Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fHhsp3Dwibt9wqUYQeoVL6lM59s.roa
File: fHhsp3Dwibt9wqUYQeoVL6lM59s.roa (raw, json)
Hash identifier: TbiUVeWh6vHbr5neMwRyRRchQBYAZpl5r2RQBYoJ3b4=
Subject key identifier: 7C:78:6C:A7:70:F0:89:BB:7D:C2:A5:18:41:EA:15:2F:A9:4C:E7:DB
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0187EA088C123F8A3DF57FDF0E01B8C6C62C
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fHhsp3Dwibt9wqUYQeoVL6lM59s.roa
Signing time: Fri 05 May 2023 03:50:41 +0000
ROA not before: Fri 05 May 2023 03:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 188.209.140.0/22 maxlen: 24
45.65.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 May 2023 16:38:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ea:08:8c:12:3f:8a:3d:f5:7f:df:0e:01:b8:c6:c6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 5 03:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c786ca770f089bb7dc2a51841ea152fa94ce7db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d3:37:1e:9b:0d:dc:6c:f2:50:e0:5b:63:88:
0c:46:31:9d:a2:03:85:83:e2:e0:f7:df:7c:07:48:
8b:cb:26:a6:35:af:e0:ab:9e:3c:7a:1c:3d:0e:77:
d0:28:62:14:cd:17:2f:32:07:ee:2e:ed:01:22:a2:
25:6d:09:56:53:b4:8b:21:dc:6f:cb:a2:f0:a3:d9:
ad:31:0d:99:27:31:d8:a3:60:3e:71:59:35:92:87:
86:23:f7:58:01:fe:66:d4:93:90:0d:cf:0b:00:f0:
61:17:87:aa:9b:6d:15:d9:5b:47:3d:bf:fc:7b:56:
6d:27:79:46:7c:72:6f:56:ab:97:5c:a1:58:c4:2d:
07:dc:bb:e0:1b:d8:2b:ad:26:60:98:45:92:21:8e:
99:a2:5c:c6:03:26:82:2b:27:0f:ec:83:dc:3b:ed:
76:15:9f:57:99:97:ac:f6:ec:74:2a:9e:d6:a8:76:
fc:db:0a:73:24:e2:c0:2f:a3:45:28:52:7b:8d:8b:
2d:15:b8:69:f7:6e:d1:21:28:22:ad:e8:e4:62:76:
b8:9b:3d:29:db:a1:64:10:27:22:71:23:8b:cc:9b:
99:f4:99:98:df:19:09:8c:d1:7d:ce:e5:f6:91:40:
75:83:0c:9b:f6:e6:ec:6e:59:73:50:40:73:4d:ba:
b2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:78:6C:A7:70:F0:89:BB:7D:C2:A5:18:41:EA:15:2F:A9:4C:E7:DB
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/fHhsp3Dwibt9wqUYQeoVL6lM59s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
188.209.140.0/22
Signature Algorithm: sha256WithRSAEncryption
11:1b:80:01:a4:ee:e7:65:ce:87:5e:bb:50:d1:53:97:62:a8:
3d:9e:2d:19:54:a7:65:39:a5:70:45:b2:f1:b3:5f:1d:ee:1a:
a8:2d:5c:de:d5:e9:6c:43:49:88:b1:f7:c6:a5:b9:b4:64:ac:
99:52:ca:8b:62:c1:0a:d9:3e:38:3a:bc:d9:8b:2b:f9:fe:15:
6d:c7:28:b3:a5:05:b9:f0:d3:43:54:fe:73:c8:72:3b:c4:ed:
9f:d8:cc:cb:18:88:72:d1:7a:bf:bd:7d:15:9d:9d:7c:25:78:
04:4e:e3:a9:b4:b2:9f:80:97:56:60:d8:94:b5:d4:27:56:01:
6a:f6:3e:54:0a:8e:b2:c6:5f:cb:8f:9e:2a:2c:be:21:9b:5a:
cb:ad:6b:ad:a6:f9:0d:24:e3:5a:35:11:ba:7b:d3:b1:55:42:
9b:af:f4:78:9e:05:8f:58:01:ff:d5:74:63:9e:9d:7d:61:e7:
2e:08:68:41:5b:3a:e5:cb:82:f8:62:75:01:e8:b9:4f:e2:3e:
c8:c3:d7:6c:92:1c:c7:2e:ee:0f:da:65:0b:a8:70:8a:29:e1:
fd:f4:45:35:87:5e:4e:cc:e9:29:65:0b:30:cb:13:9a:3e:97:
47:e5:2c:7d:29:89:26:28:67:6b:17:57:02:7b:43:58:be:07:
28:3a:41:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfqCIwSP4o99X/fDgG4xsYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNTA1MDM1MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc4NmNhNzcwZjA4OWJiN2RjMmE1MTg0MWVhMTUyZmE5NGNlN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNM3HpsN3GzyUOBbY4gMRjGdogOF
g+Lg9998B0iLyyamNa/gq548ehw9DnfQKGIUzRcvMgfuLu0BIqIlbQlWU7SLIdxv
y6Lwo9mtMQ2ZJzHYo2A+cVk1koeGI/dYAf5m1JOQDc8LAPBhF4eqm20V2VtHPb/8
e1ZtJ3lGfHJvVquXXKFYxC0H3LvgG9grrSZgmEWSIY6ZolzGAyaCKycP7IPcO+12
FZ9XmZes9ux0Kp7WqHb82wpzJOLAL6NFKFJ7jYstFbhp927RISgirejkYna4mz0p
26FkECcicSOLzJuZ9JmY3xkJjNF9zuX2kUB1gwyb9ubsbllzUEBzTbqyKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHx4bKdw8Im7fcKlGEHqFS+pTOfbMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvZkhoc3AzRHdpYnQ5d3FVWVFlb1ZMNmxNNTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUFyAwQC
vNGMMA0GCSqGSIb3DQEBCwUAA4IBAQARG4ABpO7nZc6HXrtQ0VOXYqg9ni0ZVKdl
OaVwRbLxs18d7hqoLVze1elsQ0mIsffGpbm0ZKyZUsqLYsEK2T44OrzZiyv5/hVt
xyizpQW58NNDVP5zyHI7xO2f2MzLGIhy0Xq/vX0VnZ18JXgETuOptLKfgJdWYNiU
tdQnVgFq9j5UCo6yxl/Lj54qLL4hm1rLrWutpvkNJONaNRG6e9OxVUKbr/R4ngWP
WAH/1XRjnp19YecuCGhBWzrly4L4YnUB6LlP4j7Iw9dskhzHLu4P2mULqHCKKeH9
9EU1h15OzOkpZQswyxOaPpdH5Sx9KYkmKGdrF1cCe0NYvgcoOkEi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org