Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8V4FCzDJmJuPtazH4wKn5hda-2E.roa
File: 8V4FCzDJmJuPtazH4wKn5hda-2E.roa (raw, json)
Hash identifier: ZTh+kyJquPFYBZsFmobrpQZ3ZhmLQrAivaLXqutaBW8=
Subject key identifier: F1:5E:05:0B:30:C9:98:9B:8F:B5:AC:C7:E3:02:A7:E6:17:5A:FB:61
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018E0EF06C8D1AA6FB2E6F86A12073DA41CD
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8V4FCzDJmJuPtazH4wKn5hda-2E.roa
Signing time: Tue 05 Mar 2024 14:07:01 +0000
ROA not before: Tue 05 Mar 2024 14:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215415
IP address blocks: 45.8.176.0/24 maxlen: 24
45.142.0.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 13:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f0:6c:8d:1a:a6:fb:2e:6f:86:a1:20:73:da:41:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Mar 5 14:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f15e050b30c9989b8fb5acc7e302a7e6175afb61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:59:a7:34:c6:29:a3:71:d3:3f:40:1a:77:5e:
98:18:4e:56:51:2e:bf:df:2f:be:e8:e8:4b:11:20:
82:37:11:c2:47:8c:77:0a:10:31:21:1e:1b:02:f8:
40:d3:91:68:57:bd:a9:9f:52:d6:82:e8:d7:b8:e3:
09:40:df:28:37:0b:1d:23:32:34:99:43:1c:6b:80:
0f:86:3d:ee:62:6e:ec:9c:69:da:c8:6f:ae:4e:5e:
2c:c1:d7:e1:e0:59:30:70:f3:27:78:77:c2:1d:32:
86:51:d5:f3:b8:e4:0d:92:45:71:7d:0e:df:f8:66:
cc:f3:ff:26:be:1b:86:99:4b:78:2d:44:40:d0:a1:
0b:fb:44:aa:26:ff:04:57:a9:b8:06:3b:70:3b:06:
b7:8d:44:85:73:ff:73:ed:3b:85:97:b4:30:87:d1:
c1:01:94:b3:41:f8:1a:a0:33:e7:9d:4b:01:93:56:
b9:86:cf:8a:5b:70:7b:e2:7f:b3:b7:b8:26:f4:60:
91:49:84:86:e7:f3:9d:f3:1e:9e:a4:1c:56:be:14:
8c:94:3c:52:ba:49:b6:13:17:03:94:3a:44:9b:97:
6e:a4:f2:71:15:16:c7:36:16:c4:fd:de:2e:95:2a:
84:da:40:b1:14:f3:96:0a:47:92:d3:41:f0:8d:7c:
8b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5E:05:0B:30:C9:98:9B:8F:B5:AC:C7:E3:02:A7:E6:17:5A:FB:61
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8V4FCzDJmJuPtazH4wKn5hda-2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.176.0/24
45.142.0.0/24
45.148.147.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f3:ab:09:73:ca:71:93:43:f8:90:df:71:fa:95:58:2e:9c:
fd:ba:cd:2f:14:e2:e7:0f:53:25:68:71:48:ab:ba:ea:9f:e7:
5d:8f:1c:b6:bd:06:4e:df:f6:db:ba:d4:b3:4d:b3:6a:f8:27:
08:c9:04:5d:b1:c0:b1:f2:2b:de:6c:53:2c:11:6b:73:74:9c:
6a:9a:c7:a0:c0:37:f8:bc:b0:9b:c3:c0:c3:13:40:e8:8c:59:
67:65:ec:88:70:d7:2b:28:cb:c6:1a:53:68:f8:5f:33:53:79:
75:d9:07:79:51:a6:bd:a6:33:b6:02:9b:15:d2:68:e9:4a:fc:
40:e0:7c:75:51:8a:a6:32:44:84:cf:38:9f:78:f7:56:a8:99:
58:55:a0:04:a3:0f:aa:82:f3:78:c4:65:a5:6c:47:b3:93:30:
12:fc:3a:17:b1:53:cd:cb:cb:d9:87:d0:3d:b3:01:de:70:7f:
f2:65:09:1d:b3:60:aa:83:e2:93:8f:0a:40:01:ee:83:08:46:
a6:df:26:c8:b0:f4:1c:d8:19:4b:1a:d8:4e:82:ab:15:11:85:
1f:2b:57:bc:ee:d2:b1:1d:e8:21:69:38:5a:b1:68:cd:7f:1a:
6f:58:00:fa:d0:89:66:6c:74:55:f7:3e:af:44:bf:2a:33:7e:
fe:77:71:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4O8GyNGqb7Lm+GoSBz2kHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMzA1MTQwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTVlMDUwYjMwYzk5ODliOGZiNWFjYzdlMzAyYTdlNjE3NWFmYjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVmnNMYpo3HTP0Aad16YGE5WUS6/
3y++6OhLESCCNxHCR4x3ChAxIR4bAvhA05FoV72pn1LWgujXuOMJQN8oNwsdIzI0
mUMca4APhj3uYm7snGnayG+uTl4swdfh4FkwcPMneHfCHTKGUdXzuOQNkkVxfQ7f
+GbM8/8mvhuGmUt4LURA0KEL+0SqJv8EV6m4BjtwOwa3jUSFc/9z7TuFl7Qwh9HB
AZSzQfgaoDPnnUsBk1a5hs+KW3B74n+zt7gm9GCRSYSG5/Od8x6epBxWvhSMlDxS
ukm2ExcDlDpEm5dupPJxFRbHNhbE/d4ulSqE2kCxFPOWCkeS00HwjXyLTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPFeBQswyZibj7Wsx+MCp+YXWvthMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvOFY0RkN6REptSnVQdGF6SDR3S241aGRhLTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQiwAwQA
LY4AAwQALZSTMA0GCSqGSIb3DQEBCwUAA4IBAQAA86sJc8pxk0P4kN9x+pVYLpz9
us0vFOLnD1MlaHFIq7rqn+ddjxy2vQZO3/bbutSzTbNq+CcIyQRdscCx8ivebFMs
EWtzdJxqmsegwDf4vLCbw8DDE0DojFlnZeyIcNcrKMvGGlNo+F8zU3l12Qd5Uaa9
pjO2ApsV0mjpSvxA4Hx1UYqmMkSEzzifePdWqJlYVaAEow+qgvN4xGWlbEezkzAS
/DoXsVPNy8vZh9A9swHecH/yZQkds2Cqg+KTjwpAAe6DCEam3ybIsPQc2BlLGthO
gqsVEYUfK1e87tKxHeghaThasWjNfxpvWAD60IlmbHRV9z6vRL8qM37+d3GP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:22 2025 by rpki-client