Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/0VvOq9PGkNtCES_F98Idn0fDbSA.roa
File: 0VvOq9PGkNtCES_F98Idn0fDbSA.roa (raw, json)
Hash identifier: gF1eUZgTIB9Wl4qIhjVbZ4pv46q2qMstHh8n4cZ7E6c=
Subject key identifier: D1:5B:CE:AB:D3:C6:90:DB:42:11:2F:C5:F7:C2:1D:9F:47:C3:6D:20
Certificate issuer: /CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Certificate serial: 01856C412F980AA8EEC26B41062C19B513B4
Authority key identifier: B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/0VvOq9PGkNtCES_F98Idn0fDbSA.roa
Signing time: Sun 01 Jan 2023 07:34:49 +0000
ROA not before: Sun 01 Jan 2023 07:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208201
IP address blocks: 45.153.120.0/24 maxlen: 24
2a0f:af00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:2f:98:0a:a8:ee:c2:6b:41:06:2c:19:b5:13:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43d4e9fe3a5487d20f1000191629150f628f3a1
Validity
Not Before: Jan 1 07:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d15bceabd3c690db42112fc5f7c21d9f47c36d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7a:e2:ff:5e:e2:ad:d9:56:70:b7:83:3f:af:
c1:85:cd:b8:93:70:4c:2c:0d:79:80:3e:59:e6:ec:
4f:ac:7c:05:e1:a2:fd:8c:76:b1:18:3d:94:0d:4e:
b9:af:11:cd:47:82:67:3e:7d:58:4e:8a:b5:e4:17:
85:6b:f7:f7:61:33:29:d7:99:ec:36:69:59:48:0c:
4a:bb:ac:41:c1:c2:db:1d:5b:39:1c:83:82:e5:7f:
21:72:f4:84:e4:2c:fa:12:76:68:27:7a:27:32:62:
f2:79:90:08:84:fa:ca:df:65:89:4b:c3:7b:91:84:
5d:53:82:9f:66:3e:45:4d:e4:aa:d1:48:3f:b5:8d:
6c:9f:6d:a9:8d:36:90:95:62:ac:62:0c:0e:47:e4:
92:ff:0f:f5:c9:d8:5a:03:f9:c0:17:0f:d3:ce:2e:
f4:ad:61:47:ef:36:43:24:09:23:bb:e9:4c:a3:85:
7e:0f:a4:10:60:e9:57:fe:09:a7:79:8f:f9:dd:72:
66:83:36:e9:2d:d7:68:d6:bc:6f:a7:12:43:e4:76:
43:d1:69:a9:19:ab:b2:4d:cb:78:b9:48:ae:08:a5:
2c:3b:ac:92:34:39:d0:7e:83:02:55:a3:7f:f2:ed:
4a:27:1e:41:fb:0d:22:91:51:8e:98:bc:db:b9:39:
02:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5B:CE:AB:D3:C6:90:DB:42:11:2F:C5:F7:C2:1D:9F:47:C3:6D:20
X509v3 Authority Key Identifier:
keyid:B4:3D:4E:9F:E3:A5:48:7D:20:F1:00:01:91:62:91:50:F6:28:F3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tD1On-OlSH0g8QABkWKRUPYo86E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/0VvOq9PGkNtCES_F98Idn0fDbSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/18d035-3494-4ab7-a5cb-9f788fd27520/1/tD1On-OlSH0g8QABkWKRUPYo86E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.120.0/24
IPv6:
2a0f:af00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:01:bd:71:05:e8:de:45:44:52:17:61:99:6f:c4:c2:b8:3f:
ce:08:08:f0:5d:39:2d:ac:8f:2e:76:29:01:53:dc:9e:04:87:
31:be:b6:d8:fa:0d:99:29:46:c4:b0:c6:85:fd:6c:42:cf:0d:
f4:13:1c:38:58:0d:37:db:03:a9:d1:00:d4:d6:6a:c0:16:48:
7f:73:5a:51:f5:4c:1f:99:c1:77:a0:0a:cb:84:89:1b:60:0d:
61:f4:6d:b2:88:c0:77:44:46:bf:00:d8:8a:5b:10:88:22:b8:
f6:e1:5e:53:3a:cc:5b:89:e5:f0:d7:34:da:58:33:96:ca:02:
85:90:ed:07:a1:65:56:97:d6:30:c8:b0:ae:ef:32:77:a9:da:
72:51:03:47:47:14:d5:64:d9:08:31:e8:82:f3:da:b0:b4:b6:
5c:09:80:5a:2b:65:15:85:d9:e6:56:64:83:d5:fb:49:ee:14:
74:6f:64:a3:6f:a9:19:86:a6:e5:60:57:ff:ac:e7:e4:5f:96:
3b:43:53:9d:15:9c:bc:4a:65:3e:8d:51:46:d8:cf:02:81:c7:
51:f7:c9:fe:73:40:83:2a:09:b4:3c:fd:b0:63:c5:22:63:57:
be:1c:36:a0:e1:a3:64:f5:71:aa:88:98:b9:63:be:0b:05:43:
c8:5c:19:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQS+YCqjuwmtBBiwZtRO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2Q0ZTlmZTNhNTQ4N2QyMGYxMDAwMTkxNjI5MTUwZjYy
OGYzYTEwHhcNMjMwMTAxMDczNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTViY2VhYmQzYzY5MGRiNDIxMTJmYzVmN2MyMWQ5ZjQ3YzM2ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXri/17irdlWcLeDP6/Bhc24k3BM
LA15gD5Z5uxPrHwF4aL9jHaxGD2UDU65rxHNR4JnPn1YToq15BeFa/f3YTMp15ns
NmlZSAxKu6xBwcLbHVs5HIOC5X8hcvSE5Cz6EnZoJ3onMmLyeZAIhPrK32WJS8N7
kYRdU4KfZj5FTeSq0Ug/tY1sn22pjTaQlWKsYgwOR+SS/w/1ydhaA/nAFw/Tzi70
rWFH7zZDJAkju+lMo4V+D6QQYOlX/gmneY/53XJmgzbpLddo1rxvpxJD5HZD0Wmp
GauyTct4uUiuCKUsO6ySNDnQfoMCVaN/8u1KJx5B+w0ikVGOmLzbuTkCzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNFbzqvTxpDbQhEvxffCHZ9Hw20gMB8GA1UdIwQY
MBaAFLQ9Tp/jpUh9IPEAAZFikVD2KPOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2It
OWY3ODhmZDI3NTIwLzEvMFZ2T3E5UEdrTnRDRVNfRjk4SWRuMGZEYlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8xOGQwMzUtMzQ5NC00YWI3LWE1Y2ItOWY3ODhmZDI3NTIw
LzEvdEQxT24tT2xTSDBnOFFBQmtXS1JVUFlvODZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZl4MA0E
AgACMAcDBQAqD68AMA0GCSqGSIb3DQEBCwUAA4IBAQBsAb1xBejeRURSF2GZb8TC
uD/OCAjwXTktrI8udikBU9yeBIcxvrbY+g2ZKUbEsMaF/WxCzw30Exw4WA032wOp
0QDU1mrAFkh/c1pR9UwfmcF3oArLhIkbYA1h9G2yiMB3REa/ANiKWxCIIrj24V5T
OsxbieXw1zTaWDOWygKFkO0HoWVWl9YwyLCu7zJ3qdpyUQNHRxTVZNkIMeiC89qw
tLZcCYBaK2UVhdnmVmSD1ftJ7hR0b2Sjb6kZhqblYFf/rOfkX5Y7Q1OdFZy8SmU+
jVFG2M8CgcdR98n+c0CDKgm0PP2wY8UiY1e+HDag4aNk9XGqiJi5Y74LBUPIXBne
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:41 2024 by rpki-client on console-fra.rpki-client.org