Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1l1VVk7l43OL4wDqGJcS3kBwEfE.roa
File: 1l1VVk7l43OL4wDqGJcS3kBwEfE.roa (raw, json)
Hash identifier: JhSF2b301BbvFJF0TQDDkVZqO2UGCG6qPIbPN4L9gZw=
Subject key identifier: D6:5D:55:56:4E:E5:E3:73:8B:E3:00:EA:18:97:12:DE:40:70:11:F1
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018C3F7FE2E4F2B38331F77AE0958B1A5131
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1l1VVk7l43OL4wDqGJcS3kBwEfE.roa
Signing time: Wed 06 Dec 2023 14:19:54 +0000
ROA not before: Wed 06 Dec 2023 14:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 109.71.254.0/24 maxlen: 24
45.137.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:7f:e2:e4:f2:b3:83:31:f7:7a:e0:95:8b:1a:51:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 6 14:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d65d55564ee5e3738be300ea189712de407011f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:a9:4e:b2:5b:80:7b:e8:67:0d:a9:d3:56:
bd:29:62:ba:a4:b3:d7:3e:ad:c1:3e:37:c3:a6:60:
3c:87:29:20:b1:5f:a8:65:4d:01:e2:03:d6:97:f7:
49:81:95:69:67:7e:8d:c1:08:31:69:40:65:e4:a6:
54:ab:04:91:03:61:07:17:1a:14:b4:b7:8e:94:57:
c5:89:51:ea:24:1b:e7:2d:7f:70:36:ab:df:84:8d:
96:e2:d3:21:36:4c:b0:b1:6d:fb:83:91:4d:f9:ed:
d2:c7:7a:e5:aa:54:86:6a:5b:69:70:a3:ba:02:1e:
0d:ea:98:14:c4:6c:76:33:83:32:3d:13:d6:9d:28:
70:df:d4:3e:08:f3:0b:db:eb:e4:27:c3:da:96:fa:
b4:ef:46:ab:ae:5b:e3:8b:ef:70:f5:c7:27:f3:5f:
9d:8d:d7:7b:71:b3:59:3a:00:3c:36:00:23:c8:40:
a5:78:94:6d:cd:10:2c:88:a4:47:6d:e3:a1:07:aa:
9e:4b:a2:5e:ba:b5:00:fc:23:55:af:02:c8:fb:ea:
45:63:e3:64:7e:dc:4c:99:4e:cb:26:44:e8:ff:33:
7e:94:f2:91:27:40:50:42:08:fe:1f:17:41:77:6c:
19:c7:43:4e:a9:ce:2e:94:8f:a0:cc:b6:38:1a:1d:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5D:55:56:4E:E5:E3:73:8B:E3:00:EA:18:97:12:DE:40:70:11:F1
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1l1VVk7l43OL4wDqGJcS3kBwEfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.68.0/24
109.71.254.0/24
Signature Algorithm: sha256WithRSAEncryption
09:4a:db:62:87:91:13:0a:41:38:81:04:24:31:32:fb:b8:a5:
56:5c:2c:8b:b2:58:c2:84:15:4c:d3:56:03:ee:54:af:be:11:
1d:4e:6d:b1:06:18:38:59:cd:4f:da:cc:e8:c5:2f:1c:d7:de:
26:b2:10:ef:4a:7e:a8:51:38:5d:ea:b6:ef:c0:24:d2:60:7d:
95:97:9f:f1:ba:4f:7c:0e:b0:ab:34:51:78:24:f9:eb:ef:50:
b0:41:2e:6d:9e:c2:2c:a6:bd:79:0d:07:19:99:0f:e4:ea:18:
7d:fb:5d:39:f6:04:89:b4:f5:a0:2d:31:e3:9f:f4:fa:f7:b7:
4f:e3:ad:3a:da:79:53:80:29:7e:2d:e4:8e:f3:a8:88:f2:d2:
36:84:75:40:ad:44:9d:32:10:fc:04:7f:88:3f:6c:53:3a:d2:
7e:c6:24:1a:96:ab:0c:28:1d:d8:a2:7d:87:93:83:40:48:74:
cb:0f:43:17:0c:39:82:3b:31:48:c9:c0:30:10:24:a4:6a:33:
85:66:60:cb:92:84:af:b6:70:c2:bc:78:8f:95:50:30:ba:a5:
50:c5:c4:36:bb:51:c7:a0:65:80:b8:a9:8d:42:d0:4e:41:32:
f0:d7:24:80:52:79:fb:24:5c:c1:98:c5:7b:cf:ff:0e:89:aa:
74:92:4b:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw/f+Lk8rODMfd64JWLGlExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMjA2MTQxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjVkNTU1NjRlZTVlMzczOGJlMzAwZWExODk3MTJkZTQwNzAxMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssipTrJbgHvoZw2p01a9KWK6pLPX
Pq3BPjfDpmA8hykgsV+oZU0B4gPWl/dJgZVpZ36NwQgxaUBl5KZUqwSRA2EHFxoU
tLeOlFfFiVHqJBvnLX9wNqvfhI2W4tMhNkywsW37g5FN+e3Sx3rlqlSGaltpcKO6
Ah4N6pgUxGx2M4MyPRPWnShw39Q+CPML2+vkJ8Palvq070arrlvji+9w9ccn81+d
jdd7cbNZOgA8NgAjyECleJRtzRAsiKRHbeOhB6qeS6JeurUA/CNVrwLI++pFY+Nk
ftxMmU7LJkTo/zN+lPKRJ0BQQgj+HxdBd2wZx0NOqc4ulI+gzLY4Gh1j3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZdVVZO5eNzi+MA6hiXEt5AcBHxMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMWwxVlZrN2w0M09MNHdEcUdKY1Mza0J3RWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYlEAwQA
bUf+MA0GCSqGSIb3DQEBCwUAA4IBAQAJSttih5ETCkE4gQQkMTL7uKVWXCyLsljC
hBVM01YD7lSvvhEdTm2xBhg4Wc1P2szoxS8c194mshDvSn6oUThd6rbvwCTSYH2V
l5/xuk98DrCrNFF4JPnr71CwQS5tnsIspr15DQcZmQ/k6hh9+1059gSJtPWgLTHj
n/T697dP46062nlTgCl+LeSO86iI8tI2hHVArUSdMhD8BH+IP2xTOtJ+xiQalqsM
KB3Yon2Hk4NASHTLD0MXDDmCOzFIycAwECSkajOFZmDLkoSvtnDCvHiPlVAwuqVQ
xcQ2u1HHoGWAuKmNQtBOQTLw1ySAUnn7JFzBmMV7z/8Oiap0kkte
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:27 2024 by rpki-client on console-fra.rpki-client.org