Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xIAvNXaEsxfnniXDGmRQgG8BmaQ.roa
File: xIAvNXaEsxfnniXDGmRQgG8BmaQ.roa (raw, json)
Hash identifier: Y7xfl7raoo7hLuWXSx3TevcNmJFmOemL7nE0UBAM/Sw=
Subject key identifier: C4:80:2F:35:76:84:B3:17:E7:9E:25:C3:1A:64:50:80:6F:01:99:A4
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E8F390F4E02BB83D9BECA3E68A8024D8D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xIAvNXaEsxfnniXDGmRQgG8BmaQ.roa
Signing time: Sat 30 Mar 2024 11:57:45 +0000
ROA not before: Sat 30 Mar 2024 11:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 147.45.136.0/22 maxlen: 24
147.45.140.0/22 maxlen: 24
147.45.176.0/22 maxlen: 24
147.45.180.0/22 maxlen: 24
147.45.184.0/22 maxlen: 24
193.233.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 20:21:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8f:39:0f:4e:02:bb:83:d9:be:ca:3e:68:a8:02:4d:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 30 11:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4802f357684b317e79e25c31a6450806f0199a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:d9:c4:7f:1d:a1:b8:a9:cf:30:41:71:7a:
dc:91:88:5b:37:9c:ff:88:1f:15:d0:0c:38:a8:6a:
a6:c2:95:16:0d:a3:55:c8:5b:6a:35:ba:bc:6a:e2:
36:de:5a:4d:db:38:e8:0e:ce:65:31:41:5f:61:27:
7c:2a:e6:af:f6:cb:aa:4a:22:df:96:49:cc:40:b3:
f8:6a:56:25:5c:3e:b7:1c:f5:3c:23:35:b4:64:5d:
76:96:d2:27:e6:bc:3d:0a:59:17:8c:f4:e5:1f:90:
b4:93:88:90:71:38:96:33:bc:f8:05:15:2c:53:f4:
d6:41:93:14:21:6e:99:0c:2e:72:51:a5:28:a3:59:
37:e3:7d:fa:63:46:30:5f:ee:67:31:7d:ef:f6:46:
91:1d:74:e4:4c:16:b8:37:de:77:9c:13:8e:eb:d5:
3d:06:32:b6:a3:10:93:d4:09:2f:80:51:f1:32:a1:
2f:0f:06:48:9d:4c:5d:7b:c4:f7:8d:61:35:20:1c:
b5:d9:5c:7e:0f:94:2b:aa:d5:7d:22:3d:58:4f:3e:
c2:4e:93:28:8f:95:20:8a:5d:10:5b:19:23:ac:6e:
73:99:a9:10:13:11:de:58:7f:8b:02:4d:60:13:b4:
9d:c0:a1:2f:b1:71:46:05:fe:45:e2:b2:f1:22:9b:
d4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:80:2F:35:76:84:B3:17:E7:9E:25:C3:1A:64:50:80:6F:01:99:A4
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/xIAvNXaEsxfnniXDGmRQgG8BmaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.136.0/21
147.45.176.0-147.45.187.255
193.233.100.0/22
Signature Algorithm: sha256WithRSAEncryption
13:4b:4d:30:1d:97:4b:db:ec:df:df:06:dc:59:72:b7:f1:d1:
86:39:1f:18:a7:e8:99:88:99:51:0d:8d:f2:e2:83:84:1e:87:
9f:66:b0:8b:b7:48:4c:ce:ee:de:d8:26:ac:e8:a9:ff:74:6e:
e2:de:8c:cc:05:c6:82:ec:0a:d4:72:e7:75:93:58:8a:5b:f9:
8c:01:31:81:c0:1c:59:eb:2d:9d:7e:2a:d3:38:db:c6:c5:3e:
08:9f:8d:9a:09:c5:a5:7b:73:12:17:7f:81:ab:c3:78:df:f7:
66:0d:bb:db:6f:53:40:72:47:48:07:d5:8b:a0:b4:31:bb:dc:
26:c8:91:64:fa:71:b0:bb:54:35:a7:37:78:10:76:fb:1e:c9:
a5:b6:65:32:95:6d:b6:3e:5b:93:26:74:d4:c6:48:09:54:98:
b2:27:9c:7e:3f:a8:d2:bf:78:24:b3:d9:f2:0d:62:7a:00:3c:
1d:18:7c:48:b7:5e:4a:34:26:07:4a:b3:2f:ee:0e:d5:12:cf:
0c:87:11:94:7e:7f:a7:e6:45:ad:dd:a0:4e:74:bf:5b:06:9c:
60:4e:8b:f6:77:c2:36:bb:38:bb:43:5f:b4:f1:19:48:ba:bd:
b4:37:e0:ee:c8:f7:1b:94:e4:f7:d2:ab:c4:b6:bf:5d:6d:a0:
30:42:9c:4d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY6POQ9OAruD2b7KPmioAk2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzMwMTE1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgwMmYzNTc2ODRiMzE3ZTc5ZTI1YzMxYTY0NTA4MDZmMDE5OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1XZxH8dobipzzBBcXrckYhbN5z/
iB8V0Aw4qGqmwpUWDaNVyFtqNbq8auI23lpN2zjoDs5lMUFfYSd8Kuav9suqSiLf
lknMQLP4alYlXD63HPU8IzW0ZF12ltIn5rw9ClkXjPTlH5C0k4iQcTiWM7z4BRUs
U/TWQZMUIW6ZDC5yUaUoo1k34336Y0YwX+5nMX3v9kaRHXTkTBa4N953nBOO69U9
BjK2oxCT1AkvgFHxMqEvDwZInUxde8T3jWE1IBy12Vx+D5QrqtV9Ij1YTz7CTpMo
j5Ugil0QWxkjrG5zmakQExHeWH+LAk1gE7SdwKEvsXFGBf5F4rLxIpvUjQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMSALzV2hLMX554lwxpkUIBvAZmkMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveElBdk5YYUVzeGZubmlYREdtUlFnRzhCbWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDky2IMAwD
BASTLbADBAKTLbgDBALB6WQwDQYJKoZIhvcNAQELBQADggEBABNLTTAdl0vb7N/f
BtxZcrfx0YY5Hxin6JmImVENjfLig4Qeh59msIu3SEzO7t7YJqzoqf90buLejMwF
xoLsCtRy53WTWIpb+YwBMYHAHFnrLZ1+KtM428bFPgifjZoJxaV7cxIXf4Grw3jf
92YNu9tvU0ByR0gH1YugtDG73CbIkWT6cbC7VDWnN3gQdvseyaW2ZTKVbbY+W5Mm
dNTGSAlUmLInnH4/qNK/eCSz2fINYnoAPB0YfEi3Xko0JgdKsy/uDtUSzwyHEZR+
f6fmRa3doE50v1sGnGBOi/Z3wja7OLtDX7TxGUi6vbQ34O7I9xuU5PfSq8S2v11t
oDBCnE0=
-----END CERTIFICATE-----
Generated at Tue Apr 2 23:44:44 2024 by rpki-client on console-fra.rpki-client.org