Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/CGJLBtlE1ksLiYzwyWgumyRyANA.roa
File: CGJLBtlE1ksLiYzwyWgumyRyANA.roa (raw, json)
Hash identifier: k4N0tFIdSAWFQl2PVIoeiNPMkJarQpkYPc2AmRg9nT8=
Subject key identifier: 08:62:4B:06:D9:44:D6:4B:0B:89:8C:F0:C9:68:2E:9B:24:72:00:D0
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018D8AC3AAE8F1D75BE717A9BB4772A9D3E4
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/CGJLBtlE1ksLiYzwyWgumyRyANA.roa
Signing time: Thu 08 Feb 2024 22:08:15 +0000
ROA not before: Thu 08 Feb 2024 22:08:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 2.56.32.0/22 maxlen: 22
45.81.160.0/24 maxlen: 24
45.94.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:43:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:c3:aa:e8:f1:d7:5b:e7:17:a9:bb:47:72:a9:d3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Feb 8 22:08:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08624b06d944d64b0b898cf0c9682e9b247200d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0f:ab:0e:ca:6d:ee:cd:ff:05:48:ab:78:e8:
8d:e3:ad:ae:86:e5:5d:f4:e9:0a:5a:35:60:2c:ba:
c3:c6:dd:72:1f:0a:eb:e1:ea:ae:05:d1:a5:b1:72:
6a:c1:eb:6c:0b:3d:2a:97:6d:6e:8f:de:f8:f2:ff:
12:a9:5f:be:b0:95:2b:d4:5a:55:c9:37:67:40:17:
dc:9e:3b:46:c9:13:89:38:bb:22:18:6c:52:d7:bb:
7a:fc:6a:05:a8:e7:c5:6a:01:cc:da:df:e6:97:b6:
9b:7d:40:14:83:f2:7a:d6:63:e5:f3:af:1b:e0:88:
f5:f4:ca:c0:bd:4a:2e:74:2e:52:93:ac:df:73:47:
45:f1:a1:03:4f:4d:ed:10:39:bd:f7:18:31:fd:e8:
68:fa:2f:5f:34:9f:8c:d2:06:00:01:71:0c:ef:5f:
8d:ed:61:c6:6a:50:c9:46:15:99:67:ac:6d:da:03:
4c:a7:e0:05:b4:5c:9e:a6:03:d4:27:59:7d:bd:8c:
45:76:43:00:75:e3:e2:d5:27:d3:aa:c3:ec:da:cc:
77:2d:07:44:36:97:ac:b3:be:8e:1b:66:34:45:d2:
47:ad:04:8b:78:45:89:61:64:13:8b:28:63:d9:1f:
f3:15:a2:11:94:6e:49:e3:cc:1b:66:21:21:6a:dc:
ed:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:62:4B:06:D9:44:D6:4B:0B:89:8C:F0:C9:68:2E:9B:24:72:00:D0
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/CGJLBtlE1ksLiYzwyWgumyRyANA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
45.81.160.0/24
45.94.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:7b:5f:83:16:f5:ed:a3:92:44:1e:55:55:73:d7:19:c7:dc:
b4:91:13:20:01:96:98:1f:40:81:ee:3c:b8:14:af:fc:54:b1:
20:6f:48:17:f7:04:05:22:5e:b8:7a:d3:6b:ae:43:fd:10:6b:
a9:b1:0d:57:e5:ac:25:b7:7a:93:8a:44:5a:50:86:09:91:b4:
9a:b7:57:42:2a:67:c2:09:75:aa:3f:72:0a:e9:a7:b0:3b:a1:
6d:83:2a:24:9a:a6:7a:35:06:88:0e:de:d2:97:ab:81:f5:cd:
76:df:cf:08:95:29:12:3f:93:4c:f2:c8:4b:76:ac:b2:76:de:
ff:d2:cd:7a:04:81:8e:00:d5:74:78:c0:29:22:6f:e5:17:6e:
28:dd:d1:e3:13:51:df:e7:7d:ed:6a:7e:23:0c:72:a0:1c:d8:
4e:9b:c0:46:26:1d:de:ec:7d:62:8f:e3:b6:55:9d:2a:b7:09:
44:f4:02:3b:19:c9:85:2d:df:82:03:78:25:cd:a5:52:22:3e:
c5:be:1c:44:d9:26:1b:93:06:ac:b4:25:4c:96:76:51:1b:6f:
fb:ee:8d:12:41:65:54:0d:40:99:1f:d3:4a:d3:7a:fd:2b:e5:
88:a4:fd:66:1d:2e:93:7d:3f:45:24:5d:e7:50:4d:57:17:44:
15:cc:0a:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2Kw6ro8ddb5xepu0dyqdPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjQwMjA4MjIwODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYyNGIwNmQ5NDRkNjRiMGI4OThjZjBjOTY4MmU5YjI0NzIwMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A+rDspt7s3/BUireOiN462uhuVd
9OkKWjVgLLrDxt1yHwrr4equBdGlsXJqwetsCz0ql21uj9748v8SqV++sJUr1FpV
yTdnQBfcnjtGyROJOLsiGGxS17t6/GoFqOfFagHM2t/ml7abfUAUg/J61mPl868b
4Ij19MrAvUoudC5Sk6zfc0dF8aEDT03tEDm99xgx/eho+i9fNJ+M0gYAAXEM71+N
7WHGalDJRhWZZ6xt2gNMp+AFtFyepgPUJ1l9vYxFdkMAdePi1SfTqsPs2sx3LQdE
Npess76OG2Y0RdJHrQSLeEWJYWQTiyhj2R/zFaIRlG5J48wbZiEhatztaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAhiSwbZRNZLC4mM8MloLpskcgDQMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvQ0dKTEJ0bEUxa3NMaVl6d3lXZ3VteVJ5QU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjggAwQA
LVGgAwQALV6LMA0GCSqGSIb3DQEBCwUAA4IBAQCge1+DFvXto5JEHlVVc9cZx9y0
kRMgAZaYH0CB7jy4FK/8VLEgb0gX9wQFIl64etNrrkP9EGupsQ1X5awlt3qTikRa
UIYJkbSat1dCKmfCCXWqP3IK6aewO6FtgyokmqZ6NQaIDt7Sl6uB9c12388IlSkS
P5NM8shLdqyydt7/0s16BIGOANV0eMApIm/lF24o3dHjE1Hf533tan4jDHKgHNhO
m8BGJh3e7H1ij+O2VZ0qtwlE9AI7GcmFLd+CA3glzaVSIj7FvhxE2SYbkwastCVM
lnZRG2/77o0SQWVUDUCZH9NK03r9K+WIpP1mHS6TfT9FJF3nUE1XF0QVzAq8
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:44 2024 by rpki-client on console-ams.rpki-client.org