Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/sKHUW7kY1-_b64brHxdgL-izDK4.roa
File: sKHUW7kY1-_b64brHxdgL-izDK4.roa (raw, json)
Hash identifier: oYq8tYcfqqfm4xm9+6J8jWKHU3XpV8NG7mhqGsWXcO0=
Subject key identifier: B0:A1:D4:5B:B9:18:D7:EF:DB:EB:86:EB:1F:17:60:2F:E8:B3:0C:AE
Certificate issuer: /CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Certificate serial: 018A5FB5CD58B4688E3ACFE42D3D2929412D
Authority key identifier: D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/sKHUW7kY1-_b64brHxdgL-izDK4.roa
Signing time: Mon 04 Sep 2023 10:21:04 +0000
ROA not before: Mon 04 Sep 2023 10:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212853
IP address blocks: 45.81.252.0/24 maxlen: 24
45.81.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Sep 2023 09:25:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:b5:cd:58:b4:68:8e:3a:cf:e4:2d:3d:29:29:41:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5e6733fa239c5fb0c438c82f7c230f55d478cb1
Validity
Not Before: Sep 4 10:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0a1d45bb918d7efdbeb86eb1f17602fe8b30cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:ba:f8:73:df:2d:07:5f:e1:3b:de:0e:91:
05:54:ea:e1:ac:8c:cf:97:44:8f:6d:ab:05:36:07:
94:41:30:1b:9d:40:60:c4:32:86:34:56:c0:65:9d:
85:f9:3b:2f:e8:12:4a:02:77:cd:e1:7e:5b:14:71:
53:4c:d6:ab:fe:5c:b5:46:3e:c4:18:a5:9d:17:83:
ec:13:bb:24:9a:50:c2:26:a8:43:46:5d:1f:ad:54:
a4:ea:e5:88:4b:70:fd:0a:15:ee:1a:ce:25:6b:6e:
e2:56:88:f6:1f:f5:ae:72:c9:98:88:ab:34:86:84:
bd:7b:86:34:15:ac:10:c8:07:2e:93:b7:7a:e0:c7:
de:87:7d:be:72:ff:45:44:19:1b:06:66:4c:4a:79:
48:f0:f7:5f:f9:22:a2:84:1a:ad:83:4d:35:cf:e8:
84:09:7b:a0:be:77:94:74:15:57:33:54:95:6b:db:
ad:9a:a9:f2:61:76:06:33:4a:e2:9a:74:0e:b9:80:
b7:72:16:98:40:7d:48:b6:70:22:a3:b1:10:be:81:
c0:ef:86:c8:d4:73:4f:17:f6:33:c5:f7:bd:cb:54:
f7:68:06:27:b6:e7:47:56:ca:84:32:1b:3d:51:66:
00:79:ef:00:a2:67:e4:94:21:05:2b:58:5e:0e:ee:
21:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A1:D4:5B:B9:18:D7:EF:DB:EB:86:EB:1F:17:60:2F:E8:B3:0C:AE
X509v3 Authority Key Identifier:
keyid:D5:E6:73:3F:A2:39:C5:FB:0C:43:8C:82:F7:C2:30:F5:5D:47:8C:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/sKHUW7kY1-_b64brHxdgL-izDK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/25c95e-7f27-4d69-856d-a38b6795fb24/1/1eZzP6I5xfsMQ4yC98Iw9V1HjLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.252.0/24
45.81.254.0/24
Signature Algorithm: sha256WithRSAEncryption
54:01:55:85:5f:7f:28:ed:0c:07:79:b2:b4:73:ce:7f:78:32:
53:ab:8c:30:d2:2d:f5:85:71:ea:bc:2c:d4:7d:d3:44:7b:b9:
07:84:c0:fd:75:9a:54:94:52:7c:58:2b:e9:f7:32:0e:4e:de:
7e:15:15:7d:cd:28:f0:5d:c8:d5:72:78:1e:c9:c6:63:70:1e:
5d:5c:30:c5:12:7c:ea:67:ce:61:55:58:ca:50:a0:17:1c:70:
d5:b6:e1:b3:da:13:6c:d2:d3:d9:b0:36:d1:83:1f:22:f3:ce:
5e:31:a5:2a:39:cc:42:4f:8e:13:01:fd:f1:16:11:e0:98:8a:
e9:fe:6e:2f:a8:47:62:0f:06:60:bb:24:19:35:eb:f9:85:70:
af:3e:bb:ab:ed:de:ed:c4:c3:7c:d4:ef:d0:b0:b6:55:35:b7:
f8:b1:25:73:ba:b4:f9:56:02:d2:2e:da:67:68:6d:7a:74:91:
ab:a0:6c:87:9c:0b:0e:eb:f2:ac:9d:c7:b9:fa:5f:d3:60:19:
4f:0b:57:e2:81:69:fd:7c:77:ed:ff:97:8f:5b:d6:1a:d3:ba:
0b:92:31:ea:29:b0:72:2b:a6:1b:f5:40:16:38:7d:1a:4f:a6:
da:86:09:04:3f:54:df:57:24:6e:98:3f:5c:a3:cf:4c:97:69:
24:57:51:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpftc1YtGiOOs/kLT0pKUEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZTY3MzNmYTIzOWM1ZmIwYzQzOGM4MmY3YzIzMGY1NWQ0
NzhjYjEwHhcNMjMwOTA0MTAyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGExZDQ1YmI5MThkN2VmZGJlYjg2ZWIxZjE3NjAyZmU4YjMwY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8q6+HPfLQdf4TveDpEFVOrhrIzP
l0SPbasFNgeUQTAbnUBgxDKGNFbAZZ2F+Tsv6BJKAnfN4X5bFHFTTNar/ly1Rj7E
GKWdF4PsE7skmlDCJqhDRl0frVSk6uWIS3D9ChXuGs4la27iVoj2H/WucsmYiKs0
hoS9e4Y0FawQyAcuk7d64Mfeh32+cv9FRBkbBmZMSnlI8Pdf+SKihBqtg001z+iE
CXugvneUdBVXM1SVa9utmqnyYXYGM0rimnQOuYC3chaYQH1ItnAio7EQvoHA74bI
1HNPF/Yzxfe9y1T3aAYntudHVsqEMhs9UWYAee8AomfklCEFK1heDu4hZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLCh1Fu5GNfv2+uG6x8XYC/oswyuMB8GA1UdIwQY
MBaAFNXmcz+iOcX7DEOMgvfCMPVdR4yxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQt
YTM4YjY3OTVmYjI0LzEvc0tIVVc3a1kxLV9iNjRickh4ZGdMLWl6REs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8yNWM5NWUtN2YyNy00ZDY5LTg1NmQtYTM4YjY3OTVmYjI0
LzEvMWVaelA2STV4ZnNNUTR5Qzk4SXc5VjFIakxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVH8AwQA
LVH+MA0GCSqGSIb3DQEBCwUAA4IBAQBUAVWFX38o7QwHebK0c85/eDJTq4ww0i31
hXHqvCzUfdNEe7kHhMD9dZpUlFJ8WCvp9zIOTt5+FRV9zSjwXcjVcngeycZjcB5d
XDDFEnzqZ85hVVjKUKAXHHDVtuGz2hNs0tPZsDbRgx8i885eMaUqOcxCT44TAf3x
FhHgmIrp/m4vqEdiDwZguyQZNev5hXCvPrur7d7txMN81O/QsLZVNbf4sSVzurT5
VgLSLtpnaG16dJGroGyHnAsO6/Ksnce5+l/TYBlPC1figWn9fHft/5ePW9Ya07oL
kjHqKbByK6Yb9UAWOH0aT6bahgkEP1TfVyRumD9co89Ml2kkV1GY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org