Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/skOIV7vzR6GpfHAoan3dGHMofrc.roa
File: skOIV7vzR6GpfHAoan3dGHMofrc.roa (raw, json)
Hash identifier: 2T6AL81KQug2MplPPTxTaz47eldYdA0TlpXrqDzqPcw=
Subject key identifier: B2:43:88:57:BB:F3:47:A1:A9:7C:70:28:6A:7D:DD:18:73:28:7E:B7
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 018D561566F294DD90F68A40566BF242747A
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/skOIV7vzR6GpfHAoan3dGHMofrc.roa
Signing time: Mon 29 Jan 2024 16:37:39 +0000
ROA not before: Mon 29 Jan 2024 16:37:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 45.12.24.0/24 maxlen: 24
45.12.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 16:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:15:66:f2:94:dd:90:f6:8a:40:56:6b:f2:42:74:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 29 16:37:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2438857bbf347a1a97c70286a7ddd1873287eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:aa:97:0a:1a:c9:b9:96:28:b7:cb:e7:aa:d8:
df:e4:ef:af:1e:34:9f:50:b0:79:6d:22:69:04:af:
96:b4:bb:98:ca:d3:34:50:39:65:b4:f6:6f:51:74:
2e:dd:d2:f1:00:9a:cd:fb:d3:a4:8a:a2:f4:74:22:
b0:c8:90:99:bc:19:e4:45:04:4b:e1:d0:aa:a9:e4:
a0:a8:ca:c6:87:d5:f0:ec:d4:75:00:a3:19:84:41:
9f:b8:5b:74:be:d8:67:26:8c:74:11:39:fa:3e:7b:
37:6a:39:7e:fd:78:53:53:2f:92:42:c9:25:48:23:
a5:b7:19:a8:86:24:80:40:77:35:ad:87:d7:5d:b2:
3e:9b:b2:50:31:04:11:bc:e8:f1:49:7c:e2:77:ce:
ad:cf:36:fe:30:13:e3:dc:7a:b7:21:18:11:9e:86:
75:39:fa:fb:fd:73:87:05:89:d9:b6:04:14:99:b1:
5b:0d:a3:d1:84:f7:aa:e3:6c:c7:75:24:3f:f2:33:
36:bb:de:0d:8c:92:76:7f:6a:18:31:fc:8d:52:0d:
c6:5c:cb:73:dc:f3:57:47:1c:e3:08:35:70:76:c4:
cb:74:a1:0e:8e:e6:75:fa:99:8d:c2:d0:4b:06:10:
ae:29:3e:c5:f8:f3:63:83:d1:d2:14:1e:b9:4a:72:
4d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:43:88:57:BB:F3:47:A1:A9:7C:70:28:6A:7D:DD:18:73:28:7E:B7
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/skOIV7vzR6GpfHAoan3dGHMofrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.24.0/24
45.12.26.0/24
Signature Algorithm: sha256WithRSAEncryption
54:5b:5a:8a:26:79:07:59:b4:1a:eb:c7:ab:2a:94:ea:43:a1:
c4:67:0b:b4:f1:b2:30:73:14:ee:8c:36:73:98:d6:ad:6d:a2:
5b:d1:a3:65:51:78:5a:65:f6:2f:11:1c:88:4f:3c:74:d5:81:
fe:a3:57:cf:a4:00:1b:d4:10:6b:b6:ff:c0:c2:b5:6f:75:e8:
34:95:75:48:9a:4a:7b:2b:c7:be:2a:75:67:37:d7:d9:d0:73:
fa:dd:6f:0b:65:ab:d2:ed:58:be:42:92:55:45:0a:93:60:44:
7c:d8:c6:2b:a3:1e:3a:06:0f:39:78:ed:f6:69:47:d5:08:0e:
cd:26:9d:19:71:c5:d3:81:11:79:3a:0a:e8:e7:1a:37:0c:0c:
0f:22:83:39:eb:8c:55:fe:f2:61:f0:72:67:75:6c:94:5f:31:
31:3e:eb:aa:16:c0:05:46:37:71:33:30:ba:e8:d4:6a:62:90:
c6:ba:35:bc:d5:c3:cb:23:97:f8:0a:a7:f6:10:00:e5:9c:68:
f4:50:af:b1:13:56:ec:01:64:27:e1:ee:93:22:44:b5:16:46:
2a:f3:b4:b8:c6:86:79:20:6a:8a:62:b4:c1:53:4a:4f:5f:5a:
24:b1:c4:72:57:e0:f6:5f:d7:ba:66:5a:9d:ce:c5:b5:2b:17:
d1:52:87:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1WFWbylN2Q9opAVmvyQnR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjQwMTI5MTYzNzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQzODg1N2JiZjM0N2ExYTk3YzcwMjg2YTdkZGQxODczMjg3ZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKqXChrJuZYot8vnqtjf5O+vHjSf
ULB5bSJpBK+WtLuYytM0UDlltPZvUXQu3dLxAJrN+9OkiqL0dCKwyJCZvBnkRQRL
4dCqqeSgqMrGh9Xw7NR1AKMZhEGfuFt0vthnJox0ETn6Pns3ajl+/XhTUy+SQskl
SCOltxmohiSAQHc1rYfXXbI+m7JQMQQRvOjxSXzid86tzzb+MBPj3Hq3IRgRnoZ1
Ofr7/XOHBYnZtgQUmbFbDaPRhPeq42zHdSQ/8jM2u94NjJJ2f2oYMfyNUg3GXMtz
3PNXRxzjCDVwdsTLdKEOjuZ1+pmNwtBLBhCuKT7F+PNjg9HSFB65SnJN5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLJDiFe780ehqXxwKGp93RhzKH63MB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvc2tPSVY3dnpSNkdwZkhBb2FuM2RHSE1vZnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQwYAwQA
LQwaMA0GCSqGSIb3DQEBCwUAA4IBAQBUW1qKJnkHWbQa68erKpTqQ6HEZwu08bIw
cxTujDZzmNatbaJb0aNlUXhaZfYvERyITzx01YH+o1fPpAAb1BBrtv/AwrVvdeg0
lXVImkp7K8e+KnVnN9fZ0HP63W8LZavS7Vi+QpJVRQqTYER82MYrox46Bg85eO32
aUfVCA7NJp0ZccXTgRF5Ogro5xo3DAwPIoM564xV/vJh8HJndWyUXzExPuuqFsAF
RjdxMzC66NRqYpDGujW81cPLI5f4Cqf2EADlnGj0UK+xE1bsAWQn4e6TIkS1FkYq
87S4xoZ5IGqKYrTBU0pPX1okscRyV+D2X9e6ZlqdzsW1KxfRUoci
-----END CERTIFICATE-----
Generated at Fri Mar 22 21:22:07 2024 by rpki-client on console-ams.rpki-client.org