Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/T8lYEyaJmPMrATjlztDuT0wMCds.roa
File: T8lYEyaJmPMrATjlztDuT0wMCds.roa (raw, json)
Hash identifier: 8VpxrpvcslcF+ulJ7OZmi+gIM7LB/XwfI+YKStEnssY=
Subject key identifier: 4F:C9:58:13:26:89:98:F3:2B:01:38:E5:CE:D0:EE:4F:4C:0C:09:DB
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DD066676A69EA9FADD477D8BD88FD6B14
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/T8lYEyaJmPMrATjlztDuT0wMCds.roa
Signing time: Thu 22 Feb 2024 10:39:48 +0000
ROA not before: Thu 22 Feb 2024 10:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.50.0/24 maxlen: 24
147.45.116.0/24 maxlen: 24
147.45.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 08:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:66:67:6a:69:ea:9f:ad:d4:77:d8:bd:88:fd:6b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 22 10:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fc95813268998f32b0138e5ced0ee4f4c0c09db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1e:c3:fd:88:26:b3:04:f0:1c:fe:78:47:7d:
35:7a:0d:f5:8d:a2:f5:71:b5:a8:32:d6:21:75:59:
e9:28:13:23:8e:bc:aa:9a:79:20:9b:bb:35:1b:f9:
a5:58:71:e0:77:0e:f8:98:32:7d:ae:83:21:7d:07:
47:07:dc:ab:1a:cb:df:06:4c:16:49:99:3a:fe:01:
48:f5:df:e0:f9:35:f2:47:79:59:f3:1f:a1:0c:da:
22:37:6b:63:ad:2c:90:1c:47:92:67:43:d2:4a:d6:
8f:e8:a5:b8:3c:6b:22:ee:7f:ad:bc:b1:cd:d6:48:
74:5e:e3:98:40:7a:8a:2a:23:22:d3:58:f2:d7:69:
b8:00:88:eb:6d:39:5c:1a:f6:e6:cf:68:84:50:05:
d1:e9:5a:20:47:24:42:35:60:ab:cf:b2:2a:2a:d8:
41:36:86:10:e6:6a:cf:30:f9:08:96:83:88:85:fe:
f9:cd:68:df:20:d1:e7:a7:65:0d:19:51:91:8c:84:
65:ca:68:cb:0f:89:6b:7a:a4:8c:17:75:87:36:25:
21:27:9d:80:42:94:c5:09:9c:c2:e4:a5:bc:f2:75:
a1:04:d6:d6:ab:4c:26:70:05:8c:fe:54:6a:a1:ee:
44:4a:bb:cf:3e:d7:97:d2:79:1e:2b:82:79:6b:20:
b9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C9:58:13:26:89:98:F3:2B:01:38:E5:CE:D0:EE:4F:4C:0C:09:DB
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/T8lYEyaJmPMrATjlztDuT0wMCds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.50.0/24
147.45.116.0/24
147.45.204.0/24
Signature Algorithm: sha256WithRSAEncryption
34:5d:35:a4:08:bf:de:82:7d:78:b4:ef:0b:aa:69:1b:6c:9c:
11:39:87:01:9c:b0:57:bc:63:58:af:6a:57:a4:88:3f:75:e4:
44:0e:8c:5a:57:70:80:53:3a:21:7b:10:0c:2e:4f:58:71:e9:
a5:c0:4f:97:0b:80:2f:06:3b:a0:4e:35:6f:f5:a4:dd:8b:cb:
63:c6:d4:d5:31:20:4a:b3:4a:94:35:0b:04:3e:28:54:c1:94:
bd:c9:b5:a4:49:f5:04:10:ba:e2:3f:d7:f9:62:ba:bd:95:a6:
de:35:b6:f1:78:0a:2e:99:96:f2:32:04:43:0c:bc:59:ce:48:
d5:37:cb:33:db:f8:8c:93:d0:60:d6:01:34:c5:a0:1e:f9:a7:
9d:77:f4:4c:a1:d2:1e:f6:dd:ff:a9:44:5b:ab:2f:5b:b1:62:
b6:fa:65:e6:c8:2a:30:d9:c4:66:1f:83:5d:42:5e:34:92:0d:
ed:31:5b:61:c7:d2:10:73:89:e5:1f:ce:57:ef:a9:5d:ff:e1:
c8:00:ed:9e:ab:88:06:80:f3:c5:9d:a7:d0:85:7e:62:0e:d6:
83:fd:8b:c1:b5:43:d0:d7:c0:6a:ab:e3:09:69:ad:0e:ec:65:
d6:e1:52:2a:1f:94:5d:0d:39:41:c7:b7:5f:c1:0b:24:de:2c:
4e:8a:f6:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3QZmdqaeqfrdR32L2I/WsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjIyMTAzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmM5NTgxMzI2ODk5OGYzMmIwMTM4ZTVjZWQwZWU0ZjRjMGMwOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih7D/YgmswTwHP54R301eg31jaL1
cbWoMtYhdVnpKBMjjryqmnkgm7s1G/mlWHHgdw74mDJ9roMhfQdHB9yrGsvfBkwW
SZk6/gFI9d/g+TXyR3lZ8x+hDNoiN2tjrSyQHEeSZ0PSStaP6KW4PGsi7n+tvLHN
1kh0XuOYQHqKKiMi01jy12m4AIjrbTlcGvbmz2iEUAXR6VogRyRCNWCrz7IqKthB
NoYQ5mrPMPkIloOIhf75zWjfINHnp2UNGVGRjIRlymjLD4lreqSMF3WHNiUhJ52A
QpTFCZzC5KW88nWhBNbWq0wmcAWM/lRqoe5ESrvPPteX0nkeK4J5ayC5zQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/JWBMmiZjzKwE45c7Q7k9MDAnbMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVDhsWUV5YUptUE1yQVRqbHp0RHVUMHdNQ2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAky0yAwQA
ky10AwQAky3MMA0GCSqGSIb3DQEBCwUAA4IBAQA0XTWkCL/egn14tO8LqmkbbJwR
OYcBnLBXvGNYr2pXpIg/deREDoxaV3CAUzohexAMLk9YcemlwE+XC4AvBjugTjVv
9aTdi8tjxtTVMSBKs0qUNQsEPihUwZS9ybWkSfUEELriP9f5Yrq9labeNbbxeAou
mZbyMgRDDLxZzkjVN8sz2/iMk9Bg1gE0xaAe+aedd/RModIe9t3/qURbqy9bsWK2
+mXmyCow2cRmH4NdQl40kg3tMVthx9IQc4nlH85X76ld/+HIAO2eq4gGgPPFnafQ
hX5iDtaD/YvBtUPQ18Bqq+MJaa0O7GXW4VIqH5RdDTlBx7dfwQsk3ixOivaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org