Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/cjE_AbQsJ1jGdzjUwgYKB7Ol_Bk.roa
File: cjE_AbQsJ1jGdzjUwgYKB7Ol_Bk.roa (raw, json)
Hash identifier: 5HxCKLriuMKCy1yVp+4mgrvO6BBdS8jMy9+cYnmtB5E=
Subject key identifier: 72:31:3F:01:B4:2C:27:58:C6:77:38:D4:C2:06:0A:07:B3:A5:FC:19
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018AF031EB2918B08850A21D0C0F9FABF280
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/cjE_AbQsJ1jGdzjUwgYKB7Ol_Bk.roa
Signing time: Mon 02 Oct 2023 11:41:57 +0000
ROA not before: Mon 02 Oct 2023 11:41:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.94.139.0/24 maxlen: 24
45.94.136.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Oct 2023 11:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:31:eb:29:18:b0:88:50:a2:1d:0c:0f:9f:ab:f2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Oct 2 11:41:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72313f01b42c2758c67738d4c2060a07b3a5fc19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7d:45:0c:0e:4e:9a:ea:90:f2:c2:ef:56:e4:
7f:b7:56:7c:d1:39:3f:e3:b9:45:50:ce:e2:6c:5d:
b8:1e:81:df:fe:cc:5b:1d:bc:bb:0f:e1:49:5c:de:
7d:5e:f4:20:ca:a0:8b:e0:6e:e4:2c:18:62:5b:fb:
b4:68:49:41:a3:b5:e3:8d:c6:10:04:b4:fa:64:b3:
7f:82:07:67:5e:d2:19:93:e8:06:eb:b3:5d:92:3f:
51:14:6e:c0:a0:8d:f2:18:f3:05:b5:19:84:1e:a1:
f8:fb:39:95:bc:82:ef:25:49:ec:85:9e:7a:b3:a8:
17:f3:1e:da:ec:9b:05:2b:ca:8a:1d:50:3d:00:46:
c6:a3:c8:5d:3b:79:f8:5a:39:a3:78:4a:e2:eb:99:
f4:38:2e:ee:ba:aa:f9:ce:6f:63:e1:32:95:83:20:
c1:5d:82:7a:8d:78:08:26:a9:b4:7a:72:87:88:8b:
42:55:cf:f9:29:e8:3e:58:d0:d8:56:34:a4:93:88:
da:f2:29:eb:c3:d7:9d:45:8d:25:7e:69:73:9a:9b:
bd:e6:65:03:5e:8d:e0:4d:7f:c2:4a:34:1f:fe:12:
9d:0d:8f:06:67:e3:de:22:23:a4:cd:8c:4a:16:cc:
a7:21:12:4d:83:a3:58:53:0e:a7:50:f6:4e:fb:ec:
7c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:31:3F:01:B4:2C:27:58:C6:77:38:D4:C2:06:0A:07:B3:A5:FC:19
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/cjE_AbQsJ1jGdzjUwgYKB7Ol_Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.136.0/24
45.94.139.0/24
185.219.161.0/24
Signature Algorithm: sha256WithRSAEncryption
56:07:22:53:ac:db:6e:e1:12:0a:8a:69:97:71:16:42:b3:16:
cd:c4:05:7d:8d:30:4d:86:56:b2:69:74:9d:23:d2:9c:a0:24:
38:dd:80:18:ab:5d:a4:18:01:5c:f7:14:34:3c:9f:e5:f4:69:
de:e6:2b:9d:b5:4f:34:67:6c:3f:94:2f:3c:d3:6c:e7:ad:c7:
0b:c4:16:d6:5a:69:31:b8:b4:2c:57:30:ce:04:f3:7e:d7:ad:
f2:aa:11:af:4e:e1:a8:b2:5d:d5:92:3c:c5:c7:df:a5:e5:f4:
c7:a9:a2:4b:60:29:e2:e5:50:2c:dd:2f:f1:7a:17:3d:63:00:
ea:0f:94:2e:4c:23:c5:15:12:1c:ec:5e:35:3b:97:52:5a:08:
56:b8:85:fa:53:48:dc:1c:ac:a1:0d:49:7a:a1:db:4e:5f:52:
e9:5a:f2:a9:6d:7f:97:74:42:03:ed:df:07:13:9e:a5:06:89:
db:38:47:4d:fe:eb:4a:74:6d:d7:f7:e3:c9:66:59:f3:9f:46:
f1:db:b1:5f:ca:68:b6:33:23:25:ae:76:87:9e:5a:24:25:bb:
a4:b6:7a:2f:4a:f4:29:f8:86:f6:0e:d2:f6:b6:3b:21:9f:8b:
b1:76:b6:b1:d0:62:72:b9:ed:c6:a3:fd:6f:24:04:67:2f:e9:
66:cb:1c:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrwMespGLCIUKIdDA+fq/KAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMxMDAyMTE0MTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjMxM2YwMWI0MmMyNzU4YzY3NzM4ZDRjMjA2MGEwN2IzYTVmYzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn1FDA5OmuqQ8sLvVuR/t1Z80Tk/
47lFUM7ibF24HoHf/sxbHby7D+FJXN59XvQgyqCL4G7kLBhiW/u0aElBo7XjjcYQ
BLT6ZLN/ggdnXtIZk+gG67Ndkj9RFG7AoI3yGPMFtRmEHqH4+zmVvILvJUnshZ56
s6gX8x7a7JsFK8qKHVA9AEbGo8hdO3n4WjmjeEri65n0OC7uuqr5zm9j4TKVgyDB
XYJ6jXgIJqm0enKHiItCVc/5Keg+WNDYVjSkk4ja8inrw9edRY0lfmlzmpu95mUD
Xo3gTX/CSjQf/hKdDY8GZ+PeIiOkzYxKFsynIRJNg6NYUw6nUPZO++x83wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIxPwG0LCdYxnc41MIGCgezpfwZMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvY2pFX0FiUXNKMWpHZHpqVXdnWUtCN09sX0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV6IAwQA
LV6LAwQAuduhMA0GCSqGSIb3DQEBCwUAA4IBAQBWByJTrNtu4RIKimmXcRZCsxbN
xAV9jTBNhlayaXSdI9KcoCQ43YAYq12kGAFc9xQ0PJ/l9Gne5iudtU80Z2w/lC88
02znrccLxBbWWmkxuLQsVzDOBPN+163yqhGvTuGosl3VkjzFx9+l5fTHqaJLYCni
5VAs3S/xehc9YwDqD5QuTCPFFRIc7F41O5dSWghWuIX6U0jcHKyhDUl6odtOX1Lp
WvKpbX+XdEID7d8HE56lBonbOEdN/utKdG3X9+PJZlnzn0bx27Ffymi2MyMlrnaH
nlokJbuktnovSvQp+Ib2DtL2tjshn4uxdrax0GJyue3Go/1vJARnL+lmyxx/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org