Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/IZuUsbV-kGKbCRXK0T713IMOkF8.roa
File: IZuUsbV-kGKbCRXK0T713IMOkF8.roa (raw, json)
Hash identifier: J6SQdqYuh1NhEBHSE2BeFID0+rthtJ2UkRF3Zby+zn8=
Subject key identifier: 21:9B:94:B1:B5:7E:90:62:9B:09:15:CA:D1:3E:F5:DC:83:0E:90:5F
Certificate issuer: /CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Certificate serial: 0189FD3F112105657AF90D482D7A67FE7952
Authority key identifier: 7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/IZuUsbV-kGKbCRXK0T713IMOkF8.roa
Signing time: Wed 16 Aug 2023 07:28:36 +0000
ROA not before: Wed 16 Aug 2023 07:28:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.209.228.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
45.151.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 12:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:3f:11:21:05:65:7a:f9:0d:48:2d:7a:67:fe:79:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Validity
Not Before: Aug 16 07:28:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=219b94b1b57e90629b0915cad13ef5dc830e905f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:86:c3:54:7a:5c:84:1d:3d:75:8a:c2:0d:61:
97:13:36:a5:45:2a:b9:75:8d:49:27:75:82:a5:ca:
02:15:ec:73:b0:a4:d1:4d:fd:d3:47:92:d1:2b:0f:
6f:9c:83:ed:41:31:50:a0:86:a4:72:ce:ae:49:6f:
b2:2f:86:c3:3f:b2:3e:85:5f:71:a4:c4:b5:29:93:
5e:98:cd:8f:28:36:6b:cd:db:55:10:e7:01:76:84:
f3:2d:57:b4:e6:d5:a1:81:7f:a7:25:8f:1a:11:21:
47:86:fd:f8:bf:e5:f5:e4:70:1e:4b:ce:25:0d:e4:
29:b5:1e:9d:b4:97:3c:b4:13:19:25:00:e9:97:ee:
28:9f:49:56:ac:59:aa:f5:42:92:ff:4f:9a:e4:e9:
5d:0e:8d:0c:36:7f:d4:00:26:b8:c8:e2:27:f0:33:
9d:45:fe:7f:3b:ca:5f:33:0f:d3:18:91:6d:e8:ea:
b9:de:98:1d:e0:e5:20:8e:89:6f:89:14:88:87:35:
bb:8e:2a:71:5f:c7:59:8c:d6:fe:0b:1d:6f:e6:b8:
9f:84:ae:77:c1:89:71:4b:e9:87:e1:9a:0f:44:db:
d7:98:a2:93:cf:61:68:f1:b2:88:07:f4:b3:77:02:
8e:6f:d1:f6:4a:08:ec:80:91:f8:5e:a7:3c:f3:cb:
42:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9B:94:B1:B5:7E:90:62:9B:09:15:CA:D1:3E:F5:DC:83:0E:90:5F
X509v3 Authority Key Identifier:
keyid:7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/IZuUsbV-kGKbCRXK0T713IMOkF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.140.0/24
45.151.142.0/24
91.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d2:4b:16:73:2d:7e:a3:82:6d:45:f6:9e:09:e4:3b:41:31:
c4:e8:20:f5:1e:58:bd:4d:a3:c8:17:a3:25:59:20:82:5b:d3:
e7:8b:a9:e3:c2:d8:a6:4e:0b:ef:ac:97:89:6d:69:2e:9f:bd:
97:8a:64:46:7c:fd:e7:6b:ed:38:85:66:13:8e:17:a8:b2:fd:
8b:78:70:c2:cb:6b:ba:fe:68:23:95:a1:58:f1:18:f9:95:56:
58:1a:8f:e4:a4:fe:f3:68:27:dd:8f:01:ed:9a:ce:bd:eb:86:
a4:f6:00:e5:e5:01:12:a3:bd:a1:3e:4b:a5:01:74:47:8c:40:
c2:c2:66:ac:2a:26:3c:65:4f:18:39:7c:19:0e:47:79:ef:e8:
d7:0b:a0:88:f6:65:e3:84:ca:4b:d9:f5:e3:0e:9b:e9:8c:7b:
76:97:f6:f6:fd:b1:f2:c7:b2:13:89:9b:28:55:f5:ae:8c:2a:
a4:f6:cc:b7:fd:ea:6b:5f:fd:dd:1d:f1:94:4e:28:b3:c8:dd:
22:b3:a6:a8:9f:ed:6e:dd:a9:f3:d6:90:18:83:44:88:fc:0b:
10:fd:a0:0a:ff:77:8d:ae:3f:57:05:ab:eb:10:4b:d8:8e:73:
26:1c:6c:26:bb:7f:c3:9b:25:a0:33:9d:d9:b6:54:10:50:98:
8e:4a:7f:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn9PxEhBWV6+Q1ILXpn/nlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYTNmOTlkYmE5NGEzMDdiNmNkMmUxZDkwZjY3OGRhYzA1
NjgxZjgwHhcNMjMwODE2MDcyODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTliOTRiMWI1N2U5MDYyOWIwOTE1Y2FkMTNlZjVkYzgzMGU5MDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4bDVHpchB09dYrCDWGXEzalRSq5
dY1JJ3WCpcoCFexzsKTRTf3TR5LRKw9vnIPtQTFQoIakcs6uSW+yL4bDP7I+hV9x
pMS1KZNemM2PKDZrzdtVEOcBdoTzLVe05tWhgX+nJY8aESFHhv34v+X15HAeS84l
DeQptR6dtJc8tBMZJQDpl+4on0lWrFmq9UKS/0+a5OldDo0MNn/UACa4yOIn8DOd
Rf5/O8pfMw/TGJFt6Oq53pgd4OUgjolviRSIhzW7jipxX8dZjNb+Cx1v5rifhK53
wYlxS+mH4ZoPRNvXmKKTz2Fo8bKIB/SzdwKOb9H2SgjsgJH4Xqc888tCtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCGblLG1fpBimwkVytE+9dyDDpBfMB8GA1UdIwQY
MBaAFH+j+Z26lKMHts0uHZD2eNrAVoH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUt
NGVhNDdjY2UwYzYzLzEvSVp1VXNiVi1rR0tiQ1JYSzBUNzEzSU1Pa0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUtNGVhNDdjY2UwYzYz
LzEvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZeMAwQA
LZeOAwQAW9HkMA0GCSqGSIb3DQEBCwUAA4IBAQCg0ksWcy1+o4JtRfaeCeQ7QTHE
6CD1Hli9TaPIF6MlWSCCW9Pni6njwtimTgvvrJeJbWkun72XimRGfP3na+04hWYT
jheosv2LeHDCy2u6/mgjlaFY8Rj5lVZYGo/kpP7zaCfdjwHtms6964ak9gDl5QES
o72hPkulAXRHjEDCwmasKiY8ZU8YOXwZDkd57+jXC6CI9mXjhMpL2fXjDpvpjHt2
l/b2/bHyx7ITiZsoVfWujCqk9sy3/eprX/3dHfGUTiizyN0is6aon+1u3anz1pAY
g0SI/AsQ/aAK/3eNrj9XBavrEEvYjnMmHGwmu3/DmyWgM53ZtlQQUJiOSn/c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org