Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/1-qQRWnwzAbC7oCasgwmNDt5NFRU.roa
File: 1-qQRWnwzAbC7oCasgwmNDt5NFRU.roa (raw, json)
Hash identifier: 0wAtghnak1jQIMGjSGXkuwUlXBo0r/si4vfPncs3DXY=
Subject key identifier: FA:A4:11:5A:7C:33:01:B0:BB:A0:26:AC:83:09:8D:0E:DE:4D:15:15
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 01927B7536983AF6FD84E5903DD5DA0C3CDD
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/1-qQRWnwzAbC7oCasgwmNDt5NFRU.roa
Signing time: Fri 11 Oct 2024 12:02:12 +0000
ROA not before: Fri 11 Oct 2024 12:02:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212271
IP address blocks: 45.156.113.0/24 maxlen: 24
152.89.168.0/24 maxlen: 24
152.89.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 09:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:75:36:98:3a:f6:fd:84:e5:90:3d:d5:da:0c:3c:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Oct 11 12:02:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa4115a7c3301b0bba026ac83098d0ede4d1515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f9:60:b1:4e:f5:a9:31:f1:4c:34:d1:9c:1b:
1b:32:93:e8:cd:d9:1a:b9:28:6c:89:a5:15:59:ca:
15:74:4f:41:f2:e7:aa:dc:f2:cb:75:06:aa:39:d4:
08:92:90:5b:05:da:3a:99:40:37:45:39:b4:0e:74:
2a:41:51:9b:78:8c:80:52:2c:6c:1f:e0:9f:42:8e:
71:91:38:33:c6:e8:af:5d:75:51:2c:c7:1f:b7:2a:
f3:28:3f:22:7c:13:ff:5e:b6:05:84:2d:73:df:16:
03:d1:f9:8e:a2:55:9f:fa:b5:ba:b3:3d:aa:d5:63:
68:4f:78:0b:da:89:4b:16:9b:17:90:a5:a9:34:2f:
06:11:e0:35:e4:56:6e:60:41:1c:5d:3f:81:79:ae:
96:02:a5:2a:c5:30:12:58:cd:e1:d4:fd:97:8d:62:
8b:59:51:5d:93:6f:cb:ba:20:f7:0b:34:c3:68:33:
ea:44:c7:59:da:a6:df:86:86:0b:5e:7b:54:c9:d7:
e7:b7:74:1f:20:18:a7:82:fb:e2:81:68:f9:dd:37:
f6:13:57:b0:b0:de:f6:68:78:7d:9c:79:25:c7:15:
43:dd:2d:70:43:5e:fc:3b:d8:16:62:64:7d:ab:31:
37:13:b4:7a:70:1e:91:b4:3b:30:9a:aa:ce:cb:c1:
57:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A4:11:5A:7C:33:01:B0:BB:A0:26:AC:83:09:8D:0E:DE:4D:15:15
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/1-qQRWnwzAbC7oCasgwmNDt5NFRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.113.0/24
152.89.168.0/23
Signature Algorithm: sha256WithRSAEncryption
02:72:e5:e4:cb:4a:5e:d5:99:30:28:2b:07:16:54:03:c1:bc:
ba:9f:b7:20:c0:3d:bb:ad:76:53:92:07:bc:68:dc:af:08:b9:
cf:92:a8:42:87:7f:9d:3d:32:98:27:ca:35:67:eb:25:3b:45:
42:45:57:ae:a5:89:c7:d5:2e:78:cd:00:02:96:6c:9d:f6:12:
18:d4:eb:d7:7d:44:6a:a8:3a:43:95:51:dd:48:bd:61:b8:ba:
1d:24:72:0b:78:d2:47:ba:cf:30:af:ac:b1:3c:c6:99:3a:8b:
ec:df:98:75:88:2b:e7:74:b7:38:c1:0d:d8:18:8c:5b:c0:5d:
9f:d2:d8:23:c6:0f:d3:a7:fb:74:29:6a:ea:3d:9a:fd:d9:90:
37:36:b5:75:8a:90:20:6e:11:ac:43:83:c7:54:17:1b:b3:0f:
b3:55:22:13:0b:cf:70:8c:fe:73:fe:8a:d1:57:0e:0d:00:ab:
e1:d4:7c:1d:10:26:ad:c7:aa:9e:a0:95:d3:a1:7b:d5:99:ad:
2d:ba:fb:57:d1:2e:16:fc:43:fc:47:3a:34:9f:12:39:fa:bb:
7a:43:da:34:17:46:00:4a:bb:d6:e5:52:91:2b:1b:6d:9e:94:
ae:88:10:3f:0e:e5:51:9f:2e:eb:6e:cf:48:29:8d:42:3d:06:
93:ff:cb:b7
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZJ7dTaYOvb9hOWQPdXaDDzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQxMDExMTIwMjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE0MTE1YTdjMzMwMWIwYmJhMDI2YWM4MzA5OGQwZWRlNGQxNTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PlgsU71qTHxTDTRnBsbMpPozdka
uShsiaUVWcoVdE9B8ueq3PLLdQaqOdQIkpBbBdo6mUA3RTm0DnQqQVGbeIyAUixs
H+CfQo5xkTgzxuivXXVRLMcftyrzKD8ifBP/XrYFhC1z3xYD0fmOolWf+rW6sz2q
1WNoT3gL2olLFpsXkKWpNC8GEeA15FZuYEEcXT+Bea6WAqUqxTASWM3h1P2XjWKL
WVFdk2/LuiD3CzTDaDPqRMdZ2qbfhoYLXntUydfnt3QfIBingvvigWj53Tf2E1ew
sN72aHh9nHklxxVD3S1wQ178O9gWYmR9qzE3E7R6cB6RtDswmqrOy8FXcwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqkEVp8MwGwu6AmrIMJjQ7eTRUVMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvMS1xUVJXbnd6QWJDN29DYXNnd21ORHQ1TkZSVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRj
YS8xL0NfVkQ0ajRwLXdOMGpRazVjbTh3X3ByX29aNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2ccQME
AZhZqDANBgkqhkiG9w0BAQsFAAOCAQEAAnLl5MtKXtWZMCgrBxZUA8G8up+3IMA9
u612U5IHvGjcrwi5z5KoQod/nT0ymCfKNWfrJTtFQkVXrqWJx9UueM0AApZsnfYS
GNTr131Eaqg6Q5VR3Ui9Ybi6HSRyC3jSR7rPMK+ssTzGmTqL7N+YdYgr53S3OMEN
2BiMW8Bdn9LYI8YP06f7dClq6j2a/dmQNza1dYqQIG4RrEODx1QXG7MPs1UiEwvP
cIz+c/6K0VcODQCr4dR8HRAmrceqnqCV06F71ZmtLbr7V9EuFvxD/Ec6NJ8SOfq7
ekPaNBdGAEq71uVSkSsbbZ6UrogQPw7lUZ8u627PSCmNQj0Gk//Ltw==
-----END CERTIFICATE-----
Generated at Mon Oct 14 11:33:26 2024 by rpki-client on console-fra.rpki-client.org