Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/dosWJ2UNRv6JvVy-TdoQYPyAYb0.roa
File: dosWJ2UNRv6JvVy-TdoQYPyAYb0.roa (raw, json)
Hash identifier: wgiGy9C+cn4P+7ORf3xx4n9y7HS7MtLA82zdpjLIND4=
Subject key identifier: 76:8B:16:27:65:0D:46:FE:89:BD:5C:BE:4D:DA:10:60:FC:80:61:BD
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 018E64E88A2FE6A8B0E246181970995686FF
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/dosWJ2UNRv6JvVy-TdoQYPyAYb0.roa
Signing time: Fri 22 Mar 2024 06:45:45 +0000
ROA not before: Fri 22 Mar 2024 06:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
84.252.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 09 Aug 2024 07:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:e8:8a:2f:e6:a8:b0:e2:46:18:19:70:99:56:86:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Mar 22 06:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768b1627650d46fe89bd5cbe4dda1060fc8061bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f2:ff:68:80:7e:fc:a0:e8:05:26:9c:4f:61:
50:01:20:cf:56:46:50:d9:06:9b:19:84:c1:b0:70:
86:18:0c:56:83:e1:4b:f1:b4:ab:d5:ad:b3:1f:07:
ad:49:a9:d3:3e:93:9e:14:db:a0:dc:87:76:af:f6:
94:28:1b:d8:ab:bd:6b:5f:27:b6:70:a3:36:cf:70:
dd:5d:ea:7b:46:ff:b1:2a:17:8f:0f:c7:1d:5b:31:
3b:49:61:92:d6:87:26:c8:b7:a7:d2:57:59:1b:8c:
fd:3d:06:c4:a7:9d:72:25:08:cc:a8:a2:67:b6:07:
f8:5e:6c:21:11:0e:b1:12:d1:2e:52:43:77:7e:27:
e7:83:16:59:48:74:89:13:80:f0:2e:27:71:73:78:
e6:05:01:e6:93:22:e7:94:59:8a:62:bd:09:f2:f5:
c3:8f:0b:47:ff:43:e5:25:05:ca:bf:67:5e:f1:de:
64:f5:48:49:26:c2:1c:3f:5b:31:7b:32:87:6c:af:
fd:d3:5f:e8:f6:5d:5a:08:6e:2e:69:eb:bb:14:c4:
15:38:30:9a:c1:bb:fc:c2:4a:a3:ce:39:e9:89:ef:
72:96:a6:01:3b:bb:dc:72:ba:d3:4e:3e:06:63:1d:
87:70:4e:e4:08:90:ec:29:1f:5d:32:fa:26:85:70:
22:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:16:27:65:0D:46:FE:89:BD:5C:BE:4D:DA:10:60:FC:80:61:BD
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/dosWJ2UNRv6JvVy-TdoQYPyAYb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
Signature Algorithm: sha256WithRSAEncryption
22:8b:f5:5d:2a:9e:dc:33:21:40:1f:4a:c5:a7:26:43:2d:b0:
dd:6c:59:d8:28:2a:ca:43:73:24:f7:31:c2:73:19:13:08:94:
be:86:75:82:7e:51:1d:ad:34:e0:74:3a:98:f1:e5:aa:37:93:
8b:6f:c2:dd:c2:17:09:29:56:73:90:01:88:62:b7:4c:67:e3:
25:f9:29:fd:78:c2:84:94:dc:c7:b3:99:df:2d:4c:a4:db:16:
5b:31:f3:2e:bb:41:99:91:f8:c5:be:45:09:4d:07:be:4d:c6:
26:cb:5d:60:05:98:fc:64:8a:a9:3b:61:6c:37:5e:53:f3:77:
15:31:84:13:9f:f9:da:8a:92:2b:7b:53:f2:7b:71:95:76:65:
a8:27:eb:79:a8:23:24:d2:ee:38:7e:18:12:1d:7e:94:93:76:
42:f1:01:70:fe:49:1f:2a:7f:e0:6e:07:50:97:1b:e6:eb:c9:
1a:61:d7:27:11:d3:db:37:e0:c7:24:dc:3e:fc:1b:f3:e7:0e:
c7:48:68:13:74:9c:a1:f0:df:08:d4:67:13:6a:70:b2:e3:29:
e7:2f:c9:c8:9a:30:fe:3f:4c:2d:47:80:16:92:b4:a5:ad:9d:
e4:76:d1:e9:f8:ac:b3:28:b8:4c:d0:ce:25:9e:20:fe:fb:d8:
c2:ce:82:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5k6Iov5qiw4kYYGXCZVob/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwMzIyMDY0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhiMTYyNzY1MGQ0NmZlODliZDVjYmU0ZGRhMTA2MGZjODA2MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPL/aIB+/KDoBSacT2FQASDPVkZQ
2QabGYTBsHCGGAxWg+FL8bSr1a2zHwetSanTPpOeFNug3Id2r/aUKBvYq71rXye2
cKM2z3DdXep7Rv+xKhePD8cdWzE7SWGS1ocmyLen0ldZG4z9PQbEp51yJQjMqKJn
tgf4XmwhEQ6xEtEuUkN3fifngxZZSHSJE4DwLidxc3jmBQHmkyLnlFmKYr0J8vXD
jwtH/0PlJQXKv2de8d5k9UhJJsIcP1sxezKHbK/901/o9l1aCG4uaeu7FMQVODCa
wbv8wkqjzjnpie9ylqYBO7vccrrTTj4GYx2HcE7kCJDsKR9dMvomhXAiLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaLFidlDUb+ib1cvk3aEGD8gGG9MB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvZG9zV0oyVU5SdjZKdlZ5LVRkb1FZUHlBWWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQqsAwQB
VPxmMA0GCSqGSIb3DQEBCwUAA4IBAQAii/VdKp7cMyFAH0rFpyZDLbDdbFnYKCrK
Q3Mk9zHCcxkTCJS+hnWCflEdrTTgdDqY8eWqN5OLb8LdwhcJKVZzkAGIYrdMZ+Ml
+Sn9eMKElNzHs5nfLUyk2xZbMfMuu0GZkfjFvkUJTQe+TcYmy11gBZj8ZIqpO2Fs
N15T83cVMYQTn/naipIre1Pye3GVdmWoJ+t5qCMk0u44fhgSHX6Uk3ZC8QFw/kkf
Kn/gbgdQlxvm68kaYdcnEdPbN+DHJNw+/Bvz5w7HSGgTdJyh8N8I1GcTanCy4ynn
L8nImjD+P0wtR4AWkrSlrZ3kdtHp+KyzKLhM0M4lniD++9jCzoJZ
-----END CERTIFICATE-----
Generated at Fri Aug 9 10:08:30 2024 by rpki-client on console-fra.rpki-client.org