Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U7iQuuNThClvD3ZEKHig9ldQV9A.roa
File: U7iQuuNThClvD3ZEKHig9ldQV9A.roa (raw, json)
Hash identifier: Q6Ifws4x9snOhvkMofo9KFu/Eo6PcX1VtDWV8+NZD18=
Subject key identifier: 53:B8:90:BA:E3:53:84:29:6F:0F:76:44:28:78:A0:F6:57:50:57:D0
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188762CDF7D79738AE841211E4930FAA967
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U7iQuuNThClvD3ZEKHig9ldQV9A.roa
Signing time: Thu 01 Jun 2023 08:57:12 +0000
ROA not before: Thu 01 Jun 2023 08:57:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198361
IP address blocks: 45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Jul 2023 14:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:2c:df:7d:79:73:8a:e8:41:21:1e:49:30:fa:a9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 1 08:57:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53b890bae35384296f0f76442878a0f6575057d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:41:20:41:db:d7:76:52:37:65:2f:b5:28:2f:
e4:37:a1:7a:8c:0b:46:33:08:37:2c:ed:2f:cb:d1:
1b:e4:b7:5d:8e:49:7d:e8:4a:d1:5f:e2:30:13:14:
e0:f2:49:a7:8b:4e:15:98:41:e2:12:31:80:94:1c:
1f:fc:ac:fc:ab:2d:c4:33:a5:ce:bb:80:1a:dc:a8:
0b:b5:f4:da:ee:f8:85:2f:d1:35:b3:01:b8:bd:d1:
ee:5c:34:ea:ac:d6:5f:36:d6:49:13:3c:b7:bc:4b:
21:16:4b:9c:4e:99:27:cf:42:ab:43:43:7e:db:f4:
d1:9d:31:e4:ba:eb:6d:16:58:4f:f5:88:7c:64:47:
3d:ca:d2:e0:1f:c2:e8:25:50:f9:8f:2f:8f:0a:86:
39:84:51:fc:10:e8:74:76:8c:15:f1:ee:48:40:3a:
db:ff:46:34:6c:26:56:6c:57:3d:50:4a:d2:16:b7:
4c:c0:f4:c6:ed:7e:ec:0b:64:f1:0e:63:ac:b0:37:
d4:fc:3f:29:54:7e:b8:33:d8:f5:d5:56:6d:51:42:
d1:16:d2:e0:80:55:9f:80:b0:40:6a:38:e6:2d:58:
ca:c7:86:53:58:55:5c:2c:27:f3:f5:89:7e:96:3c:
28:cb:3e:81:34:54:5d:f9:fb:b0:d6:0a:28:15:b4:
41:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B8:90:BA:E3:53:84:29:6F:0F:76:44:28:78:A0:F6:57:50:57:D0
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/U7iQuuNThClvD3ZEKHig9ldQV9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ef:8a:08:8a:09:03:17:00:33:4e:0e:c6:66:38:84:3f:f7:
fa:6f:cd:96:0d:47:af:99:27:3d:c3:ec:85:6e:81:01:55:f7:
7e:ea:76:ad:fa:b2:42:08:9a:3c:e7:b6:f3:9c:81:12:c7:95:
4a:c0:85:88:1a:f3:5d:63:0c:bf:b7:6b:dd:e6:ed:6a:d8:a4:
8f:2a:a7:eb:32:18:ea:77:ac:74:26:9f:19:d9:93:81:7e:c4:
12:7e:8e:11:5b:66:fa:37:51:4a:38:be:36:84:a2:86:c6:07:
23:8c:17:99:08:ee:73:c9:87:ca:cb:51:74:3c:0c:64:80:10:
8a:9e:a7:b2:a9:db:35:10:33:f1:95:e0:56:b4:73:65:d7:af:
80:12:5c:ee:5c:85:e0:48:7a:52:3d:01:d0:79:66:ce:e9:9b:
73:62:bc:4f:4a:1c:9d:49:e9:0c:b6:76:76:6f:42:53:1a:41:
6c:4f:bd:11:d2:c7:86:90:39:15:52:69:a1:0a:02:34:cd:ee:
52:20:32:38:ad:64:f5:4f:24:f9:9c:1d:c6:d0:b0:d9:3c:e9:
09:24:f9:35:50:70:cf:c7:ee:45:eb:25:bf:bc:7c:74:18:32:
6d:50:5e:cf:dc:17:87:72:fc:77:39:ba:ea:fd:d3:b4:e2:7c:
b2:f1:2f:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh2LN99eXOK6EEhHkkw+qlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjAxMDg1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I4OTBiYWUzNTM4NDI5NmYwZjc2NDQyODc4YTBmNjU3NTA1N2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0EgQdvXdlI3ZS+1KC/kN6F6jAtG
Mwg3LO0vy9Eb5Lddjkl96ErRX+IwExTg8kmni04VmEHiEjGAlBwf/Kz8qy3EM6XO
u4Aa3KgLtfTa7viFL9E1swG4vdHuXDTqrNZfNtZJEzy3vEshFkucTpknz0KrQ0N+
2/TRnTHkuuttFlhP9Yh8ZEc9ytLgH8LoJVD5jy+PCoY5hFH8EOh0dowV8e5IQDrb
/0Y0bCZWbFc9UErSFrdMwPTG7X7sC2TxDmOssDfU/D8pVH64M9j11VZtUULRFtLg
gFWfgLBAajjmLVjKx4ZTWFVcLCfz9Yl+ljwoyz6BNFRd+fuw1gooFbRBRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFO4kLrjU4Qpbw92RCh4oPZXUFfQMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVTdpUXV1TlRoQ2x2RDNaRUtIaWc5bGRRVjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALViKMA0G
CSqGSIb3DQEBCwUAA4IBAQBs74oIigkDFwAzTg7GZjiEP/f6b82WDUevmSc9w+yF
boEBVfd+6nat+rJCCJo857bznIESx5VKwIWIGvNdYwy/t2vd5u1q2KSPKqfrMhjq
d6x0Jp8Z2ZOBfsQSfo4RW2b6N1FKOL42hKKGxgcjjBeZCO5zyYfKy1F0PAxkgBCK
nqeyqds1EDPxleBWtHNl16+AElzuXIXgSHpSPQHQeWbO6ZtzYrxPShydSekMtnZ2
b0JTGkFsT70R0seGkDkVUmmhCgI0ze5SIDI4rWT1TyT5nB3G0LDZPOkJJPk1UHDP
x+5F6yW/vHx0GDJtUF7P3BeHcvx3Obrq/dO04nyy8S9N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org