Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/E5pM2P5zoxRkJR-ytbqYyf8UXdA.roa
File: E5pM2P5zoxRkJR-ytbqYyf8UXdA.roa (raw, json)
Hash identifier: WIvWlKaudbHo/FSi4Zd5CY55bkxBsWAyePg8BonN8+U=
Subject key identifier: 13:9A:4C:D8:FE:73:A3:14:64:25:1F:B2:B5:BA:98:C9:FF:14:5D:D0
Certificate issuer: /CN=f541d46893aaa164fe2673990d07aa6c071003c0
Certificate serial: 01856FC26780E8C48DAC6455D873F39505C3
Authority key identifier: F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/E5pM2P5zoxRkJR-ytbqYyf8UXdA.roa
Signing time: Sun 01 Jan 2023 23:54:49 +0000
ROA not before: Sun 01 Jan 2023 23:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44084
IP address blocks: 217.115.16.0/20 maxlen: 24
45.67.124.0/22 maxlen: 24
2a09:6240::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:67:80:e8:c4:8d:ac:64:55:d8:73:f3:95:05:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f541d46893aaa164fe2673990d07aa6c071003c0
Validity
Not Before: Jan 1 23:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=139a4cd8fe73a31464251fb2b5ba98c9ff145dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:64:53:45:83:29:69:48:e3:20:9e:bb:3b:7b:
27:ef:b7:f8:cb:d2:81:44:fe:29:99:9b:f2:a6:87:
1d:43:a0:da:4a:fc:99:97:2f:42:28:d5:8a:42:c1:
a9:57:76:ed:4c:b8:a4:82:87:25:3b:59:c9:d9:60:
ad:4d:ea:c1:3c:97:4d:81:f4:55:a1:3c:ef:70:e7:
3b:81:95:1e:ef:3b:11:0c:a9:50:b8:1b:b7:c5:74:
81:68:85:1a:2b:87:02:b1:0c:63:a4:6d:b5:3c:b2:
c0:65:bc:2e:00:43:c3:7c:9d:67:8a:42:03:88:dd:
7b:d7:bd:bd:88:61:6d:ea:22:29:47:0b:c6:6d:66:
3b:8f:4d:73:0e:8c:77:52:e8:0b:c2:c4:67:7c:ba:
e6:6a:bb:7d:e6:01:69:cf:a1:d1:4f:1d:d2:ce:87:
a5:da:c7:45:27:61:ab:89:ce:66:a4:6b:d6:c1:af:
cd:51:f4:7d:3e:ca:75:0e:87:b7:e8:99:2c:c8:f6:
f3:5a:83:b2:28:b5:e2:8a:f8:36:95:f7:aa:05:f1:
a2:59:d4:96:0b:91:00:e1:18:30:67:69:33:ed:cd:
b4:89:6e:11:84:63:b5:4f:b6:f2:99:7a:42:e2:cf:
2f:31:14:68:8b:a8:5c:67:13:40:3c:bc:7d:ac:fd:
49:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:9A:4C:D8:FE:73:A3:14:64:25:1F:B2:B5:BA:98:C9:FF:14:5D:D0
X509v3 Authority Key Identifier:
keyid:F5:41:D4:68:93:AA:A1:64:FE:26:73:99:0D:07:AA:6C:07:10:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UHUaJOqoWT-JnOZDQeqbAcQA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/E5pM2P5zoxRkJR-ytbqYyf8UXdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2e95e7-5644-46f2-8fa3-398c045189eb/1/9UHUaJOqoWT-JnOZDQeqbAcQA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.124.0/22
217.115.16.0/20
IPv6:
2a09:6240::/29
Signature Algorithm: sha256WithRSAEncryption
7f:5e:b6:6d:e8:e7:1e:df:c1:69:17:42:47:22:0a:26:77:47:
2f:01:aa:ea:17:3f:4c:59:ea:90:05:88:48:45:70:34:3a:49:
7e:76:e5:1a:84:d6:9a:3b:3f:f8:cd:78:30:5b:c3:6c:89:1b:
27:e8:ce:94:c0:f7:2f:87:6d:75:53:84:02:ad:06:89:8f:a9:
65:c0:0f:59:43:50:62:23:c6:ba:89:f5:e4:a1:20:d5:18:f2:
bc:a9:8e:d6:1c:72:a3:bc:8e:fc:5d:99:66:73:10:9d:2b:b8:
13:3a:a2:a0:ed:fc:6a:36:8f:1b:66:1c:4a:2b:8d:a1:cc:b7:
14:25:a2:e0:e8:87:17:f3:f1:68:43:91:5c:79:5a:6b:9d:dc:
da:20:27:ed:05:d4:3e:3f:d4:58:06:ca:d9:c3:40:24:75:49:
8e:ba:2b:fe:86:59:ec:53:4b:d8:2f:e8:10:b9:e8:6d:a9:6b:
ad:fe:ae:7d:53:4d:74:67:c9:cf:8d:e2:ba:08:6d:94:ea:51:
4a:ec:15:15:de:43:b2:17:aa:0e:05:cf:17:ea:1e:c2:06:0d:
86:5e:15:8f:2d:94:c8:4a:7e:1c:74:50:66:3c:2f:62:38:8e:
4d:9d:6d:79:30:1f:b8:9e:50:8e:42:60:db:0d:6a:33:95:b6:
d4:9a:89:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwmeA6MSNrGRV2HPzlQXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDFkNDY4OTNhYWExNjRmZTI2NzM5OTBkMDdhYTZjMDcx
MDAzYzAwHhcNMjMwMTAxMjM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzlhNGNkOGZlNzNhMzE0NjQyNTFmYjJiNWJhOThjOWZmMTQ1ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGRTRYMpaUjjIJ67O3sn77f4y9KB
RP4pmZvypocdQ6DaSvyZly9CKNWKQsGpV3btTLikgoclO1nJ2WCtTerBPJdNgfRV
oTzvcOc7gZUe7zsRDKlQuBu3xXSBaIUaK4cCsQxjpG21PLLAZbwuAEPDfJ1nikID
iN171729iGFt6iIpRwvGbWY7j01zDox3UugLwsRnfLrmart95gFpz6HRTx3Szoel
2sdFJ2Gric5mpGvWwa/NUfR9Psp1Doe36JksyPbzWoOyKLXiivg2lfeqBfGiWdSW
C5EA4RgwZ2kz7c20iW4RhGO1T7bymXpC4s8vMRRoi6hcZxNAPLx9rP1JHwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBOaTNj+c6MUZCUfsrW6mMn/FF3QMB8GA1UdIwQY
MBaAFPVB1GiTqqFk/iZzmQ0HqmwHEAPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMt
Mzk4YzA0NTE4OWViLzEvRTVwTTJQNXpveFJrSlIteXRicVl5ZjhVWGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yZTk1ZTctNTY0NC00NmYyLThmYTMtMzk4YzA0NTE4OWVi
LzEvOVVIVWFKT3FvV1QtSm5PWkRRZXFiQWNRQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLUN8AwQE
2XMQMA0EAgACMAcDBQMqCWJAMA0GCSqGSIb3DQEBCwUAA4IBAQB/XrZt6Oce38Fp
F0JHIgomd0cvAarqFz9MWeqQBYhIRXA0Okl+duUahNaaOz/4zXgwW8NsiRsn6M6U
wPcvh211U4QCrQaJj6llwA9ZQ1BiI8a6ifXkoSDVGPK8qY7WHHKjvI78XZlmcxCd
K7gTOqKg7fxqNo8bZhxKK42hzLcUJaLg6IcX8/FoQ5FceVprndzaICftBdQ+P9RY
BsrZw0AkdUmOuiv+hlnsU0vYL+gQuehtqWut/q59U010Z8nPjeK6CG2U6lFK7BUV
3kOyF6oOBc8X6h7CBg2GXhWPLZTISn4cdFBmPC9iOI5NnW15MB+4nlCOQmDbDWoz
lbbUmon5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org