Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/erM--BElSesOm4tN4tUiuFxRZc0.roa
File: erM--BElSesOm4tN4tUiuFxRZc0.roa (raw, json)
Hash identifier: zfW4QXDxMhaX78pqiVUYCTWNvDPS0/nokIBxlPLuzno=
Subject key identifier: 7A:B3:3E:F8:11:25:49:EB:0E:9B:8B:4D:E2:D5:22:B8:5C:51:65:CD
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018E86E0389E517088E3F6EEA427008BF11E
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/erM--BElSesOm4tN4tUiuFxRZc0.roa
Signing time: Thu 28 Mar 2024 21:03:45 +0000
ROA not before: Thu 28 Mar 2024 21:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.134.36.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.142.106.0/24 maxlen: 24
92.118.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 30 Mar 2024 08:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:e0:38:9e:51:70:88:e3:f6:ee:a4:27:00:8b:f1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 28 21:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ab33ef8112549eb0e9b8b4de2d522b85c5165cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:be:a6:52:2f:ff:3b:68:1e:86:cf:5d:9a:17:
6b:f7:17:47:94:5e:da:8f:90:80:a5:84:3d:6a:76:
fd:3a:bd:ff:0b:69:16:f3:f2:2e:95:39:6d:5f:e8:
09:7c:16:37:d2:41:ee:01:66:dc:52:e0:75:a4:a1:
4c:49:3b:d6:f5:94:fe:af:54:44:0a:eb:7e:5e:1a:
b1:e2:93:74:37:71:c9:d3:bc:b7:0d:15:ca:41:39:
e3:b3:f6:f4:3b:5b:79:d4:41:fb:e8:34:89:71:07:
d0:2c:67:ee:60:fa:8d:b5:69:18:20:03:35:8d:ce:
8f:3c:b4:9f:4d:dd:56:7c:af:1f:27:bb:fc:ae:ce:
b3:e6:46:b7:1b:e1:57:29:6e:70:76:5c:f8:b1:b2:
6c:2b:43:9e:f4:aa:6d:e7:cf:0a:9e:60:66:b9:02:
c2:0b:8d:25:a0:b1:29:c1:57:f4:99:c9:e7:83:35:
be:89:27:b9:a6:eb:f8:2b:68:4e:29:77:b7:0b:37:
3b:3e:0c:81:52:49:c5:22:cb:c2:59:44:a6:6a:46:
77:f4:03:e9:fb:fb:fc:da:73:d8:34:5c:e1:e5:f8:
75:85:db:0a:c9:99:e5:89:86:76:e4:8c:5e:ed:66:
a2:79:5f:95:3a:16:d1:bf:69:58:b5:7d:e5:8c:5a:
a1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B3:3E:F8:11:25:49:EB:0E:9B:8B:4D:E2:D5:22:B8:5C:51:65:CD
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/erM--BElSesOm4tN4tUiuFxRZc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.36.0/24
45.142.105.0-45.142.106.255
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
82:53:7f:79:44:81:82:ee:ca:ce:ea:96:e4:ee:2a:cd:b2:ab:
d4:3a:fa:7c:06:f5:ee:bf:b8:6a:67:c4:29:46:4c:2e:63:d3:
46:2a:e6:0b:d0:e3:8d:d3:d6:0f:f3:a7:ec:f1:fd:76:b4:17:
a3:c3:1c:88:d2:c2:2e:83:03:bf:f9:07:c9:93:c1:fd:d5:73:
4a:be:da:59:de:5c:72:ba:0e:82:60:62:0b:54:c3:d3:14:4e:
ee:e8:99:e6:db:7a:38:75:8b:44:50:55:d1:7b:3b:7a:5e:46:
d3:ec:9f:b8:7c:fc:e7:dd:e1:66:9c:fd:f2:5a:d5:a0:17:ad:
91:b9:18:0c:d8:35:dc:36:94:54:30:9e:f6:81:57:a8:89:e9:
3f:79:cc:f6:7e:ad:12:cc:c8:43:f0:b6:cd:8b:df:93:a2:6c:
bd:50:55:ad:35:e6:4a:9d:7d:46:8d:5f:12:08:a7:9b:55:ac:
fa:23:5d:75:06:79:1a:b2:fe:b5:03:0b:fb:46:6a:f1:e5:ac:
d2:24:9d:9c:a0:3b:3e:ef:48:32:61:e3:59:47:75:2b:1b:ee:
e0:fb:4d:a4:d0:dc:62:25:e8:1b:65:28:3b:e2:50:6a:a0:99:
3f:19:b8:7e:c7:20:4b:1e:7a:af:50:ee:9f:a2:88:ac:d6:44:
6a:ae:60:73
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY6G4DieUXCI4/bupCcAi/EeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMzI4MjEwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIzM2VmODExMjU0OWViMGU5YjhiNGRlMmQ1MjJiODVjNTE2NWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9L6mUi//O2gehs9dmhdr9xdHlF7a
j5CApYQ9anb9Or3/C2kW8/IulTltX+gJfBY30kHuAWbcUuB1pKFMSTvW9ZT+r1RE
Cut+Xhqx4pN0N3HJ07y3DRXKQTnjs/b0O1t51EH76DSJcQfQLGfuYPqNtWkYIAM1
jc6PPLSfTd1WfK8fJ7v8rs6z5ka3G+FXKW5wdlz4sbJsK0Oe9Kpt588KnmBmuQLC
C40loLEpwVf0mcnngzW+iSe5puv4K2hOKXe3Czc7PgyBUknFIsvCWUSmakZ39APp
+/v82nPYNFzh5fh1hdsKyZnliYZ25Ixe7WaieV+VOhbRv2lYtX3ljFqhcQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHqzPvgRJUnrDpuLTeLVIrhcUWXNMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZXJNLS1CRWxTZXNPbTR0TjR0VWl1RnhSWmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALYYkMAwD
BAAtjmkDBAAtjmoDBAJcdswwDQYJKoZIhvcNAQELBQADggEBAIJTf3lEgYLuys7q
luTuKs2yq9Q6+nwG9e6/uGpnxClGTC5j00Yq5gvQ443T1g/zp+zx/Xa0F6PDHIjS
wi6DA7/5B8mTwf3Vc0q+2lneXHK6DoJgYgtUw9MUTu7omebbejh1i0RQVdF7O3pe
RtPsn7h8/Ofd4Wac/fJa1aAXrZG5GAzYNdw2lFQwnvaBV6iJ6T95zPZ+rRLMyEPw
ts2L35OibL1QVa015kqdfUaNXxIIp5tVrPojXXUGeRqy/rUDC/tGavHlrNIknZyg
Oz7vSDJh41lHdSsb7uD7TaTQ3GIl6BtlKDviUGqgmT8ZuH7HIEseeq9Q7p+iiKzW
RGquYHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org