Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa
File: 1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa (raw, json)
Hash identifier: P+HEic7hXw1of8pP0mSB3KuzyUp/FUomZy9l3HHN0X8=
Subject key identifier: F9:D4:31:F8:AE:E3:D8:B4:8E:18:A0:54:94:AA:F9:27:C8:C0:3E:AA
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0188D477C2CEB5339D42B23E855C8B12C32A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa
Signing time: Mon 19 Jun 2023 16:23:18 +0000
ROA not before: Mon 19 Jun 2023 16:23:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.209.140.0/22 maxlen: 24
45.65.114.0/24 maxlen: 24
45.65.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 07:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:77:c2:ce:b5:33:9d:42:b2:3e:85:5c:8b:12:c3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jun 19 16:23:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9d431f8aee3d8b48e18a05494aaf927c8c03eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bb:32:87:98:ab:de:ed:1f:d4:da:0c:2e:ec:
46:f4:11:02:b8:ce:4d:48:c3:aa:dc:be:0b:19:a9:
18:d8:58:f7:ca:1d:91:3a:13:9e:39:31:70:78:5c:
7a:3d:3a:f5:e4:d1:57:0e:d5:a5:f5:52:c2:fd:b7:
65:6c:cf:27:dd:fe:7a:ee:d7:b7:60:66:e6:8c:f7:
47:e3:47:ad:82:53:ff:00:7d:ec:d9:60:24:97:4d:
b4:6e:0b:54:a3:8a:1e:0b:ee:4f:47:c1:bf:8b:98:
15:de:22:9a:e3:12:1b:bd:59:01:7a:ad:18:16:52:
77:ac:bd:50:19:fd:6d:56:d8:d5:24:95:b3:a6:f7:
21:64:09:2f:7e:64:43:43:1d:ca:c4:d7:9e:63:97:
97:79:e3:dd:d2:74:25:05:a4:19:13:dd:7c:e1:4b:
39:31:13:6f:e6:71:f1:0e:e9:a7:3e:94:5a:d6:76:
2c:9e:60:42:86:27:58:1f:59:82:78:ba:41:b7:43:
c2:39:54:bc:5e:b2:1f:dd:ae:95:38:5a:9b:de:09:
f1:5b:71:7f:2e:85:83:4a:b4:de:a8:ea:aa:1f:66:
57:f2:e6:8d:8b:a4:54:87:ef:03:4e:d6:11:f9:da:
17:7d:98:53:b3:4e:c2:0f:5d:8b:03:a8:6e:7e:75:
75:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D4:31:F8:AE:E3:D8:B4:8E:18:A0:54:94:AA:F9:27:C8:C0:3E:AA
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/1-dQx-K7j2LSOGKBUlKr5J8jAPqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
188.209.140.0/22
Signature Algorithm: sha256WithRSAEncryption
54:bd:b6:ef:76:cc:8a:87:e0:71:fe:b4:1d:92:8c:cc:c8:8c:
4b:64:d9:9c:2a:76:69:ab:b3:c7:81:96:df:75:16:87:05:c8:
0f:f3:b0:8e:0c:1e:ce:9e:d7:1d:79:17:67:f2:ce:c5:c4:e0:
80:03:9b:7e:ac:33:9f:0c:53:dc:d5:a4:e6:18:e2:0f:9c:1b:
ac:ff:24:e9:91:06:2e:ea:3a:cd:7b:f0:8f:d4:5a:26:0e:7c:
4b:48:b3:1d:0d:b3:a7:6d:ba:05:52:42:e6:e8:99:b5:44:56:
b8:38:bc:56:a2:de:86:b9:8c:e4:50:27:80:07:65:1e:3e:e5:
29:31:d3:ad:a1:6a:94:19:5e:3c:2c:6c:f8:63:de:27:53:97:
90:78:e1:37:61:0b:c1:4d:04:a4:ff:5a:be:ee:52:ed:48:ce:
8f:b4:22:b7:e0:70:8a:d7:87:41:45:8c:73:6a:15:90:2e:73:
b4:c7:40:ce:b3:27:1f:f8:2f:3c:c2:c2:1f:5e:01:b6:9e:36:
be:d2:8d:f0:5a:8e:8a:c9:2a:e2:41:07:73:2e:8e:d0:79:89:
3d:e5:36:e9:a1:67:7a:91:d4:76:62:94:93:eb:0a:c4:11:1b:
55:cc:3c:72:ef:7b:a8:5d:7a:37:e1:b4:20:22:01:54:84:2c:
9f:27:b2:07
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYjUd8LOtTOdQrI+hVyLEsMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNjE5MTYyMzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ0MzFmOGFlZTNkOGI0OGUxOGEwNTQ5NGFhZjkyN2M4YzAzZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7syh5ir3u0f1NoMLuxG9BECuM5N
SMOq3L4LGakY2Fj3yh2ROhOeOTFweFx6PTr15NFXDtWl9VLC/bdlbM8n3f567te3
YGbmjPdH40etglP/AH3s2WAkl020bgtUo4oeC+5PR8G/i5gV3iKa4xIbvVkBeq0Y
FlJ3rL1QGf1tVtjVJJWzpvchZAkvfmRDQx3KxNeeY5eXeePd0nQlBaQZE9184Us5
MRNv5nHxDumnPpRa1nYsnmBChidYH1mCeLpBt0PCOVS8XrIf3a6VOFqb3gnxW3F/
LoWDSrTeqOqqH2ZX8uaNi6RUh+8DTtYR+doXfZhTs07CD12LA6hufnV10wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnUMfiu49i0jhigVJSq+SfIwD6qMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMS1kUXgtSzdqMkxTT0dLQlVsS3I1SjhqQVBxby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVj
NS8xLzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS1BcgME
ArzRjDANBgkqhkiG9w0BAQsFAAOCAQEAVL2273bMiofgcf60HZKMzMiMS2TZnCp2
aauzx4GW33UWhwXID/Owjgwezp7XHXkXZ/LOxcTggAObfqwznwxT3NWk5hjiD5wb
rP8k6ZEGLuo6zXvwj9RaJg58S0izHQ2zp226BVJC5uiZtURWuDi8VqLehrmM5FAn
gAdlHj7lKTHTraFqlBlePCxs+GPeJ1OXkHjhN2ELwU0EpP9avu5S7UjOj7Qit+Bw
iteHQUWMc2oVkC5ztMdAzrMnH/gvPMLCH14Btp42vtKN8FqOiskq4kEHcy6O0HmJ
PeU26aFnepHUdmKUk+sKxBEbVcw8cu97qF16N+G0ICIBVIQsnyeyBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org