmLyLaxDhFfNW5UH3GmeOOioQ4ivvLGqg/5Mzgt
4Uv13ebBTSrQHWPC
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:18 2024 by rpki-client on console-fra.rpki-client.org