Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U1BAfJ_8W-a6zHNO4jvIoUrBbyM.roa
File: U1BAfJ_8W-a6zHNO4jvIoUrBbyM.roa (raw, json)
Hash identifier: aVE1DY+85xDgdHcM/1l3YuGbbYT/GaZ4WBhpaTcFDZs=
Subject key identifier: 53:50:40:7C:9F:FC:5B:E6:BA:CC:73:4E:E2:3B:C8:A1:4A:C1:6F:23
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F45E666E256AAB50B7E3905FC0B72
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U1BAfJ_8W-a6zHNO4jvIoUrBbyM.roa
Signing time: Tue 02 Jan 2024 04:29:44 +0000
ROA not before: Tue 02 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 45.151.2.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:45:e6:66:e2:56:aa:b5:0b:7e:39:05:fc:0b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5350407c9ffc5be6bacc734ee23bc8a14ac16f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e5:b7:4b:d4:61:fb:dc:f9:70:5c:02:e7:80:
25:d4:95:f5:d6:ef:12:49:d2:c6:d0:ea:f3:49:a5:
ef:65:3c:db:eb:6f:3f:a5:01:23:33:f1:36:66:5d:
2f:50:ab:16:36:8a:b7:55:7a:f8:c4:0f:fd:24:c9:
f3:b7:b3:aa:d3:39:fe:de:43:b6:48:4c:ba:0b:5c:
da:9f:1f:a0:7c:ab:cc:0d:f5:b3:ec:cf:2c:38:6e:
e6:b6:32:8a:72:b3:4d:bd:c8:53:21:17:c4:bd:c8:
d9:0a:ef:a3:0f:af:89:d9:c1:fa:f2:b7:95:e6:22:
82:18:85:cb:e3:3b:99:17:40:64:ab:32:9b:ee:63:
a9:5f:01:db:ab:26:3b:6c:1b:a9:6f:e1:3c:b0:54:
7e:0e:71:11:13:28:2f:85:df:09:e6:ef:25:72:a9:
8a:0b:c0:5e:a7:33:a1:07:ab:3d:6b:90:e6:fb:1f:
ba:bf:10:12:b4:3e:5a:0f:fd:d0:3b:25:1b:96:17:
82:a5:35:27:28:72:19:0f:78:14:93:9a:48:6f:92:
1c:d0:9c:59:e6:a6:20:a3:ec:74:e0:bb:dc:bb:3e:
a9:7f:aa:46:c9:16:2d:44:12:66:9a:cd:7c:b0:a9:
20:04:f7:47:6b:b5:9a:d2:ab:05:03:4f:87:0b:8b:
55:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:50:40:7C:9F:FC:5B:E6:BA:CC:73:4E:E2:3B:C8:A1:4A:C1:6F:23
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U1BAfJ_8W-a6zHNO4jvIoUrBbyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.144.214.0/24
45.151.2.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b0:2b:a3:76:97:e4:3c:27:88:48:78:28:f0:0c:20:9f:34:
7d:d2:36:e8:4b:7b:25:57:b6:c8:27:63:e2:2a:3c:5f:13:28:
df:f3:c7:25:3f:05:eb:49:89:8a:ee:6c:47:e1:b2:0f:04:c6:
79:c1:ae:38:97:2d:25:c1:e0:2b:76:55:1e:fc:b6:a0:0f:57:
82:d7:9c:fd:c5:1c:18:b1:f9:ca:f9:e6:b2:ef:77:41:1c:cb:
12:ad:db:64:c6:40:51:19:38:6a:4d:ae:b0:62:59:68:fc:eb:
91:a1:8e:bb:29:20:3f:5e:01:fb:eb:89:c7:64:dd:db:af:64:
ea:3d:3e:a3:ba:b3:a9:43:da:40:d6:66:c7:18:9b:97:05:26:
dc:0e:8b:cf:46:b6:3b:0f:07:7d:12:19:ea:f0:36:cf:fa:e4:
da:e5:fd:a5:73:ff:4d:9d:72:af:80:1f:b0:06:98:15:05:b2:
68:48:13:2e:d2:79:9e:e6:a4:a9:a0:38:3b:d8:a4:af:2d:ad:
bb:b6:77:98:06:1b:a0:12:5e:d3:c0:67:a3:b2:23:f2:a0:0d:
1d:3c:53:cc:69:3e:01:37:e3:b1:f0:85:76:8d:6a:af:f5:bd:
8b:73:20:ac:41:50:88:29:04:05:c9:34:17:e0:53:f7:fe:77:
03:2e:94:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb0XmZuJWqrULfjkF/AtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUwNDA3YzlmZmM1YmU2YmFjYzczNGVlMjNiYzhhMTRhYzE2ZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeW3S9Rh+9z5cFwC54Al1JX11u8S
SdLG0OrzSaXvZTzb628/pQEjM/E2Zl0vUKsWNoq3VXr4xA/9JMnzt7Oq0zn+3kO2
SEy6C1zanx+gfKvMDfWz7M8sOG7mtjKKcrNNvchTIRfEvcjZCu+jD6+J2cH68reV
5iKCGIXL4zuZF0BkqzKb7mOpXwHbqyY7bBupb+E8sFR+DnEREygvhd8J5u8lcqmK
C8BepzOhB6s9a5Dm+x+6vxAStD5aD/3QOyUblheCpTUnKHIZD3gUk5pIb5Ic0JxZ
5qYgo+x04Lvcuz6pf6pGyRYtRBJmms18sKkgBPdHa7Wa0qsFA0+HC4tVvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFNQQHyf/FvmusxzTuI7yKFKwW8jMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVTFCQWZKXzhXLWE2ekhOTzRqdklvVXJCYnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALViKAwQA
LZDWAwQALZcCAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQAisCujdpfkPCeISHgo
8AwgnzR90jboS3slV7bIJ2PiKjxfEyjf88clPwXrSYmK7mxH4bIPBMZ5wa44ly0l
weArdlUe/LagD1eC15z9xRwYsfnK+eay73dBHMsSrdtkxkBRGThqTa6wYllo/OuR
oY67KSA/XgH764nHZN3br2TqPT6jurOpQ9pA1mbHGJuXBSbcDovPRrY7Dwd9Ehnq
8DbP+uTa5f2lc/9NnXKvgB+wBpgVBbJoSBMu0nme5qSpoDg72KSvLa27tneYBhug
El7TwGejsiPyoA0dPFPMaT4BN+Ox8IV2jWqv9b2LcyCsQVCIKQQFyTQX4FP3/ncD
LpSB
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:41 2024 by rpki-client on console-fra.rpki-client.org