Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/sUGeFvtSl36qZBJHMDduNXaiNRc.roa
File: sUGeFvtSl36qZBJHMDduNXaiNRc.roa (raw, json)
Hash identifier: AwTY3OXJDI4nhqhhxljhqZGyRoR7Hh3E1iwgpnewuPg=
Subject key identifier: B1:41:9E:16:FB:52:97:7E:AA:64:12:47:30:37:6E:35:76:A2:35:17
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 01856FE6F98EF20AA6201C504B2139722E2B
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/sUGeFvtSl36qZBJHMDduNXaiNRc.roa
Signing time: Mon 02 Jan 2023 00:34:46 +0000
ROA not before: Mon 02 Jan 2023 00:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 185.198.73.0/24 maxlen: 24
45.67.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f9:8e:f2:0a:a6:20:1c:50:4b:21:39:72:2e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Jan 2 00:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1419e16fb52977eaa64124730376e3576a23517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:70:38:10:94:4e:9e:57:63:5c:6c:75:58:3b:
b7:43:66:a9:5a:d4:f9:4e:8c:e6:61:fe:32:83:5b:
02:3c:56:cd:41:83:9c:48:4b:0c:79:5c:6f:0a:8c:
25:ba:5d:cf:14:cd:ed:de:cf:82:b2:de:fc:32:b6:
e2:da:9b:98:de:c7:1a:76:a4:09:0d:40:17:48:62:
1c:b8:f3:b5:5d:fe:fa:32:0e:65:86:32:22:a4:32:
28:d1:46:17:dc:47:cc:8b:04:b0:c6:93:87:af:3d:
d1:7e:6b:c5:a5:f5:ac:eb:a6:17:0c:41:13:e9:3d:
9d:bc:be:6d:f7:d3:9a:89:4c:69:a5:a8:79:5b:83:
4b:9e:da:ec:c4:09:e8:94:b1:47:c7:77:70:06:01:
5e:38:8c:b2:db:80:4b:eb:21:b7:77:ac:7f:e8:87:
05:d4:29:f5:fa:67:f6:49:43:fe:77:4f:98:0b:32:
21:cd:ee:74:e0:e2:fb:01:42:d5:33:85:ae:a3:32:
ed:11:53:45:3d:56:c9:77:87:74:73:ca:96:ad:5a:
5f:6a:17:57:88:76:f2:d0:dd:ea:28:31:1c:e9:26:
f9:cc:d6:e2:14:22:7b:45:3b:a7:8c:e5:2c:d8:c8:
a9:8a:0f:fc:34:b7:da:a5:31:d0:ef:34:65:78:d4:
c5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:41:9E:16:FB:52:97:7E:AA:64:12:47:30:37:6E:35:76:A2:35:17
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/sUGeFvtSl36qZBJHMDduNXaiNRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.232.0/24
185.198.73.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fe:a4:82:d0:15:ba:6d:be:5c:31:ce:02:a6:17:68:d4:23:
1a:74:2d:d5:52:34:0a:ad:16:c4:d0:b8:c0:81:d3:81:1b:93:
47:18:4e:ab:1b:05:b2:3c:11:47:2f:ff:97:b0:8d:94:48:19:
cb:bd:19:e6:dd:ff:94:6e:4a:8f:12:6a:29:dc:6c:84:cb:fb:
9d:62:d1:76:e6:99:4d:a7:b6:f8:e7:27:10:a5:77:dc:74:71:
42:36:c3:7d:57:9e:b6:59:db:06:24:63:cd:09:ca:e6:76:ca:
b7:0b:e7:3c:8d:36:f0:5a:f2:bd:c4:bd:e0:16:a5:65:d8:7c:
6f:bb:f4:dd:59:99:76:19:0d:86:88:49:8f:09:ab:90:52:ca:
46:bd:99:19:3f:40:bc:ac:31:6b:22:ac:b5:65:74:0f:f6:8d:
d2:67:47:e4:c2:2d:ae:55:9a:54:42:6b:1f:c8:8b:de:86:c0:
8a:7b:d8:85:f3:c0:91:d4:5e:ee:80:27:cd:db:66:82:04:6b:
25:ec:bc:fc:fc:b5:19:3c:4b:6e:83:77:6d:31:f4:d2:9e:a7:
a7:a4:b3:0a:4d:74:8d:49:8a:95:56:be:0c:52:c7:73:ef:f6:
2a:80:7c:2b:64:c2:6a:6b:5f:2d:c8:22:0e:52:83:15:e4:97:
bf:ae:87:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv5vmO8gqmIBxQSyE5ci4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjMwMTAyMDAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQxOWUxNmZiNTI5NzdlYWE2NDEyNDczMDM3NmUzNTc2YTIzNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3A4EJROnldjXGx1WDu3Q2apWtT5
TozmYf4yg1sCPFbNQYOcSEsMeVxvCowlul3PFM3t3s+Cst78Mrbi2puY3scadqQJ
DUAXSGIcuPO1Xf76Mg5lhjIipDIo0UYX3EfMiwSwxpOHrz3RfmvFpfWs66YXDEET
6T2dvL5t99OaiUxppah5W4NLntrsxAnolLFHx3dwBgFeOIyy24BL6yG3d6x/6IcF
1Cn1+mf2SUP+d0+YCzIhze504OL7AULVM4WuozLtEVNFPVbJd4d0c8qWrVpfahdX
iHby0N3qKDEc6Sb5zNbiFCJ7RTunjOUs2Mipig/8NLfapTHQ7zRleNTFNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLFBnhb7Upd+qmQSRzA3bjV2ojUXMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvc1VHZUZ2dFNsMzZxWkJKSE1EZHVOWGFpTlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUPoAwQA
ucZJMA0GCSqGSIb3DQEBCwUAA4IBAQAP/qSC0BW6bb5cMc4Cphdo1CMadC3VUjQK
rRbE0LjAgdOBG5NHGE6rGwWyPBFHL/+XsI2USBnLvRnm3f+UbkqPEmop3GyEy/ud
YtF25plNp7b45ycQpXfcdHFCNsN9V562WdsGJGPNCcrmdsq3C+c8jTbwWvK9xL3g
FqVl2Hxvu/TdWZl2GQ2GiEmPCauQUspGvZkZP0C8rDFrIqy1ZXQP9o3SZ0fkwi2u
VZpUQmsfyIvehsCKe9iF88CR1F7ugCfN22aCBGsl7Lz8/LUZPEtug3dtMfTSnqen
pLMKTXSNSYqVVr4MUsdz7/YqgHwrZMJqa18tyCIOUoMV5Je/rodz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:20 2024 by rpki-client on console-fra.rpki-client.org