Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/rFVsj3EaPwIN801_MwgTGTy0fPo.roa
File: rFVsj3EaPwIN801_MwgTGTy0fPo.roa (raw, json)
Hash identifier: 7yehj7N9juBkS0mZG5a2eZkmZtrH5QMaiX+tygB3HjE=
Subject key identifier: AC:55:6C:8F:71:1A:3F:02:0D:F3:4D:7F:33:08:13:19:3C:B4:7C:FA
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0185781023C6E4942D1784E308140F31A1F0
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/rFVsj3EaPwIN801_MwgTGTy0fPo.roa
Signing time: Tue 03 Jan 2023 14:36:41 +0000
ROA not before: Tue 03 Jan 2023 14:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.115.217.0/24 maxlen: 24
45.140.210.0/24 maxlen: 24
45.140.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 20:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:10:23:c6:e4:94:2d:17:84:e3:08:14:0f:31:a1:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 3 14:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac556c8f711a3f020df34d7f330813193cb47cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1a:4f:d5:a8:d6:be:8e:ed:20:13:a0:d2:b4:
bf:40:45:5b:d4:d4:96:c7:ed:c5:6c:e4:a2:9b:46:
56:d4:bf:8e:9f:71:4d:05:95:36:c5:05:c2:09:cc:
c2:27:74:bb:3e:10:29:27:22:f6:56:a5:69:ef:22:
a5:24:9b:3a:00:c7:9a:d2:d1:7b:92:24:69:f7:16:
37:a8:97:7c:c9:0e:a5:75:ad:58:49:7a:36:4b:c5:
68:d3:e0:f9:4d:90:ed:2a:92:cc:58:fb:67:19:df:
6e:9a:62:0f:8c:98:c2:af:ce:2c:4f:6b:b6:11:e9:
33:2a:c1:83:1e:cd:6c:3c:65:98:32:8f:70:5d:9d:
59:ff:5d:13:fa:67:ff:f2:e4:93:ff:03:71:6e:83:
2e:2e:f1:8b:85:93:bd:79:14:7d:39:60:83:17:34:
41:5d:8f:4d:35:3a:29:44:a3:43:2f:5e:d8:50:a2:
e9:66:c7:65:31:63:e6:b9:ce:8d:5e:41:48:65:1f:
0c:36:99:4e:dd:77:e6:cc:f7:90:ee:82:f8:aa:e6:
b1:76:b3:75:09:e8:f2:6d:b7:f3:aa:ad:6e:ef:47:
af:d0:e0:47:bc:66:ec:c5:e6:ff:df:76:80:d2:4b:
5b:5e:02:10:fb:05:f2:96:00:3b:75:fe:96:59:24:
f8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:55:6C:8F:71:1A:3F:02:0D:F3:4D:7F:33:08:13:19:3C:B4:7C:FA
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/rFVsj3EaPwIN801_MwgTGTy0fPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.210.0/23
82.115.217.0/24
Signature Algorithm: sha256WithRSAEncryption
70:80:42:c2:27:4f:7c:a1:0c:a5:c0:3c:ba:6e:ac:4d:a7:5b:
83:bf:ad:8d:e6:9a:ab:c8:08:3f:40:52:f8:25:fb:2d:47:6d:
42:42:97:bc:78:27:7f:7d:e5:46:52:ac:99:c9:d0:c9:fa:4e:
2e:6a:55:eb:03:cd:98:a9:bc:69:86:67:1d:91:b7:44:24:2d:
03:93:81:5e:d8:4c:5c:8a:1d:81:3c:8d:45:a4:da:cc:a7:c7:
24:49:f2:a7:68:c6:c7:47:eb:d1:52:32:d9:d7:37:31:0e:e2:
2d:42:91:3c:5d:af:25:89:8a:ee:ce:16:72:0e:f6:b4:65:6e:
ed:c5:31:07:14:51:5a:5c:ac:cf:a7:12:99:72:ff:3c:85:f3:
86:09:24:d9:d1:d6:41:1d:c3:3e:34:93:01:1d:72:f4:b6:ce:
9f:a0:87:c1:5e:b7:70:57:30:3d:5a:aa:ae:64:4b:7b:a7:90:
70:d1:ed:8e:47:21:b5:d3:8a:8c:e2:39:33:d8:a9:bf:4f:3c:
d9:cb:56:61:5a:93:99:35:1f:0a:7d:87:17:08:ea:5b:1a:44:
11:1f:13:67:6b:48:8a:0f:f1:ff:68:ad:d1:3b:8b:04:94:bd:
39:af:bb:f7:0d:b5:09:cb:1a:27:1a:34:1b:66:9f:7b:35:f4:
85:18:b4:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV4ECPG5JQtF4TjCBQPMaHwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjMwMTAzMTQzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU1NmM4ZjcxMWEzZjAyMGRmMzRkN2YzMzA4MTMxOTNjYjQ3Y2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BpP1ajWvo7tIBOg0rS/QEVb1NSW
x+3FbOSim0ZW1L+On3FNBZU2xQXCCczCJ3S7PhApJyL2VqVp7yKlJJs6AMea0tF7
kiRp9xY3qJd8yQ6lda1YSXo2S8Vo0+D5TZDtKpLMWPtnGd9ummIPjJjCr84sT2u2
EekzKsGDHs1sPGWYMo9wXZ1Z/10T+mf/8uST/wNxboMuLvGLhZO9eRR9OWCDFzRB
XY9NNTopRKNDL17YUKLpZsdlMWPmuc6NXkFIZR8MNplO3XfmzPeQ7oL4quaxdrN1
Cejybbfzqq1u70ev0OBHvGbsxeb/33aA0ktbXgIQ+wXylgA7df6WWST4awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKxVbI9xGj8CDfNNfzMIExk8tHz6MB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvckZWc2ozRWFQd0lOODAxX013Z1RHVHkwZlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYzSAwQA
UnPZMA0GCSqGSIb3DQEBCwUAA4IBAQBwgELCJ098oQylwDy6bqxNp1uDv62N5pqr
yAg/QFL4JfstR21CQpe8eCd/feVGUqyZydDJ+k4ualXrA82YqbxphmcdkbdEJC0D
k4Fe2Excih2BPI1FpNrMp8ckSfKnaMbHR+vRUjLZ1zcxDuItQpE8Xa8liYruzhZy
Dva0ZW7txTEHFFFaXKzPpxKZcv88hfOGCSTZ0dZBHcM+NJMBHXL0ts6foIfBXrdw
VzA9WqquZEt7p5Bw0e2ORyG104qM4jkz2Km/TzzZy1ZhWpOZNR8KfYcXCOpbGkQR
HxNna0iKD/H/aK3RO4sElL05r7v3DbUJyxonGjQbZp97NfSFGLRS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:57 2024 by rpki-client on console-ams.rpki-client.org