Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/8o7zkTeeESC3hRY2L0G6qHAsZx0.roa
File: 8o7zkTeeESC3hRY2L0G6qHAsZx0.roa (raw, json)
Hash identifier: aN8zm4dfFSREHOOHv2jQURyLE9vjrWHsznIVsqhc3nA=
Subject key identifier: F2:8E:F3:91:37:9E:11:20:B7:85:16:36:2F:41:BA:A8:70:2C:67:1D
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018CA6E4BFE92509ED4348E2B1E06759BC17
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/8o7zkTeeESC3hRY2L0G6qHAsZx0.roa
Signing time: Tue 26 Dec 2023 16:10:58 +0000
ROA not before: Tue 26 Dec 2023 16:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35478
IP address blocks: 45.142.153.0/24 maxlen: 24
194.126.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a6:e4:bf:e9:25:09:ed:43:48:e2:b1:e0:67:59:bc:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 26 16:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f28ef391379e1120b78516362f41baa8702c671d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:b5:0b:4c:cb:7f:bb:17:f4:db:65:0f:fb:
b2:5c:e7:9a:dc:0c:bd:c0:95:51:4f:a8:04:8a:5c:
a0:c1:ef:cb:24:42:44:59:97:0e:57:0b:e0:e0:d2:
21:ad:1f:15:be:6c:e3:55:04:68:c4:4d:ca:a3:bd:
6a:13:94:d8:3d:64:e1:38:a5:fb:25:ab:15:c7:26:
28:0c:1a:96:51:28:b8:0d:7e:f3:2d:d1:97:c8:2c:
b7:92:af:37:96:a5:be:77:3f:72:da:38:67:a6:bd:
7f:60:5b:a3:d3:d5:7c:c6:83:2c:46:ff:f4:07:d7:
12:27:61:0a:e7:82:a5:19:99:50:db:33:d7:49:1f:
d6:d7:3c:24:27:80:19:60:aa:f2:89:3d:95:22:88:
f7:a0:51:ce:6f:2f:e3:32:0d:4f:79:f6:54:cc:a6:
a2:7a:ee:28:f6:26:a2:14:4f:14:be:2a:73:15:d2:
41:4f:1d:de:a3:bb:6d:37:b6:fb:09:1c:b2:9e:f5:
e7:d8:09:b3:14:e1:a6:cb:15:e7:0c:c6:a8:8e:53:
d0:db:56:27:45:ee:5e:9a:d6:3e:ef:35:b9:21:ac:
49:42:b2:a5:39:01:2a:d0:45:9c:32:c3:62:07:4e:
e9:d9:b0:3a:b8:9f:e5:47:0a:42:1a:3e:ea:3b:ad:
47:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8E:F3:91:37:9E:11:20:B7:85:16:36:2F:41:BA:A8:70:2C:67:1D
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/8o7zkTeeESC3hRY2L0G6qHAsZx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.153.0/24
194.126.219.0/24
Signature Algorithm: sha256WithRSAEncryption
81:96:1c:55:6f:4d:ff:92:b2:ca:6d:68:a1:6c:88:64:e7:39:
26:72:e6:78:37:e6:c0:26:84:4d:53:02:6b:9e:79:be:d3:dd:
15:3c:f0:ec:9d:4b:35:4a:a4:b0:de:c9:f0:51:4e:d5:45:9b:
e1:8a:d7:c5:78:d5:57:c0:8b:53:bf:1b:70:3b:44:b4:ad:cc:
d8:fe:cf:99:ab:bb:a2:f3:b7:59:72:a4:63:a7:7c:be:62:5f:
b6:3d:de:cc:3b:83:90:5d:05:34:13:5d:7c:50:68:a7:0e:90:
a0:75:54:4b:51:ce:bb:f9:bf:ba:6d:20:cd:9f:37:d3:f3:70:
d7:ca:39:5c:fe:5a:2e:b8:56:48:c6:39:93:6a:03:02:e2:65:
ad:f7:05:34:e1:28:6b:39:04:dd:fd:90:c4:5a:10:4e:5c:b4:
a3:65:6f:20:8b:64:b9:41:88:02:47:bd:a6:19:ee:4f:aa:ff:
09:8a:5c:d6:2d:9a:ac:d0:35:c5:23:0f:b0:1b:11:6b:d6:6f:
86:e1:14:40:c9:5d:9c:48:3b:e5:c2:55:77:6e:46:8a:48:82:
70:25:a9:ce:37:28:65:54:86:44:75:af:88:7f:10:9e:c6:94:
26:0f:14:fa:0d:72:8b:d4:8e:78:c9:3d:ab:e1:62:4c:bc:99:
13:0e:0c:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYym5L/pJQntQ0jiseBnWbwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjI2MTYxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjhlZjM5MTM3OWUxMTIwYjc4NTE2MzYyZjQxYmFhODcwMmM2NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcK1C0zLf7sX9NtlD/uyXOea3Ay9
wJVRT6gEilygwe/LJEJEWZcOVwvg4NIhrR8VvmzjVQRoxE3Ko71qE5TYPWThOKX7
JasVxyYoDBqWUSi4DX7zLdGXyCy3kq83lqW+dz9y2jhnpr1/YFuj09V8xoMsRv/0
B9cSJ2EK54KlGZlQ2zPXSR/W1zwkJ4AZYKryiT2VIoj3oFHOby/jMg1PefZUzKai
eu4o9iaiFE8UvipzFdJBTx3eo7ttN7b7CRyynvXn2AmzFOGmyxXnDMaojlPQ21Yn
Re5emtY+7zW5IaxJQrKlOQEq0EWcMsNiB07p2bA6uJ/lRwpCGj7qO61HoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPKO85E3nhEgt4UWNi9BuqhwLGcdMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvOG83emtUZWVFU0MzaFJZMkwwRzZxSEFzWngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY6ZAwQA
wn7bMA0GCSqGSIb3DQEBCwUAA4IBAQCBlhxVb03/krLKbWihbIhk5zkmcuZ4N+bA
JoRNUwJrnnm+090VPPDsnUs1SqSw3snwUU7VRZvhitfFeNVXwItTvxtwO0S0rczY
/s+Zq7ui87dZcqRjp3y+Yl+2Pd7MO4OQXQU0E118UGinDpCgdVRLUc67+b+6bSDN
nzfT83DXyjlc/louuFZIxjmTagMC4mWt9wU04ShrOQTd/ZDEWhBOXLSjZW8gi2S5
QYgCR72mGe5Pqv8JilzWLZqs0DXFIw+wGxFr1m+G4RRAyV2cSDvlwlV3bkaKSIJw
JanONyhlVIZEda+IfxCexpQmDxT6DXKL1I54yT2r4WJMvJkTDgyT
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org