Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/5yNLATWaI5KZ4xl44yIgCqL0KLE.roa
File: 5yNLATWaI5KZ4xl44yIgCqL0KLE.roa (raw, json)
Hash identifier: +SyHtYA8XwLTG+McKE+DJzMfy6CxUep8at3AYxEIUrI=
Subject key identifier: E7:23:4B:01:35:9A:23:92:99:E3:19:78:E3:22:20:0A:A2:F4:28:B1
Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial: 018CC26CF13CC7DF132460DF613B6F193D71
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/5yNLATWaI5KZ4xl44yIgCqL0KLE.roa
Signing time: Mon 01 Jan 2024 00:29:28 +0000
ROA not before: Mon 01 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207054
IP address blocks: 45.15.92.0/22 maxlen: 22
185.167.112.0/22 maxlen: 22
185.231.192.0/22 maxlen: 22
2a0b:1a07::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 00:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f1:3c:c7:df:13:24:60:df:61:3b:6f:19:3d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Validity
Not Before: Jan 1 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7234b01359a239299e31978e322200aa2f428b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9d:cb:c4:74:30:b4:d5:92:29:eb:68:fd:29:
e2:95:2f:8b:a1:47:13:6f:f0:fa:05:09:81:87:54:
0f:15:b7:5b:d8:2a:4a:c4:e7:45:1c:42:1f:95:de:
61:a1:b1:db:46:07:99:e6:02:f1:06:6d:f0:2f:be:
d7:88:f5:1e:dd:8c:60:22:61:22:34:e7:56:f5:66:
6f:83:27:62:ac:47:a5:86:eb:42:b5:d6:53:bc:2a:
c7:db:7f:34:4f:8c:e6:39:37:74:b8:c5:54:80:17:
4f:5c:13:a5:bf:e6:01:08:e4:53:ce:90:49:d0:0f:
83:ac:01:56:ef:10:28:ec:37:ab:bf:7e:f5:07:d6:
ba:46:6a:d6:7f:a7:b0:51:66:40:0b:a1:fa:8a:df:
84:07:b0:04:4b:63:ae:10:d4:e1:d6:ff:37:06:10:
f3:66:43:b1:24:e5:8a:d0:db:72:00:7f:3b:1f:6d:
e1:65:c7:fa:e0:fb:ca:f2:83:39:c8:44:fd:5f:f3:
54:2b:c3:e3:08:0d:06:0e:92:24:2c:2d:e4:bc:29:
d3:15:1b:71:1b:86:47:dc:b3:e4:47:7a:2e:cd:59:
ac:29:fb:13:13:84:3e:cc:f0:bb:0a:86:de:78:ef:
17:4d:56:2a:2f:7c:03:de:8d:8f:c0:53:6e:44:b9:
ec:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:23:4B:01:35:9A:23:92:99:E3:19:78:E3:22:20:0A:A2:F4:28:B1
X509v3 Authority Key Identifier:
keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/5yNLATWaI5KZ4xl44yIgCqL0KLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.92.0/22
185.167.112.0/22
185.231.192.0/22
IPv6:
2a0b:1a07::/32
Signature Algorithm: sha256WithRSAEncryption
60:a3:d9:43:66:aa:54:28:a1:c0:4a:00:c5:a2:c3:a4:f3:c8:
5b:c4:84:2a:88:74:22:0a:db:67:a3:a8:d2:02:59:84:95:3b:
35:58:e3:26:c2:5a:16:9c:c9:90:55:d3:4b:c2:5b:63:97:0b:
b0:3a:87:a1:43:dc:7c:06:17:3e:af:b0:27:af:59:1d:fe:bf:
76:dd:8b:fb:c5:bc:8f:7c:cb:cf:8a:51:5a:50:4b:63:5c:d8:
de:fd:a1:2e:52:67:23:a1:f9:81:a0:cb:b2:1b:dc:48:a9:97:
c1:95:12:a7:0c:64:21:99:e5:fc:68:40:1a:19:b0:93:6d:43:
21:8a:28:a5:3f:36:2d:b3:fe:35:68:55:43:9c:9d:ec:44:58:
8c:0b:a6:c8:5c:5c:ae:5a:d0:66:12:a3:68:5b:ae:59:b6:6e:
e8:65:ed:57:e6:2e:86:8b:80:ce:1c:6f:8d:25:21:35:29:fb:
5a:48:89:4d:63:f2:f8:66:48:c3:41:6a:0e:35:54:48:96:07:
98:25:cb:d4:84:81:37:74:b7:af:e7:72:5c:e8:07:8a:0a:25:
2a:44:85:70:a5:1b:8d:b0:84:1a:17:fb:21:12:e5:d2:bb:aa:
09:96:1e:67:a2:59:cb:ec:f2:00:6d:ec:46:9b:b0:01:c3:96:
37:38:e8:11
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbPE8x98TJGDfYTtvGT1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjQwMTAxMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzIzNGIwMTM1OWEyMzkyOTllMzE5NzhlMzIyMjAwYWEyZjQyOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr53LxHQwtNWSKeto/SnilS+LoUcT
b/D6BQmBh1QPFbdb2CpKxOdFHEIfld5hobHbRgeZ5gLxBm3wL77XiPUe3YxgImEi
NOdW9WZvgydirEelhutCtdZTvCrH2380T4zmOTd0uMVUgBdPXBOlv+YBCORTzpBJ
0A+DrAFW7xAo7Derv371B9a6RmrWf6ewUWZAC6H6it+EB7AES2OuENTh1v83BhDz
ZkOxJOWK0NtyAH87H23hZcf64PvK8oM5yET9X/NUK8PjCA0GDpIkLC3kvCnTFRtx
G4ZH3LPkR3ouzVmsKfsTE4Q+zPC7CobeeO8XTVYqL3wD3o2PwFNuRLnsLwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOcjSwE1miOSmeMZeOMiIAqi9CixMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvNXlOTEFUV2FJNUtaNHhsNDR5SWdDcUwwS0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ9cAwQC
uadwAwQCuefAMA0EAgACMAcDBQAqCxoHMA0GCSqGSIb3DQEBCwUAA4IBAQBgo9lD
ZqpUKKHASgDFosOk88hbxIQqiHQiCttno6jSAlmElTs1WOMmwloWnMmQVdNLwltj
lwuwOoehQ9x8Bhc+r7Anr1kd/r923Yv7xbyPfMvPilFaUEtjXNje/aEuUmcjofmB
oMuyG9xIqZfBlRKnDGQhmeX8aEAaGbCTbUMhiiilPzYts/41aFVDnJ3sRFiMC6bI
XFyuWtBmEqNoW65Ztm7oZe1X5i6Gi4DOHG+NJSE1KftaSIlNY/L4ZkjDQWoONVRI
lgeYJcvUhIE3dLev53Jc6AeKCiUqRIVwpRuNsIQaF/shEuXSu6oJlh5nolnL7PIA
bexGm7ABw5Y3OOgR
-----END CERTIFICATE-----
Generated at Thu Feb 15 04:19:10 2024 by rpki-client on console-ams.rpki-client.org