Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/cZBmjV6WzhOxLY3H5QyPrEaIDF8.roa
File: cZBmjV6WzhOxLY3H5QyPrEaIDF8.roa (raw, json)
Hash identifier: QAgx5jz1U1VR/WbabYCvxxF/+xwBVRASijFFLzwQd/0=
Subject key identifier: 71:90:66:8D:5E:96:CE:13:B1:2D:8D:C7:E5:0C:8F:AC:46:88:0C:5F
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 0188537C71F23AAE3237605941A7B711D4A3
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/cZBmjV6WzhOxLY3H5QyPrEaIDF8.roa
Signing time: Thu 25 May 2023 15:17:24 +0000
ROA not before: Thu 25 May 2023 15:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.153.124.0/24 maxlen: 24
91.217.162.0/24 maxlen: 24
91.217.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 May 2023 16:09:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:7c:71:f2:3a:ae:32:37:60:59:41:a7:b7:11:d4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: May 25 15:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7190668d5e96ce13b12d8dc7e50c8fac46880c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:55:3c:85:4e:b3:91:20:28:8b:25:0c:24:bd:
0d:df:c7:73:02:66:b9:ff:ff:c3:27:e1:78:6e:6d:
a5:c1:25:df:ce:89:52:78:82:d9:32:88:8d:15:6f:
41:6d:db:e8:d8:30:2c:23:0a:a7:65:2d:b0:bf:c0:
8e:07:e6:76:ab:1a:e2:6a:d7:a9:25:da:32:6d:c1:
9d:fa:30:3f:73:bb:48:32:43:5d:26:cc:90:4f:01:
52:11:d8:ac:9a:1e:84:20:b2:ae:31:39:cb:17:61:
66:5b:f8:6f:ae:d5:59:44:17:16:c7:43:c9:aa:f6:
59:29:61:66:5c:3b:d5:5d:86:d7:36:15:04:d2:36:
52:98:ff:55:a7:4d:58:30:fe:34:3d:b5:fe:f7:0d:
3d:3a:16:27:50:eb:fe:55:e3:6f:83:24:10:67:74:
0e:2f:5b:f2:62:93:65:83:69:82:94:07:98:15:43:
7d:b9:8b:92:4b:d4:6c:1c:35:da:89:7d:3d:30:3d:
d7:ea:49:6a:2d:ed:6c:eb:22:2d:79:8b:d1:a5:96:
26:67:7e:74:1f:91:14:a4:c9:60:54:e9:75:71:53:
45:a5:80:20:5b:7e:b2:64:55:e2:f7:aa:a9:b4:72:
d2:f6:b3:96:24:27:1f:93:f9:30:84:8a:d1:a7:2a:
4c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:90:66:8D:5E:96:CE:13:B1:2D:8D:C7:E5:0C:8F:AC:46:88:0C:5F
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/cZBmjV6WzhOxLY3H5QyPrEaIDF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.124.0/24
91.217.162.0/24
91.217.167.0/24
Signature Algorithm: sha256WithRSAEncryption
32:aa:b1:35:e5:91:44:1a:69:a9:a1:b0:73:d7:f0:e7:02:c4:
24:42:b4:c0:ac:cd:a3:f9:52:59:99:8f:2d:dd:0d:52:b4:85:
6f:6f:b9:e3:44:d6:fa:a3:3f:95:d3:d3:f5:9b:22:fc:5f:11:
26:30:bc:5e:a1:cc:4b:32:27:e6:aa:02:8b:31:d0:40:80:21:
72:1c:02:db:5e:02:91:2c:aa:9b:5f:1c:df:94:c4:6f:cf:53:
7c:c4:f6:81:fb:bb:2f:73:0b:17:e3:dc:bb:eb:aa:84:c9:3c:
3b:47:3c:2c:b5:a0:ca:af:28:45:9f:f6:89:b0:03:c7:1d:79:
ed:8e:ca:53:49:da:35:c9:95:47:e4:ca:42:1f:94:be:7b:62:
47:32:b2:8c:4c:9c:14:8d:e3:cc:29:a2:c0:5f:1c:02:58:9b:
ff:5e:25:b6:87:74:c7:d4:fc:fe:0b:f8:3e:57:5a:44:b7:07:
66:f7:c7:b3:fe:71:9c:80:84:dd:64:0d:9e:0c:2f:84:0a:1f:
a3:70:fa:31:c6:d5:33:bb:56:1f:d9:67:22:c3:ec:33:74:0a:
45:26:54:70:b6:04:f3:13:01:b0:f0:3b:90:71:c6:60:d1:74:
46:c8:95:09:b4:53:e7:37:2b:4b:7d:95:0d:1e:13:9e:7f:72:
b5:6d:ba:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhTfHHyOq4yN2BZQae3EdSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwNTI1MTUxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTkwNjY4ZDVlOTZjZTEzYjEyZDhkYzdlNTBjOGZhYzQ2ODgwYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFU8hU6zkSAoiyUMJL0N38dzAma5
///DJ+F4bm2lwSXfzolSeILZMoiNFW9Bbdvo2DAsIwqnZS2wv8COB+Z2qxriatep
JdoybcGd+jA/c7tIMkNdJsyQTwFSEdismh6EILKuMTnLF2FmW/hvrtVZRBcWx0PJ
qvZZKWFmXDvVXYbXNhUE0jZSmP9Vp01YMP40PbX+9w09OhYnUOv+VeNvgyQQZ3QO
L1vyYpNlg2mClAeYFUN9uYuSS9RsHDXaiX09MD3X6klqLe1s6yIteYvRpZYmZ350
H5EUpMlgVOl1cVNFpYAgW36yZFXi96qptHLS9rOWJCcfk/kwhIrRpypMxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHGQZo1els4TsS2Nx+UMj6xGiAxfMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvY1pCbWpWNld6aE94TFkzSDVReVByRWFJREY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZl8AwQA
W9miAwQAW9mnMA0GCSqGSIb3DQEBCwUAA4IBAQAyqrE15ZFEGmmpobBz1/DnAsQk
QrTArM2j+VJZmY8t3Q1StIVvb7njRNb6oz+V09P1myL8XxEmMLxeocxLMifmqgKL
MdBAgCFyHALbXgKRLKqbXxzflMRvz1N8xPaB+7svcwsX49y766qEyTw7RzwstaDK
ryhFn/aJsAPHHXntjspTSdo1yZVH5MpCH5S+e2JHMrKMTJwUjePMKaLAXxwCWJv/
XiW2h3TH1Pz+C/g+V1pEtwdm98ez/nGcgITdZA2eDC+ECh+jcPoxxtUzu1Yf2Wci
w+wzdApFJlRwtgTzEwGw8DuQccZg0XRGyJUJtFPnNytLfZUNHhOef3K1bboE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org