Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/CV2BFrhwwRjxBpXtB0YkYquHhL0.roa
File: CV2BFrhwwRjxBpXtB0YkYquHhL0.roa (raw, json)
Hash identifier: R0PmIGq+BUlO5+Gt0rk55BUi2g2w8zvWeCL6Mfy3zmI=
Subject key identifier: 09:5D:81:16:B8:70:C1:18:F1:06:95:ED:07:46:24:62:AB:87:84:BD
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F48E6DFD3B1C272F0BB9BFD2A11D
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/CV2BFrhwwRjxBpXtB0YkYquHhL0.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202335
IP address blocks: 45.8.179.0/24 maxlen: 24
45.8.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 13:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f4:8e:6d:fd:3b:1c:27:2f:0b:b9:bf:d2:a1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=095d8116b870c118f10695ed07462462ab8784bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:e1:87:93:d8:55:58:4e:ed:31:a8:39:02:
95:e4:e4:ae:61:ef:0a:17:53:72:d4:aa:0a:f4:01:
8c:ae:f9:0e:28:46:b3:4c:87:0c:14:2a:af:e6:45:
9c:45:5b:bd:66:73:9b:55:db:ee:45:55:bb:e5:f8:
eb:3a:ec:4e:c0:20:11:2c:61:0d:03:14:e3:67:27:
e9:50:de:d6:5f:64:31:c1:e8:a4:e3:55:6a:b8:78:
71:1e:af:41:84:bc:19:15:98:bb:66:9f:91:ec:38:
ed:6d:c7:5a:22:ab:ef:28:9d:7c:6d:89:96:65:ce:
ca:9d:27:a5:43:8d:0c:ba:44:33:d0:26:88:23:a2:
b8:84:05:1b:a8:4b:15:a4:f7:f0:38:c2:4b:45:ad:
0a:9e:7c:ad:e9:29:e3:d5:d2:c2:26:4a:1a:a3:08:
cd:0a:3c:35:e5:71:f0:95:1a:94:cc:22:14:99:12:
0b:80:ec:70:d8:77:ff:8f:f8:32:51:ed:05:45:52:
0b:c1:e8:cd:9a:f6:d3:23:36:ad:8d:66:02:f5:68:
17:03:0b:52:8b:ae:fb:24:6c:04:fd:f1:57:2b:02:
07:ed:66:4a:1d:e7:2a:8e:03:bd:ed:48:3f:ee:22:
b1:5d:67:43:2b:c0:39:22:30:0a:b2:a7:38:1e:b6:
c4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5D:81:16:B8:70:C1:18:F1:06:95:ED:07:46:24:62:AB:87:84:BD
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/CV2BFrhwwRjxBpXtB0YkYquHhL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.178.0/23
Signature Algorithm: sha256WithRSAEncryption
31:46:3e:19:25:d9:9f:8e:ba:f9:00:2b:db:4c:ae:e0:6d:94:
16:f8:a5:3b:9e:33:7b:63:18:dd:5c:df:a1:a3:d7:d4:2a:a6:
a0:c5:08:0a:6f:ac:43:86:d1:dd:0a:00:2c:b4:51:fb:17:0e:
fb:78:ae:51:6b:a7:de:42:5c:8b:5b:3a:38:38:15:be:5c:68:
c8:dc:24:62:d1:b0:ef:13:14:bd:cf:cc:d7:7e:35:ce:f8:c2:
1f:ec:88:a5:12:be:f0:41:7b:cb:d3:fb:a6:9f:2a:d1:48:e0:
b8:ae:be:35:e2:25:98:74:89:26:13:01:37:ca:1f:8f:ba:c0:
b4:dc:33:20:93:1d:1d:ef:b7:ff:ca:c6:81:1c:67:90:03:11:
b3:cd:e9:18:64:d4:8c:31:1a:cb:9c:ed:9b:0a:01:04:13:28:
a0:d8:06:a8:42:04:73:53:4f:16:62:e3:94:d8:bd:de:ac:a9:
21:d5:51:0d:f7:40:1f:cf:28:a8:9f:0f:a6:d1:39:a9:a4:5c:
fa:f7:37:a5:a2:99:10:cf:e2:e8:eb:88:6b:f7:ee:b7:eb:8c:
e2:5e:06:a3:cd:0e:b7:11:e8:df:67:0a:ce:1c:90:10:fe:4b:
7c:e2:70:98:31:5e:83:0d:37:89:93:55:66:25:d9:7a:41:0a:
e0:2f:b6:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvSObf07HCcvC7m/0qEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTVkODExNmI4NzBjMTE4ZjEwNjk1ZWQwNzQ2MjQ2MmFiODc4NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGrhh5PYVVhO7TGoOQKV5OSuYe8K
F1Ny1KoK9AGMrvkOKEazTIcMFCqv5kWcRVu9ZnObVdvuRVW75fjrOuxOwCARLGEN
AxTjZyfpUN7WX2Qxweik41VquHhxHq9BhLwZFZi7Zp+R7DjtbcdaIqvvKJ18bYmW
Zc7KnSelQ40MukQz0CaII6K4hAUbqEsVpPfwOMJLRa0Knnyt6Snj1dLCJkoaowjN
Cjw15XHwlRqUzCIUmRILgOxw2Hf/j/gyUe0FRVILwejNmvbTIzatjWYC9WgXAwtS
i677JGwE/fFXKwIH7WZKHecqjgO97Ug/7iKxXWdDK8A5IjAKsqc4HrbEIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAldgRa4cMEY8QaV7QdGJGKrh4S9MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvQ1YyQkZyaHd3Ump4QnBYdEIwWWtZcXVIaEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQiyMA0G
CSqGSIb3DQEBCwUAA4IBAQAxRj4ZJdmfjrr5ACvbTK7gbZQW+KU7njN7YxjdXN+h
o9fUKqagxQgKb6xDhtHdCgAstFH7Fw77eK5Ra6feQlyLWzo4OBW+XGjI3CRi0bDv
ExS9z8zXfjXO+MIf7IilEr7wQXvL0/umnyrRSOC4rr414iWYdIkmEwE3yh+PusC0
3DMgkx0d77f/ysaBHGeQAxGzzekYZNSMMRrLnO2bCgEEEyig2AaoQgRzU08WYuOU
2L3erKkh1VEN90Afzyionw+m0TmppFz69zelopkQz+Lo64hr9+6364ziXgajzQ63
EejfZwrOHJAQ/kt84nCYMV6DDTeJk1VmJdl6QQrgL7ZH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org