Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tOyZ6Qd89FI59hn_7J1YDKsYMY.roa
File: 0tOyZ6Qd89FI59hn_7J1YDKsYMY.roa (raw, json)
Hash identifier: jxJUghvv9DBID802BhZTc79e0rmjBoflKQVETbacbkE=
Subject key identifier: D2:D3:B2:67:A4:1D:F3:D1:48:E7:D8:67:FF:B2:75:60:32:AC:60:C6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0186E55D613EC4711E990AD054994BDF0869
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tOyZ6Qd89FI59hn_7J1YDKsYMY.roa
Signing time: Wed 15 Mar 2023 13:02:27 +0000
ROA not before: Wed 15 Mar 2023 13:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 45.153.24.0/22 maxlen: 22
45.137.203.0/24 maxlen: 24
45.137.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Mar 2023 20:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:5d:61:3e:c4:71:1e:99:0a:d0:54:99:4b:df:08:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 15 13:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2d3b267a41df3d148e7d867ffb2756032ac60c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:46:92:e8:26:08:e9:a4:3e:96:60:40:0e:f4:
7b:7c:df:05:67:b4:a3:9a:00:b6:fc:f7:2f:8b:be:
b5:a5:ea:f1:79:25:0b:69:c1:a8:39:2f:c1:5e:77:
d1:54:f6:aa:97:d9:0f:2a:da:75:85:2e:1b:33:b1:
98:da:48:22:cf:18:f9:2c:c7:5f:0f:9d:0f:0d:64:
33:dc:87:b7:37:ed:55:99:a2:19:bd:0e:15:ed:ec:
db:03:9f:5f:20:6f:8a:0b:e6:98:3d:2a:72:de:f5:
f4:a3:61:24:cb:88:2a:dd:ad:37:16:35:a2:d7:ba:
4e:df:1d:e2:e7:f1:cb:d1:c4:99:34:68:52:44:9a:
35:b0:fd:ae:5b:2d:bb:4e:16:19:67:75:5c:f5:14:
4e:21:94:b8:4a:0d:dd:9c:18:92:39:f8:a3:01:a2:
32:d5:21:99:3a:35:9a:5c:02:85:2c:8d:63:47:96:
4a:dd:89:57:e7:58:72:8c:52:b1:d6:2d:f1:a7:d5:
1f:22:d4:b7:3c:d5:b2:ed:9e:d7:53:86:88:06:e7:
18:db:f0:88:e5:6e:5a:1c:c0:45:80:da:76:99:d2:
b7:00:26:46:6b:17:72:69:8a:c5:c2:e9:b7:e0:f3:
4c:04:e5:18:19:04:34:0d:73:67:a6:86:55:dc:c9:
52:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D3:B2:67:A4:1D:F3:D1:48:E7:D8:67:FF:B2:75:60:32:AC:60:C6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/0tOyZ6Qd89FI59hn_7J1YDKsYMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.201.0/24
45.137.203.0/24
45.153.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:05:2b:ea:50:a2:c8:fc:2d:9a:18:c3:22:55:9d:95:36:eb:
73:ab:69:07:26:e3:19:c3:eb:e4:5c:5e:83:31:2b:60:22:3f:
8a:eb:0a:d0:a5:f0:7a:b9:60:75:6f:3a:e3:ab:ba:cc:26:20:
93:43:e8:b0:1d:f2:fb:ce:88:12:a5:11:5b:87:a0:a2:c2:79:
58:e6:ff:cb:5a:b5:95:ee:03:f0:b1:19:6b:57:4e:9d:bd:c9:
5a:0d:7e:63:7c:ac:31:98:33:ee:9d:3a:d2:20:bb:cd:17:ec:
43:d2:77:6c:44:85:a4:ae:ea:c6:cd:18:95:b8:05:f0:20:66:
22:ff:f4:80:0e:20:03:bc:d7:1f:c9:68:dc:be:7f:72:a5:7e:
88:1c:16:5c:e7:db:2c:92:7f:28:88:ca:27:8e:d9:d5:7d:d6:
6e:8e:93:fc:fb:23:ca:59:1d:9f:ee:c8:71:e6:11:7c:fe:05:
85:aa:77:6a:b2:30:3c:bc:1f:fb:42:a8:d3:a6:d4:ca:6f:f5:
b0:a6:43:1c:2e:b4:21:1e:52:ba:da:0d:fd:7f:d2:a0:69:eb:
52:c3:f4:2f:21:bc:b0:80:c0:b3:c6:1c:d7:1f:76:be:3c:45:
1a:fa:86:b3:b4:0c:36:91:18:b2:ed:27:44:a7:a3:06:0b:35:
4e:e3:3a:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYblXWE+xHEemQrQVJlL3whpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMzE1MTMwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQzYjI2N2E0MWRmM2QxNDhlN2Q4NjdmZmIyNzU2MDMyYWM2MGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkaS6CYI6aQ+lmBADvR7fN8FZ7Sj
mgC2/Pcvi761perxeSULacGoOS/BXnfRVPaql9kPKtp1hS4bM7GY2kgizxj5LMdf
D50PDWQz3Ie3N+1VmaIZvQ4V7ezbA59fIG+KC+aYPSpy3vX0o2Eky4gq3a03FjWi
17pO3x3i5/HL0cSZNGhSRJo1sP2uWy27ThYZZ3Vc9RROIZS4Sg3dnBiSOfijAaIy
1SGZOjWaXAKFLI1jR5ZK3YlX51hyjFKx1i3xp9UfItS3PNWy7Z7XU4aIBucY2/CI
5W5aHMBFgNp2mdK3ACZGaxdyaYrFwum34PNMBOUYGQQ0DXNnpoZV3MlSKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNLTsmekHfPRSOfYZ/+ydWAyrGDGMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMHRPeVo2UWQ4OUZJNTlobl83SjFZREtzWU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYnJAwQA
LYnLAwQCLZkYMA0GCSqGSIb3DQEBCwUAA4IBAQB6BSvqUKLI/C2aGMMiVZ2VNutz
q2kHJuMZw+vkXF6DMStgIj+K6wrQpfB6uWB1bzrjq7rMJiCTQ+iwHfL7zogSpRFb
h6CiwnlY5v/LWrWV7gPwsRlrV06dvclaDX5jfKwxmDPunTrSILvNF+xD0ndsRIWk
rurGzRiVuAXwIGYi//SADiADvNcfyWjcvn9ypX6IHBZc59sskn8oiMonjtnVfdZu
jpP8+yPKWR2f7shx5hF8/gWFqndqsjA8vB/7QqjTptTKb/WwpkMcLrQhHlK62g39
f9KgaetSw/QvIbywgMCzxhzXH3a+PEUa+oaztAw2kRiy7SdEp6MGCzVO4zre
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:27 2024 by rpki-client on console-fra.rpki-client.org