Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa
File: vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa (raw, json)
Hash identifier: j3Pw4vgUsYFhsfrhuSGvjC47MN47Nuj6LDL3ye0+vvI=
Subject key identifier: BC:98:6C:CB:11:08:B8:67:FF:20:EE:0B:22:7E:0B:CE:04:0E:27:45
Certificate issuer: /CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Certificate serial: 01856F54A5F5512B045C98CFB1C91E6FE189
Authority key identifier: 87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 45.158.226.0/24 maxlen: 24
45.158.225.0/24 maxlen: 24
45.158.224.0/22 maxlen: 22
45.158.224.0/24 maxlen: 24
45.158.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 11:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a5:f5:51:2b:04:5c:98:cf:b1:c9:1e:6f:e1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874b591b5d8f076eaf472e3ea45d3b5c8e1350a1
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc986ccb1108b867ff20ee0b227e0bce040e2745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:f3:f5:c8:fd:44:dd:d5:cb:28:cc:a5:78:
e7:31:b7:84:22:92:5b:73:8c:d3:5b:ab:69:61:27:
74:3d:eb:55:82:f6:47:63:e4:a3:3c:49:9f:b0:84:
2b:fc:b1:3f:a6:fa:99:7e:60:93:27:71:da:1d:db:
71:8a:de:70:6a:9a:f5:ef:cf:cb:e5:73:d7:64:02:
bd:ad:08:f3:e9:c6:b3:69:e5:b7:1f:04:cd:36:a2:
f0:70:d2:06:00:95:c1:85:c6:a9:fd:81:a2:34:81:
3d:f4:5e:7c:a6:a6:82:ba:de:2f:71:d7:a1:3e:16:
91:3c:39:2b:bd:71:78:8b:13:9c:1d:44:2a:cb:15:
b3:09:e7:2d:8b:5d:ff:c0:8c:ca:4b:cd:f7:6d:fb:
4f:a5:6f:29:5a:b7:89:74:82:fc:50:36:dd:bb:a9:
81:f3:07:4a:9c:57:78:48:42:2c:32:35:3b:4d:f8:
15:18:67:3a:f4:5c:4e:dd:87:d2:d5:79:8b:2e:87:
6a:40:97:e3:43:56:ba:41:38:01:e5:81:de:75:35:
d8:1e:5e:e2:eb:d5:06:17:a4:ae:14:38:90:b9:2f:
5e:d9:1a:bf:a1:44:a7:45:8a:75:cd:8a:fc:dd:f7:
c3:a2:a1:dc:01:cb:a4:84:0c:ce:42:8c:2f:9c:de:
93:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:98:6C:CB:11:08:B8:67:FF:20:EE:0B:22:7E:0B:CE:04:0E:27:45
X509v3 Authority Key Identifier:
keyid:87:4B:59:1B:5D:8F:07:6E:AF:47:2E:3E:A4:5D:3B:5C:8E:13:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0tZG12PB26vRy4-pF07XI4TUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/vJhsyxEIuGf_IO4LIn4LzgQOJ0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/cad521-dabe-49a8-bce4-0c6a67820a58/1/h0tZG12PB26vRy4-pF07XI4TUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.224.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:ad:1c:2c:6e:68:0c:8d:2a:97:58:ab:6e:27:73:fc:43:b0:
cc:39:65:75:4d:b0:81:b5:6f:e7:9a:9f:32:d2:83:b5:53:21:
60:be:37:a5:b5:64:cb:0c:60:ec:99:45:1e:fd:4c:62:21:71:
6b:95:3d:e2:77:27:ea:94:7c:61:7e:09:ae:5a:c5:1c:ba:39:
75:71:0a:e8:c2:f8:57:b8:73:48:04:16:e5:fa:17:fb:09:ac:
bb:b3:ad:0f:ac:a7:b0:b0:1c:f1:77:37:57:6b:e3:d6:c6:7f:
0c:64:d2:b4:71:ea:65:65:b9:e7:cb:57:6b:48:40:d2:f3:04:
92:7c:a5:a7:57:b4:57:a5:d4:0e:6b:78:e9:4d:6e:b2:a6:0b:
7c:fc:95:27:e3:17:bb:61:1e:e3:b3:c1:e4:5b:3d:3a:ef:43:
e4:a2:b0:2d:f1:c7:91:41:0f:7e:3f:d8:62:96:04:b8:82:35:
cc:62:da:f9:35:19:e2:22:3a:b0:8b:78:6b:1e:07:a5:eb:9e:
61:49:3f:53:ef:c6:ee:45:b7:a0:e4:be:93:b1:b1:3d:75:10:
fd:1b:6d:1e:08:60:94:44:1e:55:6e:2c:2c:0f:51:e4:31:53:
70:3b:09:79:18:15:2e:30:7f:d7:3e:c5:8c:90:59:43:1b:4f:
ed:6e:35:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvVKX1USsEXJjPsckeb+GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGI1OTFiNWQ4ZjA3NmVhZjQ3MmUzZWE0NWQzYjVjOGUx
MzUwYTEwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzk4NmNjYjExMDhiODY3ZmYyMGVlMGIyMjdlMGJjZTA0MGUyNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcfz9cj9RN3VyyjMpXjnMbeEIpJb
c4zTW6tpYSd0PetVgvZHY+SjPEmfsIQr/LE/pvqZfmCTJ3HaHdtxit5wapr178/L
5XPXZAK9rQjz6cazaeW3HwTNNqLwcNIGAJXBhcap/YGiNIE99F58pqaCut4vcdeh
PhaRPDkrvXF4ixOcHUQqyxWzCecti13/wIzKS833bftPpW8pWreJdIL8UDbdu6mB
8wdKnFd4SEIsMjU7TfgVGGc69FxO3YfS1XmLLodqQJfjQ1a6QTgB5YHedTXYHl7i
69UGF6SuFDiQuS9e2Rq/oUSnRYp1zYr83ffDoqHcAcukhAzOQowvnN6TawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyYbMsRCLhn/yDuCyJ+C84EDidFMB8GA1UdIwQY
MBaAFIdLWRtdjwdur0cuPqRdO1yOE1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQt
MGM2YTY3ODIwYTU4LzEvdkpoc3l4RUl1R2ZfSU80TEluNEx6Z1FPSjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jYWQ1MjEtZGFiZS00OWE4LWJjZTQtMGM2YTY3ODIwYTU4
LzEvaDB0WkcxMlBCMjZ2Unk0LXBGMDdYSTRUVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ7gMA0G
CSqGSIb3DQEBCwUAA4IBAQAqrRwsbmgMjSqXWKtuJ3P8Q7DMOWV1TbCBtW/nmp8y
0oO1UyFgvjeltWTLDGDsmUUe/UxiIXFrlT3idyfqlHxhfgmuWsUcujl1cQrowvhX
uHNIBBbl+hf7Cay7s60PrKewsBzxdzdXa+PWxn8MZNK0ceplZbnny1drSEDS8wSS
fKWnV7RXpdQOa3jpTW6ypgt8/JUn4xe7YR7js8HkWz0670PkorAt8ceRQQ9+P9hi
lgS4gjXMYtr5NRniIjqwi3hrHgel655hST9T78buRbeg5L6TsbE9dRD9G20eCGCU
RB5VbiwsD1HkMVNwOwl5GBUuMH/XPsWMkFlDG0/tbjVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:59 2024 by rpki-client on console-fra.rpki-client.org