Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/26WfeOrzzuSE_JNfPWmB0fqQWZU.roa
File: 26WfeOrzzuSE_JNfPWmB0fqQWZU.roa (raw, json)
Hash identifier: VpMfyUlm+WDkQ8BKplEzImDekvU+iFSm5QLT9C/vrCo=
Subject key identifier: DB:A5:9F:78:EA:F3:CE:E4:84:FC:93:5F:3D:69:81:D1:FA:90:59:95
Certificate issuer: /CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Certificate serial: 018571B0D83A9EAA3565A2B6E3E5963B1A03
Authority key identifier: 8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/26WfeOrzzuSE_JNfPWmB0fqQWZU.roa
Signing time: Mon 02 Jan 2023 08:54:53 +0000
ROA not before: Mon 02 Jan 2023 08:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35489
IP address blocks: 45.133.100.0/24 maxlen: 24
45.133.101.0/24 maxlen: 24
193.8.4.0/24 maxlen: 24
193.8.4.0/23 maxlen: 23
193.8.5.0/24 maxlen: 24
193.8.6.0/24 maxlen: 24
193.8.7.0/24 maxlen: 24
2a0c:7cc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d8:3a:9e:aa:35:65:a2:b6:e3:e5:96:3b:1a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a1ce1d135bf2cf8e8c13f33ec11c8523703dc75
Validity
Not Before: Jan 2 08:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dba59f78eaf3cee484fc935f3d6981d1fa905995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:04:56:bd:a7:c1:39:4b:31:2c:18:87:df:c7:
02:78:91:c7:53:f1:77:ca:c9:69:0e:e5:17:01:4e:
cc:ff:6c:94:01:ec:1c:84:f5:cf:29:35:d0:fa:27:
ae:c3:8f:cf:d3:5d:fe:e3:1e:7f:01:d7:c7:3a:eb:
31:f5:6c:d4:5a:4c:9d:56:38:9d:27:61:6c:0d:f9:
fe:f6:97:a5:27:06:50:14:a0:94:31:95:61:55:21:
ad:c2:7d:ae:c1:02:22:5c:e5:b3:fe:a9:20:92:d9:
a6:bc:39:a9:13:fd:ef:ae:a5:04:21:10:9f:cd:c9:
e4:9a:ba:d1:97:49:3e:62:4e:e0:29:ce:55:cf:13:
d8:cb:10:7d:3f:c5:b4:a4:e2:c3:3a:04:53:07:a4:
44:63:d2:02:46:a7:8f:d6:13:ad:c5:ce:29:f4:9e:
8a:56:0f:d2:87:58:94:47:61:9e:17:1c:0f:79:ce:
15:76:37:7d:44:bb:6b:1a:c8:e7:a6:9b:ec:73:82:
e1:cb:42:7a:66:91:96:7f:cd:fd:4e:d7:cd:c3:25:
3e:17:4b:98:0a:68:e5:0c:66:26:1b:13:70:7e:ec:
e7:c7:3f:68:d2:b4:97:4c:02:92:fd:d1:6b:ff:d5:
7d:2f:5f:f8:57:b6:8c:d2:7e:56:4e:81:04:81:42:
13:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A5:9F:78:EA:F3:CE:E4:84:FC:93:5F:3D:69:81:D1:FA:90:59:95
X509v3 Authority Key Identifier:
keyid:8A:1C:E1:D1:35:BF:2C:F8:E8:C1:3F:33:EC:11:C8:52:37:03:DC:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihzh0TW_LPjowT8z7BHIUjcD3HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/26WfeOrzzuSE_JNfPWmB0fqQWZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/daf960-d060-49fc-af42-dee292ea87a3/1/ihzh0TW_LPjowT8z7BHIUjcD3HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.100.0/23
193.8.4.0/22
IPv6:
2a0c:7cc0::/48
Signature Algorithm: sha256WithRSAEncryption
87:8a:e3:39:f2:92:4b:6c:25:7a:a1:1d:3a:87:42:fb:2e:f5:
ab:f1:5e:d2:4f:ce:25:4a:9c:63:6d:29:cc:49:27:64:c5:0e:
86:91:42:48:2b:06:d5:73:8c:d2:54:83:03:26:b8:5f:39:ce:
59:ec:9f:48:c3:8a:c7:2a:6c:64:3c:70:c9:ef:e2:08:45:56:
d1:63:4b:5e:d3:3c:b1:c2:b4:9b:02:e2:91:b5:b3:49:72:72:
11:00:79:e0:f9:f4:c5:f7:a8:02:fb:ac:73:85:06:02:70:1c:
0d:ec:de:33:8c:98:7b:d8:a9:3f:24:ed:be:d9:6b:2c:42:ea:
d7:23:9c:2e:0b:d7:f6:f9:3b:4d:88:92:e5:03:9b:ea:2b:41:
d8:d9:25:a0:37:2c:f2:05:f3:ef:c6:d0:7e:6b:4f:f6:db:09:
5c:c8:f3:69:3b:e6:31:0d:56:cd:73:e2:d6:59:70:1a:70:07:
ca:17:7a:cb:a0:a9:17:d1:7e:88:af:fb:fa:1e:ba:c3:5c:6e:
ad:81:e0:20:3c:1e:a1:83:8c:94:03:39:f9:a5:ef:c9:b1:d0:
1f:30:5c:24:04:50:80:41:da:a7:fa:06:b4:0a:1a:e8:85:81:
19:fa:40:05:94:41:52:54:8e:7a:49:3e:9b:28:ad:1a:c9:9d:
43:08:4f:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxsNg6nqo1ZaK24+WWOxoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMWNlMWQxMzViZjJjZjhlOGMxM2YzM2VjMTFjODUyMzcw
M2RjNzUwHhcNMjMwMTAyMDg1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmE1OWY3OGVhZjNjZWU0ODRmYzkzNWYzZDY5ODFkMWZhOTA1OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gRWvafBOUsxLBiH38cCeJHHU/F3
yslpDuUXAU7M/2yUAewchPXPKTXQ+ieuw4/P013+4x5/AdfHOusx9WzUWkydVjid
J2FsDfn+9pelJwZQFKCUMZVhVSGtwn2uwQIiXOWz/qkgktmmvDmpE/3vrqUEIRCf
zcnkmrrRl0k+Yk7gKc5VzxPYyxB9P8W0pOLDOgRTB6REY9ICRqeP1hOtxc4p9J6K
Vg/Sh1iUR2GeFxwPec4Vdjd9RLtrGsjnppvsc4Lhy0J6ZpGWf839TtfNwyU+F0uY
CmjlDGYmGxNwfuznxz9o0rSXTAKS/dFr/9V9L1/4V7aM0n5WToEEgUITTQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNuln3jq887khPyTXz1pgdH6kFmVMB8GA1UdIwQY
MBaAFIoc4dE1vyz46ME/M+wRyFI3A9x1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDIt
ZGVlMjkyZWE4N2EzLzEvMjZXZmVPcnp6dVNFX0pOZlBXbUIwZnFRV1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kYWY5NjAtZDA2MC00OWZjLWFmNDItZGVlMjkyZWE4N2Ez
LzEvaWh6aDBUV19MUGpvd1Q4ejdCSElVamNEM0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBLYVkAwQC
wQgEMA8EAgACMAkDBwAqDHzAAAAwDQYJKoZIhvcNAQELBQADggEBAIeK4znykkts
JXqhHTqHQvsu9avxXtJPziVKnGNtKcxJJ2TFDoaRQkgrBtVzjNJUgwMmuF85zlns
n0jDiscqbGQ8cMnv4ghFVtFjS17TPLHCtJsC4pG1s0lychEAeeD59MX3qAL7rHOF
BgJwHA3s3jOMmHvYqT8k7b7ZayxC6tcjnC4L1/b5O02IkuUDm+orQdjZJaA3LPIF
8+/G0H5rT/bbCVzI82k75jENVs1z4tZZcBpwB8oXesugqRfRfoiv+/oeusNcbq2B
4CA8HqGDjJQDOfml78mx0B8wXCQEUIBB2qf6BrQKGuiFgRn6QAWUQVJUjnpJPpso
rRrJnUMIT60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:42 2024 by rpki-client on console-fra.rpki-client.org