Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/54s7hU-sfQblJIMMHSKYTXf-KNo.roa
File: 54s7hU-sfQblJIMMHSKYTXf-KNo.roa (raw, json)
Hash identifier: Y/Z/gcJkS27JmeDcel1WY7OewEAh542bcxJMk1DgZ/g=
Subject key identifier: E7:8B:3B:85:4F:AC:7D:06:E5:24:83:0C:1D:22:98:4D:77:FE:28:DA
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 01889ACBDDAE7DD2B023F6DA99165D5A01F7
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/54s7hU-sfQblJIMMHSKYTXf-KNo.roa
Signing time: Thu 08 Jun 2023 11:37:11 +0000
ROA not before: Thu 08 Jun 2023 11:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 45.153.29.0/24 maxlen: 24
45.153.28.0/24 maxlen: 24
45.153.28.0/23 maxlen: 24
45.153.28.0/22 maxlen: 24
45.153.31.0/24 maxlen: 24
45.153.30.0/24 maxlen: 24
45.153.30.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 10:37:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:cb:dd:ae:7d:d2:b0:23:f6:da:99:16:5d:5a:01:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: Jun 8 11:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e78b3b854fac7d06e524830c1d22984d77fe28da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:36:68:d1:63:97:4f:ca:2e:00:8c:1d:f8:
2b:b8:f6:47:ec:07:19:c6:d4:33:42:c6:ec:6c:00:
c6:9f:0d:7f:99:f7:33:2a:55:27:1f:fa:e7:b5:77:
8d:d8:76:ac:70:36:5d:b1:14:29:57:5d:b8:4d:4c:
07:b8:15:65:0b:42:cd:3a:fb:18:3b:16:6f:c5:5e:
8a:64:56:3d:1f:93:a8:6f:a3:f4:75:9c:d7:82:e6:
f4:96:b2:8e:93:ba:c4:9f:e2:82:4a:b8:c6:ae:db:
8c:eb:dd:d4:e7:61:21:9f:85:78:c7:78:0a:e5:74:
19:e2:04:e8:ac:60:b5:61:77:f4:ee:7e:e0:05:45:
28:c0:a0:15:e7:39:85:47:d8:1b:80:15:80:84:87:
29:1c:b3:78:12:8a:b5:47:48:32:6c:99:b7:80:35:
a6:c5:46:04:a9:6a:e6:ff:07:a1:49:a5:a7:36:77:
55:5a:8c:34:0b:7e:a3:67:78:cf:9c:03:ab:ef:ce:
a6:69:b5:4d:d1:86:cd:51:7f:74:83:ec:c7:be:1c:
12:eb:da:a9:88:16:35:93:be:7c:d8:44:10:42:26:
66:8d:f9:31:88:0a:bb:82:a4:e0:1e:8c:6b:8a:bc:
5c:da:29:fc:cc:85:bb:1f:b0:97:44:17:30:45:3e:
42:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:8B:3B:85:4F:AC:7D:06:E5:24:83:0C:1D:22:98:4D:77:FE:28:DA
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/54s7hU-sfQblJIMMHSKYTXf-KNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.28.0/22
Signature Algorithm: sha256WithRSAEncryption
11:0d:c6:91:e8:12:a0:4a:5d:51:6f:65:53:a5:5c:58:64:73:
e0:6b:fc:d4:b8:86:7e:ce:3d:85:2d:fe:4e:47:95:44:53:18:
78:93:b7:3d:92:9c:0e:36:ff:f2:15:e2:95:67:96:fb:9a:aa:
16:76:9b:fd:8b:76:af:94:94:d0:05:8b:7a:e1:ef:34:c0:61:
95:c2:0f:e2:eb:78:96:24:b4:3e:7e:fc:0a:76:bb:e1:b9:b7:
6c:2f:76:09:7c:a5:46:41:9b:48:cb:d0:17:8f:54:d1:dc:5c:
e0:74:10:ea:6b:df:5d:ba:7b:6d:c8:c6:31:db:bb:d6:08:0b:
53:53:a2:21:74:1a:86:7d:00:a2:b0:01:70:fb:5c:79:1b:22:
f9:0f:70:b1:1e:ed:a6:4c:5d:c3:8c:76:89:83:e3:59:98:74:
f8:ec:a0:c4:ce:4f:32:c7:ad:bc:8e:a4:d5:ea:9d:e9:5e:ca:
c2:c8:aa:90:18:a8:ba:7e:38:8f:d7:e0:5d:ff:7f:20:d1:cd:
7e:be:b5:8b:24:e1:f0:ed:a2:6e:26:df:cb:7f:94:8f:4f:f1:
7f:29:f6:65:1f:6b:77:7d:71:ff:10:8a:e1:98:e1:b7:b5:4d:
2b:27:23:04:77:ff:8a:1f:7e:c2:21:96:da:eb:ba:59:71:b2:
2c:99:a4:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiay92ufdKwI/bamRZdWgH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjMwNjA4MTEzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzhiM2I4NTRmYWM3ZDA2ZTUyNDgzMGMxZDIyOTg0ZDc3ZmUyOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uY2aNFjl0/KLgCMHfgruPZH7AcZ
xtQzQsbsbADGnw1/mfczKlUnH/rntXeN2HascDZdsRQpV124TUwHuBVlC0LNOvsY
OxZvxV6KZFY9H5Oob6P0dZzXgub0lrKOk7rEn+KCSrjGrtuM693U52Ehn4V4x3gK
5XQZ4gTorGC1YXf07n7gBUUowKAV5zmFR9gbgBWAhIcpHLN4Eoq1R0gybJm3gDWm
xUYEqWrm/wehSaWnNndVWow0C36jZ3jPnAOr786mabVN0YbNUX90g+zHvhwS69qp
iBY1k7582EQQQiZmjfkxiAq7gqTgHoxrirxc2in8zIW7H7CXRBcwRT5CKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOeLO4VPrH0G5SSDDB0imE13/ijaMB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEvNTRzN2hVLXNmUWJsSklNTUhTS1lUWGYtS05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZkcMA0G
CSqGSIb3DQEBCwUAA4IBAQARDcaR6BKgSl1Rb2VTpVxYZHPga/zUuIZ+zj2FLf5O
R5VEUxh4k7c9kpwONv/yFeKVZ5b7mqoWdpv9i3avlJTQBYt64e80wGGVwg/i63iW
JLQ+fvwKdrvhubdsL3YJfKVGQZtIy9AXj1TR3FzgdBDqa99dunttyMYx27vWCAtT
U6IhdBqGfQCisAFw+1x5GyL5D3CxHu2mTF3DjHaJg+NZmHT47KDEzk8yx628jqTV
6p3pXsrCyKqQGKi6fjiP1+Bd/38g0c1+vrWLJOHw7aJuJt/Lf5SPT/F/KfZlH2t3
fXH/EIrhmOG3tU0rJyMEd/+KH37CIZba67pZcbIsmaRh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:05 2024 by rpki-client on console-fra.rpki-client.org