Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ehYR-wFhZh9qgR7TPg0MOzdRVMs.roa
File: ehYR-wFhZh9qgR7TPg0MOzdRVMs.roa (raw, json)
Hash identifier: zDFxdzP/+7DO6uXmOIg8R3CtEhTL13VlnsAIuKvKoUQ=
Subject key identifier: 7A:16:11:FB:01:61:66:1F:6A:81:1E:D3:3E:0D:0C:3B:37:51:54:CB
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018C91AC0326A489C6AB1F5A73B0F9C64EBC
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ehYR-wFhZh9qgR7TPg0MOzdRVMs.roa
Signing time: Fri 22 Dec 2023 13:16:58 +0000
ROA not before: Fri 22 Dec 2023 13:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398395
IP address blocks: 2.58.200.0/24 maxlen: 24
45.67.87.0/24 maxlen: 24
45.134.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:ac:03:26:a4:89:c6:ab:1f:5a:73:b0:f9:c6:4e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 22 13:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a1611fb0161661f6a811ed33e0d0c3b375154cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:26:a9:10:7e:6c:2c:7b:a9:c8:0b:e5:67:ca:
08:eb:29:e4:89:af:14:dd:43:50:e8:01:03:69:99:
8f:63:88:b1:6a:e2:64:97:d6:18:47:7f:be:6f:15:
d8:bd:27:cf:b2:0f:65:c9:be:73:bd:1e:65:bc:fc:
93:96:64:84:44:7a:04:c4:93:75:f0:9c:71:9e:57:
10:a8:93:4a:93:72:79:6d:66:bc:e2:36:48:84:55:
67:04:c4:e7:94:0e:57:21:55:30:10:75:ac:46:4d:
b0:d5:9f:ab:b1:21:40:a7:af:2c:b2:dc:5f:0a:41:
f8:ef:a1:60:93:79:23:a5:84:4d:b6:7d:56:75:03:
47:0b:88:ba:c1:22:c7:2e:d4:1f:e3:38:51:be:6e:
f0:57:f1:c2:1b:4b:7b:11:11:3e:66:99:55:6b:c8:
36:ea:e7:98:5d:02:f5:4c:5d:38:73:95:2a:01:a2:
c1:a1:52:d1:d9:6f:f9:94:2a:f7:1b:ed:26:ec:e3:
3e:bc:4a:5a:fa:43:f9:c9:c6:41:4c:eb:9e:b4:6b:
21:8e:9e:ee:1b:81:ac:15:e8:20:d7:aa:e1:2b:83:
96:7d:0e:35:50:c6:c4:ba:09:bd:8a:fb:1a:4c:78:
4f:c5:12:30:13:e5:1f:b2:d9:68:cc:0a:60:19:a8:
12:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:16:11:FB:01:61:66:1F:6A:81:1E:D3:3E:0D:0C:3B:37:51:54:CB
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ehYR-wFhZh9qgR7TPg0MOzdRVMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.200.0/24
45.67.87.0/24
45.134.110.0/24
Signature Algorithm: sha256WithRSAEncryption
17:af:0a:9f:58:6a:41:b1:bb:2e:b5:9b:c0:98:e6:bd:ab:f6:
fc:ce:31:f4:08:c7:0e:ef:28:dd:73:55:20:58:5c:77:34:47:
d6:3b:43:b8:9f:69:fd:e1:47:ca:d2:b4:97:3d:55:9f:ec:2c:
a5:fa:17:58:02:88:33:0c:32:8f:ce:dd:4d:c0:7a:eb:4a:f6:
1e:0c:9c:48:9e:65:9a:09:43:5a:de:c9:76:15:7a:7a:fa:1b:
c0:8f:e5:67:1b:ce:5f:f0:f0:94:be:a3:d1:ff:19:86:82:53:
2d:05:4b:fd:96:b6:2a:e9:f1:a8:34:17:32:c0:fc:c6:db:6c:
36:76:1e:76:8d:f8:51:ce:d6:0a:66:10:56:75:9e:04:07:f0:
2b:cf:86:1a:2f:30:86:0b:6b:01:f2:df:d4:82:b4:a0:ec:1a:
64:04:c1:5b:ee:31:6d:81:5e:ca:ef:ea:68:9d:9f:51:a1:37:
2c:a3:1a:8e:9b:56:0a:97:3f:f0:c7:51:b1:d1:85:7b:83:c8:
27:18:b6:ea:c7:ca:a3:74:17:5e:41:e2:c2:58:56:14:6d:ef:
e2:28:47:e1:27:8f:e6:06:5e:06:b0:35:2c:c9:26:85:ac:d3:
46:86:19:20:73:7f:8a:67:4f:15:c6:a1:81:24:e7:0c:e2:6f:
ed:b4:98:85
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyRrAMmpInGqx9ac7D5xk68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMjIyMTMxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE2MTFmYjAxNjE2NjFmNmE4MTFlZDMzZTBkMGMzYjM3NTE1NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiapEH5sLHupyAvlZ8oI6ynkia8U
3UNQ6AEDaZmPY4ixauJkl9YYR3++bxXYvSfPsg9lyb5zvR5lvPyTlmSERHoExJN1
8JxxnlcQqJNKk3J5bWa84jZIhFVnBMTnlA5XIVUwEHWsRk2w1Z+rsSFAp68sstxf
CkH476Fgk3kjpYRNtn1WdQNHC4i6wSLHLtQf4zhRvm7wV/HCG0t7ERE+ZplVa8g2
6ueYXQL1TF04c5UqAaLBoVLR2W/5lCr3G+0m7OM+vEpa+kP5ycZBTOuetGshjp7u
G4GsFegg16rhK4OWfQ41UMbEugm9ivsaTHhPxRIwE+UfstlozApgGagS5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHoWEfsBYWYfaoEe0z4NDDs3UVTLMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZWhZUi13RmhaaDlxZ1I3VFBnME1PemRSVk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjrIAwQA
LUNXAwQALYZuMA0GCSqGSIb3DQEBCwUAA4IBAQAXrwqfWGpBsbsutZvAmOa9q/b8
zjH0CMcO7yjdc1UgWFx3NEfWO0O4n2n94UfK0rSXPVWf7Cyl+hdYAogzDDKPzt1N
wHrrSvYeDJxInmWaCUNa3sl2FXp6+hvAj+VnG85f8PCUvqPR/xmGglMtBUv9lrYq
6fGoNBcywPzG22w2dh52jfhRztYKZhBWdZ4EB/Arz4YaLzCGC2sB8t/UgrSg7Bpk
BMFb7jFtgV7K7+ponZ9RoTcsoxqOm1YKlz/wx1Gx0YV7g8gnGLbqx8qjdBdeQeLC
WFYUbe/iKEfhJ4/mBl4GsDUsySaFrNNGhhkgc3+KZ08VxqGBJOcM4m/ttJiF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org