Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Kfo0gvYFloUBo0doCVPuxHb9Etw.roa
File: Kfo0gvYFloUBo0doCVPuxHb9Etw.roa (raw, json)
Hash identifier: 5eHB4zPB8NXL7iAp5DFvKnh6xUJcDTtOTL+FhJxT8NM=
Subject key identifier: 29:FA:34:82:F6:05:96:85:01:A3:47:68:09:53:EE:C4:76:FD:12:DC
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE620EE6C21EBFE20E79C6259DE81B7
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Kfo0gvYFloUBo0doCVPuxHb9Etw.roa
Signing time: Sun 01 Jan 2023 10:34:59 +0000
ROA not before: Sun 01 Jan 2023 10:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135343
IP address blocks: 45.141.118.0/24 maxlen: 24
45.141.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:20:ee:6c:21:eb:fe:20:e7:9c:62:59:de:81:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29fa3482f605968501a347680953eec476fd12dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fd:fd:c3:c3:03:5d:4f:49:24:71:54:1f:f1:
d9:25:a8:7d:20:48:65:0c:9a:21:d9:79:3d:66:79:
a1:da:77:85:65:e0:55:dd:57:e9:31:1f:ef:84:9d:
11:8f:54:52:4f:22:95:2b:12:8d:4b:21:75:21:9f:
e4:54:e5:2b:ec:b4:e8:ea:08:63:04:dc:e0:93:fc:
76:f1:11:0b:73:35:64:22:24:43:52:d5:3e:7a:6b:
9b:9d:c0:e5:7a:a6:78:b6:31:2a:40:40:90:c2:ed:
25:70:86:3f:f0:ad:90:e7:c0:95:01:21:21:a2:0f:
9c:e3:d9:26:04:c9:8b:48:30:32:f4:76:37:c4:12:
8e:a6:f1:7c:9a:54:21:d4:e9:39:8c:5f:70:cd:23:
49:df:49:22:fa:e8:8c:07:7c:4a:a9:88:49:1a:dc:
cc:db:72:0f:d3:95:40:bc:04:35:81:fe:fe:26:fe:
76:cc:be:a7:1a:6d:0d:2f:fd:72:35:b3:b2:20:73:
c2:cb:ce:63:8b:a3:40:77:10:92:22:4d:22:ed:a7:
1f:75:0e:1c:24:32:43:42:29:41:11:15:39:22:f8:
ae:46:c1:9f:a6:ad:2c:84:d4:8a:ea:20:56:ec:4d:
ff:7e:da:5c:99:fb:c6:7d:57:53:be:cd:86:c0:c0:
bd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FA:34:82:F6:05:96:85:01:A3:47:68:09:53:EE:C4:76:FD:12:DC
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Kfo0gvYFloUBo0doCVPuxHb9Etw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.118.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:31:2b:54:b5:0d:95:b4:f5:ed:af:45:6e:d6:50:a8:6d:78:
79:d0:63:a5:33:9a:8f:cd:3d:6f:17:f1:87:74:66:4f:e5:e4:
b9:d2:59:6e:32:01:35:c6:73:b6:b0:19:08:ea:a4:a8:3d:9b:
6d:72:45:4d:3c:1d:a8:1b:a1:9c:c2:c9:a6:a4:d6:6c:83:c6:
09:82:a7:6e:5b:95:f8:cf:64:98:0c:dc:61:6b:e6:a7:68:0b:
d9:b9:a9:b0:e5:ad:85:c3:32:cd:09:c3:b0:c4:59:be:d2:39:
2d:e9:ed:8b:5b:1c:6a:b2:78:7c:24:a2:df:a2:56:1b:c9:c6:
fa:4b:58:5a:7c:dc:87:29:6e:39:fe:25:b0:2d:e1:17:3d:18:
72:13:db:0f:f8:04:eb:d8:d4:c9:f4:13:07:a6:7c:90:86:a4:
c3:cc:8a:17:40:89:9d:72:7c:cd:ac:2d:d5:56:26:2a:1c:ae:
86:d2:8a:1c:7a:04:7e:a9:bc:33:91:71:e3:3a:4d:d1:24:86:
cd:39:b8:12:a9:40:7f:89:c8:5d:6e:c2:f4:be:ac:03:66:f9:
66:b0:57:ff:72:eb:6f:49:da:5c:ff:f9:e4:9d:8b:71:63:f4:
37:2f:0f:64:fd:ce:5d:f5:4a:a2:6c:66:fa:ce:29:5a:1a:e0:
b3:d4:2d:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5iDubCHr/iDnnGJZ3oG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZhMzQ4MmY2MDU5Njg1MDFhMzQ3NjgwOTUzZWVjNDc2ZmQxMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf39w8MDXU9JJHFUH/HZJah9IEhl
DJoh2Xk9Znmh2neFZeBV3VfpMR/vhJ0Rj1RSTyKVKxKNSyF1IZ/kVOUr7LTo6ghj
BNzgk/x28RELczVkIiRDUtU+emubncDleqZ4tjEqQECQwu0lcIY/8K2Q58CVASEh
og+c49kmBMmLSDAy9HY3xBKOpvF8mlQh1Ok5jF9wzSNJ30ki+uiMB3xKqYhJGtzM
23IP05VAvAQ1gf7+Jv52zL6nGm0NL/1yNbOyIHPCy85ji6NAdxCSIk0i7acfdQ4c
JDJDQilBERU5IviuRsGfpq0shNSK6iBW7E3/ftpcmfvGfVdTvs2GwMC9bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCn6NIL2BZaFAaNHaAlT7sR2/RLcMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvS2ZvMGd2WUZsb1VCbzBkb0NWUHV4SGI5RXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLY12MA0G
CSqGSIb3DQEBCwUAA4IBAQAfMStUtQ2VtPXtr0Vu1lCobXh50GOlM5qPzT1vF/GH
dGZP5eS50lluMgE1xnO2sBkI6qSoPZttckVNPB2oG6GcwsmmpNZsg8YJgqduW5X4
z2SYDNxha+anaAvZuamw5a2FwzLNCcOwxFm+0jkt6e2LWxxqsnh8JKLfolYbycb6
S1hafNyHKW45/iWwLeEXPRhyE9sP+ATr2NTJ9BMHpnyQhqTDzIoXQImdcnzNrC3V
ViYqHK6G0oocegR+qbwzkXHjOk3RJIbNObgSqUB/ichdbsL0vqwDZvlmsFf/cutv
Sdpc//nknYtxY/Q3Lw9k/c5d9UqibGb6zilaGuCz1C27
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org