Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/R-cHmRfXcCWE3T26-YLxd4mKlQc.roa
File: R-cHmRfXcCWE3T26-YLxd4mKlQc.roa (raw, json)
Hash identifier: EZk+Ulce2to9nTQUwxhFthN8yIK698yIPYRSZ2tGYdI=
Subject key identifier: 47:E7:07:99:17:D7:70:25:84:DD:3D:BA:F9:82:F1:77:89:8A:95:07
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE61FF27E559A84CAC1458382F0CE40
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/R-cHmRfXcCWE3T26-YLxd4mKlQc.roa
Signing time: Sun 01 Jan 2023 10:34:58 +0000
ROA not before: Sun 01 Jan 2023 10:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133219
IP address blocks: 194.15.39.0/24 maxlen: 24
45.147.6.0/24 maxlen: 24
45.67.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:1f:f2:7e:55:9a:84:ca:c1:45:83:82:f0:ce:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47e7079917d7702584dd3dbaf982f177898a9507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:48:0d:1f:45:40:8c:bb:f7:9f:4d:87:36:f8:
f5:27:6b:cd:af:ad:61:30:95:58:68:d4:ca:60:da:
09:78:29:95:ad:d8:1b:fb:3c:8c:0a:5f:74:3c:73:
16:ab:60:fa:72:7a:f7:10:e3:0b:c0:90:94:42:18:
c0:b4:cc:cf:52:10:2f:8d:2e:09:45:8f:a6:d1:e7:
2f:a3:1e:6b:74:c6:64:95:88:6b:dc:50:c7:9c:48:
17:33:eb:f3:97:a0:68:0f:80:ce:bb:cf:cb:16:ea:
39:cc:0c:d3:d4:d0:5d:41:ed:81:15:f6:07:df:be:
d5:cd:35:7f:e4:f3:1d:79:a6:ea:5c:cc:6f:e9:f8:
e8:fb:8c:c0:12:63:75:3f:2c:b8:59:03:88:5b:0c:
ec:21:19:b3:ff:e8:c1:27:de:a0:60:c4:b1:55:7d:
f7:b9:9a:fb:15:92:20:da:b2:e3:ba:56:10:c3:3e:
89:7f:57:86:cb:25:61:6a:e1:c5:15:78:1c:b7:9c:
8b:0f:04:ec:22:11:07:66:ae:f7:02:2b:74:c3:04:
71:32:7f:f1:c8:a0:ea:92:2d:24:0a:2d:1b:97:c0:
45:0b:57:47:b3:33:ff:53:e8:27:0d:9b:65:63:6e:
d8:b8:c0:3d:76:70:18:94:98:ec:37:1e:60:5d:f9:
66:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E7:07:99:17:D7:70:25:84:DD:3D:BA:F9:82:F1:77:89:8A:95:07
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/R-cHmRfXcCWE3T26-YLxd4mKlQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.138.0/24
45.147.6.0/24
194.15.39.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b1:ba:34:6d:d7:7a:3f:84:a3:d8:30:a4:1a:37:2a:cf:e5:
6e:c8:18:fb:13:7a:0c:7f:47:a0:7d:38:1b:6d:aa:91:0d:0b:
ea:a4:4a:85:95:aa:ef:71:3d:e4:30:5f:bb:ab:a1:ee:70:aa:
57:13:3f:f1:0e:83:34:a2:f6:e4:5c:fd:e2:39:13:df:ec:1f:
cb:bb:ee:2a:f8:f3:91:ff:d8:b4:aa:c5:39:79:71:33:71:15:
be:1c:c3:48:86:47:16:df:55:5a:db:63:eb:41:4e:d4:ab:3c:
ab:99:74:4e:fa:e1:45:58:f0:3f:8f:f3:c1:c9:50:13:e6:e8:
56:1c:02:eb:ec:63:af:72:2e:4b:69:b2:bc:74:1e:2a:65:1a:
f8:86:c2:5d:4c:da:25:20:5c:59:2e:95:1a:d6:61:a5:e0:c4:
38:63:dc:36:8c:34:f7:ec:f6:d7:3d:1e:16:6f:e6:2b:6d:10:
8b:cd:68:d5:46:fd:27:53:70:9f:8a:7d:9e:84:c9:93:06:ab:
1c:72:77:98:f1:01:9c:7d:21:0c:0c:53:a4:33:1b:57:8e:5d:
c6:a2:a5:07:fe:c5:27:9a:20:e3:02:ff:da:34:02:3d:b4:be:
be:c8:9c:eb:b1:fd:87:45:1f:8c:cb:a0:18:16:d3:9f:cb:d8:
a9:ec:24:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs5h/yflWahMrBRYOC8M5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2U3MDc5OTE3ZDc3MDI1ODRkZDNkYmFmOTgyZjE3Nzg5OGE5NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUgNH0VAjLv3n02HNvj1J2vNr61h
MJVYaNTKYNoJeCmVrdgb+zyMCl90PHMWq2D6cnr3EOMLwJCUQhjAtMzPUhAvjS4J
RY+m0ecvox5rdMZklYhr3FDHnEgXM+vzl6BoD4DOu8/LFuo5zAzT1NBdQe2BFfYH
377VzTV/5PMdeabqXMxv6fjo+4zAEmN1Pyy4WQOIWwzsIRmz/+jBJ96gYMSxVX33
uZr7FZIg2rLjulYQwz6Jf1eGyyVhauHFFXgct5yLDwTsIhEHZq73Ait0wwRxMn/x
yKDqki0kCi0bl8BFC1dHszP/U+gnDZtlY27YuMA9dnAYlJjsNx5gXflmMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEfnB5kX13AlhN09uvmC8XeJipUHMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUi1jSG1SZlhjQ1dFM1QyNi1ZTHhkNG1LbFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUOKAwQA
LZMGAwQAwg8nMA0GCSqGSIb3DQEBCwUAA4IBAQAdsbo0bdd6P4Sj2DCkGjcqz+Vu
yBj7E3oMf0egfTgbbaqRDQvqpEqFlarvcT3kMF+7q6HucKpXEz/xDoM0ovbkXP3i
ORPf7B/Lu+4q+POR/9i0qsU5eXEzcRW+HMNIhkcW31Va22PrQU7UqzyrmXRO+uFF
WPA/j/PByVAT5uhWHALr7GOvci5LabK8dB4qZRr4hsJdTNolIFxZLpUa1mGl4MQ4
Y9w2jDT37PbXPR4Wb+YrbRCLzWjVRv0nU3Cfin2ehMmTBqsccneY8QGcfSEMDFOk
MxtXjl3GoqUH/sUnmiDjAv/aNAI9tL6+yJzrsf2HRR+My6AYFtOfy9ip7CQE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org