Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1pb4rWyZo1vYSvYzahx1AGJ60KY.roa
File: 1pb4rWyZo1vYSvYzahx1AGJ60KY.roa (raw, json)
Hash identifier: CMdyUapUPyIcZGeSDmLNRCBQQ/+NAv93rX7DxWdShoQ=
Subject key identifier: D6:96:F8:AD:6C:99:A3:5B:D8:4A:F6:33:6A:1C:75:00:62:7A:D0:A6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018AA7312460978CAA91125A1ADE9186A76A
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1pb4rWyZo1vYSvYzahx1AGJ60KY.roa
Signing time: Mon 18 Sep 2023 07:28:50 +0000
ROA not before: Mon 18 Sep 2023 07:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197071
IP address blocks: 45.90.97.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:31:24:60:97:8c:aa:91:12:5a:1a:de:91:86:a7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 18 07:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d696f8ad6c99a35bd84af6336a1c7500627ad0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1a:49:bb:4c:4f:82:e2:b3:00:2d:71:69:75:
b8:cc:2a:9c:83:e2:2c:13:25:03:1f:6d:72:fe:38:
d1:1d:e4:f9:a6:3e:ea:ea:19:97:0b:5d:06:fe:47:
51:3c:52:17:2e:f9:e9:ae:1e:b5:b8:d0:a0:b7:e7:
62:d0:64:2f:10:9f:ad:64:5b:a3:1b:48:02:65:2b:
ba:b8:c1:99:fe:cb:8c:fd:64:f7:c1:59:20:f2:e7:
22:c5:b3:cd:34:b5:fa:98:82:f0:dd:41:27:4b:0d:
c6:e2:1e:ec:86:66:c7:e2:0f:c3:7d:e4:c6:ea:85:
32:cb:bc:70:00:dc:7d:9b:bd:62:b2:90:c2:62:b3:
54:61:26:59:4d:fc:6f:08:4a:dd:be:cb:61:b3:a2:
2b:56:c5:93:04:62:27:b5:99:2d:eb:b5:36:be:ea:
16:d9:38:b9:f0:5f:cd:d4:0c:53:bc:19:b0:c8:99:
2e:48:0e:cb:0d:ed:f5:6e:b9:de:9a:48:7c:6c:f9:
ea:f5:66:da:26:d7:d9:04:9b:21:61:19:69:94:20:
d6:53:ea:82:35:a3:2b:89:53:aa:83:76:09:52:d2:
60:b7:e4:80:08:aa:90:20:46:71:74:8d:24:7d:46:
d3:c5:26:c7:a5:8e:2b:25:e7:e1:a5:77:81:03:cb:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:96:F8:AD:6C:99:A3:5B:D8:4A:F6:33:6A:1C:75:00:62:7A:D0:A6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/1pb4rWyZo1vYSvYzahx1AGJ60KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.139.0/24
45.90.97.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:30:6a:b0:46:94:78:93:98:fc:30:6a:5c:43:09:2c:ee:09:
ad:83:dc:a6:28:a3:eb:ee:71:08:99:f1:30:03:7a:44:5c:bc:
6f:ff:e4:82:76:07:80:8e:2f:18:ba:58:ee:1c:80:e3:85:d1:
29:0e:b1:c4:e6:71:a6:f3:93:c6:da:0b:7d:52:f6:ba:0b:f6:
4e:63:90:09:23:55:4e:c1:78:f8:14:8b:54:1a:37:17:ca:ca:
dc:4d:35:70:93:41:ca:ca:ab:68:8b:3c:56:69:54:4c:ad:0f:
a9:24:4d:45:bf:8f:f1:0f:f5:2c:83:24:50:ba:66:34:2e:1d:
d1:da:e8:38:49:21:d5:27:bb:39:db:b7:77:0f:3e:f7:77:f3:
0c:0e:5d:d3:f8:37:f7:4f:49:a4:90:2a:f2:8d:f4:50:f6:b7:
28:29:20:dd:ad:79:b1:71:0c:58:cf:96:7b:9e:c2:e4:66:1b:
dd:3f:94:40:3b:fb:24:d6:ed:f8:67:4b:3e:79:bb:f1:2e:85:
dc:d0:47:46:ea:21:f2:24:f8:86:1b:cf:a8:4b:e6:6a:38:6b:
08:a5:0c:bb:dd:00:18:bc:1a:93:1a:10:ef:29:3e:37:9b:1a:
ac:4b:cd:fc:7a:93:43:51:0d:05:ca:55:a5:bb:2c:9f:32:47:
35:78:b8:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqnMSRgl4yqkRJaGt6RhqdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwOTE4MDcyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjk2ZjhhZDZjOTlhMzViZDg0YWY2MzM2YTFjNzUwMDYyN2FkMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RpJu0xPguKzAC1xaXW4zCqcg+Is
EyUDH21y/jjRHeT5pj7q6hmXC10G/kdRPFIXLvnprh61uNCgt+di0GQvEJ+tZFuj
G0gCZSu6uMGZ/suM/WT3wVkg8ucixbPNNLX6mILw3UEnSw3G4h7shmbH4g/DfeTG
6oUyy7xwANx9m71ispDCYrNUYSZZTfxvCErdvsths6IrVsWTBGIntZkt67U2vuoW
2Ti58F/N1AxTvBmwyJkuSA7LDe31brnemkh8bPnq9WbaJtfZBJshYRlplCDWU+qC
NaMriVOqg3YJUtJgt+SACKqQIEZxdI0kfUbTxSbHpY4rJefhpXeBA8u15QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNaW+K1smaNb2Er2M2ocdQBietCmMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMXBiNHJXeVpvMXZZU3ZZemFoeDFBR0o2MEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ3iAwQA
LUOLAwQALVphAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQCKMGqwRpR4k5j8MGpc
Qwks7gmtg9ymKKPr7nEImfEwA3pEXLxv/+SCdgeAji8YuljuHIDjhdEpDrHE5nGm
85PG2gt9Uva6C/ZOY5AJI1VOwXj4FItUGjcXysrcTTVwk0HKyqtoizxWaVRMrQ+p
JE1Fv4/xD/UsgyRQumY0Lh3R2ug4SSHVJ7s527d3Dz73d/MMDl3T+Df3T0mkkCry
jfRQ9rcoKSDdrXmxcQxYz5Z7nsLkZhvdP5RAO/sk1u34Z0s+ebvxLoXc0EdG6iHy
JPiGG8+oS+ZqOGsIpQy73QAYvBqTGhDvKT43mxqsS838epNDUQ0FylWluyyfMkc1
eLhH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org