Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CNSgp0jNQEqa1CZZPUqD9Qfw978.roa
File: CNSgp0jNQEqa1CZZPUqD9Qfw978.roa (raw, json)
Hash identifier: KB+gfiMnKeN7ZP8TF/C9NI0V/oASwdw/fe3EV9CSfDw=
Subject key identifier: 08:D4:A0:A7:48:CD:40:4A:9A:D4:26:59:3D:4A:83:F5:07:F0:F7:BF
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CCBFC9A2EDB05600563CE844A483FFAC4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CNSgp0jNQEqa1CZZPUqD9Qfw978.roa
Signing time: Tue 02 Jan 2024 21:02:58 +0000
ROA not before: Tue 02 Jan 2024 21:02:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 45.65.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 06:06:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:fc:9a:2e:db:05:60:05:63:ce:84:4a:48:3f:fa:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 2 21:02:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08d4a0a748cd404a9ad426593d4a83f507f0f7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:2d:01:3d:ba:60:87:82:8e:d8:99:67:c5:
ed:3d:68:c5:bd:38:b0:86:95:9a:81:ec:2c:85:26:
76:6b:e6:a1:61:30:67:84:ad:66:6d:59:04:b0:b9:
fe:03:7a:ce:f5:56:a0:a2:a2:23:9b:2d:54:fb:a4:
fc:36:fd:b7:6a:b0:5c:88:1c:c0:f2:35:4b:62:86:
3a:0f:1e:f4:8c:05:80:f4:02:f5:b2:13:58:b6:5a:
6e:e6:ce:bc:16:05:66:c3:f8:aa:79:72:d0:56:e7:
19:cf:4e:33:fa:c2:71:cd:3b:bc:9c:1d:34:b2:79:
5d:27:ba:77:80:cd:75:ec:83:a2:1f:52:c8:d5:88:
b8:9f:6f:ef:87:0c:50:e3:4f:3b:be:f8:3e:62:90:
7f:ab:ab:fe:b7:31:94:2f:ab:a1:f8:bf:2c:f1:27:
52:12:9e:cc:af:5b:00:1b:48:96:46:d8:0d:52:de:
c3:9c:c0:bd:70:6b:3c:ad:9b:08:5f:ed:eb:0a:a0:
ff:c5:47:73:c3:39:20:47:c1:e3:f4:18:f6:3e:ca:
0f:18:b7:34:f1:0a:70:2c:b3:12:50:aa:88:47:59:
39:74:a9:a3:36:59:33:88:23:e9:95:4a:a5:ec:df:
7b:62:17:9d:6f:19:53:42:ec:68:b5:b8:dd:63:9b:
6c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D4:A0:A7:48:CD:40:4A:9A:D4:26:59:3D:4A:83:F5:07:F0:F7:BF
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CNSgp0jNQEqa1CZZPUqD9Qfw978.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.113.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:86:47:0b:8b:ac:4d:67:15:46:36:0e:23:24:51:ab:38:3a:
34:b3:62:b5:bd:f9:9d:dd:03:ee:63:7d:3f:6c:29:18:ce:c9:
16:fb:36:9d:d7:f7:c1:98:df:82:51:67:da:a6:68:ee:ec:a4:
9b:60:04:11:1d:89:fb:4f:02:ee:59:67:cd:c7:35:1c:74:c4:
35:1b:f1:5b:fa:5e:0c:3a:1f:fd:71:51:08:49:ed:b9:96:ec:
21:6e:c8:c0:b6:a7:65:d4:eb:32:60:8a:71:38:74:34:72:de:
a8:f8:12:89:17:9f:2f:76:ec:a3:1a:2d:e0:76:8a:bc:4e:db:
39:f8:de:16:1a:36:c1:ca:69:5a:81:0c:5a:2f:2b:02:f9:f0:
70:3e:9f:2f:38:25:73:94:45:02:aa:b0:d5:03:0a:b6:9c:6d:
8c:ef:22:a8:4a:f9:66:46:ce:f5:b8:ab:b4:16:93:28:98:55:
b3:8d:a0:67:86:81:21:a5:7e:20:1f:73:7c:08:f8:57:5e:14:
45:55:06:04:51:00:52:8d:25:0d:19:71:5f:5a:35:67:51:66:
da:c8:0a:4f:60:59:20:46:48:ae:48:47:f8:64:17:b6:b0:2e:
70:ae:cb:7f:7a:30:f2:21:43:d7:de:28:de:9e:a2:70:fe:1f:
3f:fc:8a:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzL/Jou2wVgBWPOhEpIP/rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAyMjEwMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ0YTBhNzQ4Y2Q0MDRhOWFkNDI2NTkzZDRhODNmNTA3ZjBmN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos8tAT26YIeCjtiZZ8XtPWjFvTiw
hpWagewshSZ2a+ahYTBnhK1mbVkEsLn+A3rO9VagoqIjmy1U+6T8Nv23arBciBzA
8jVLYoY6Dx70jAWA9AL1shNYtlpu5s68FgVmw/iqeXLQVucZz04z+sJxzTu8nB00
snldJ7p3gM117IOiH1LI1Yi4n2/vhwxQ4087vvg+YpB/q6v+tzGUL6uh+L8s8SdS
Ep7Mr1sAG0iWRtgNUt7DnMC9cGs8rZsIX+3rCqD/xUdzwzkgR8Hj9Bj2PsoPGLc0
8QpwLLMSUKqIR1k5dKmjNlkziCPplUql7N97YhedbxlTQuxotbjdY5tsDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjUoKdIzUBKmtQmWT1Kg/UH8Pe/MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQ05TZ3Awak5RRXFhMUNaWlBVcUQ5UWZ3OTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUFxMA0G
CSqGSIb3DQEBCwUAA4IBAQCyhkcLi6xNZxVGNg4jJFGrODo0s2K1vfmd3QPuY30/
bCkYzskW+zad1/fBmN+CUWfapmju7KSbYAQRHYn7TwLuWWfNxzUcdMQ1G/Fb+l4M
Oh/9cVEISe25luwhbsjAtqdl1OsyYIpxOHQ0ct6o+BKJF58vduyjGi3gdoq8Tts5
+N4WGjbBymlagQxaLysC+fBwPp8vOCVzlEUCqrDVAwq2nG2M7yKoSvlmRs71uKu0
FpMomFWzjaBnhoEhpX4gH3N8CPhXXhRFVQYEUQBSjSUNGXFfWjVnUWbayApPYFkg
RkiuSEf4ZBe2sC5wrst/ejDyIUPX3ijenqJw/h8//IqR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org