Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/S1Z7kPkvGwkNzNoqMSBQ3QGwquQ.roa
File: S1Z7kPkvGwkNzNoqMSBQ3QGwquQ.roa (raw, json)
Hash identifier: P0F4B5+jke6fk6GqKBrk0pA7aQ5n3QMG5ILPdhUBv7g=
Subject key identifier: 4B:56:7B:90:F9:2F:1B:09:0D:CC:DA:2A:31:20:50:DD:01:B0:AA:E4
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A968F1D7CC680D8E303CAC8A7E7D042
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/S1Z7kPkvGwkNzNoqMSBQ3QGwquQ.roa
Signing time: Sat 25 Mar 2023 21:04:47 +0000
ROA not before: Sat 25 Mar 2023 21:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400175
IP address blocks: 45.141.15.0/24 maxlen: 24
93.177.109.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:96:8f:1d:7c:c6:80:d8:e3:03:ca:c8:a7:e7:d0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b567b90f92f1b090dccda2a312050dd01b0aae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:58:4a:46:44:93:f9:62:b5:98:48:63:43:67:
41:fa:a8:59:8f:7b:a0:1d:ac:c5:c6:7f:3d:a3:17:
80:2e:76:5b:57:68:50:3f:08:43:cf:c9:59:d9:0d:
ae:a9:59:a9:15:27:70:47:7e:40:a6:8a:ef:8a:25:
34:36:d3:3e:d4:89:85:5c:38:be:2c:05:02:d5:fa:
0e:1c:11:af:6c:00:a0:68:f1:13:0e:d9:de:25:85:
a0:42:2b:54:c9:1a:0e:52:fd:25:e6:fb:f1:ba:be:
08:c1:d7:aa:95:47:af:57:05:b8:2a:71:a6:25:b1:
61:9b:9b:28:64:1f:27:42:d2:3a:54:65:52:85:31:
2a:a4:aa:e6:2d:a3:07:15:68:09:84:96:8f:83:34:
bb:28:f3:b8:9c:c4:d0:7d:cb:3b:07:91:8e:71:d8:
c3:1d:d3:67:98:57:4c:20:76:f9:f5:c0:7d:8a:83:
a3:32:c9:ba:01:2c:93:3f:1e:92:7c:ba:ed:57:55:
25:2d:0e:9e:6f:04:6c:86:cf:e2:7a:a3:dd:e5:ca:
ac:92:e1:ae:25:89:f2:40:ac:7e:2a:2e:cb:67:d0:
dc:1d:88:cd:62:d3:0a:a9:cd:55:be:5c:bb:ff:d6:
07:0a:1b:71:0b:ea:a3:08:27:5c:d6:27:38:76:1d:
dd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:56:7B:90:F9:2F:1B:09:0D:CC:DA:2A:31:20:50:DD:01:B0:AA:E4
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/S1Z7kPkvGwkNzNoqMSBQ3QGwquQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.15.0/24
93.177.109.0/24
Signature Algorithm: sha256WithRSAEncryption
71:dc:2f:9d:68:50:77:c5:10:38:2a:56:07:66:2b:da:b6:3f:
b8:7c:cc:10:bb:be:70:b5:f7:11:50:fd:cf:9b:e7:6e:28:aa:
b8:4e:9a:c7:b4:11:e2:35:67:45:39:d7:a1:ee:aa:c9:d2:df:
06:d7:22:97:b9:40:5c:f5:d1:7b:31:61:8d:75:6d:2d:69:57:
df:0f:3f:01:73:32:42:3a:2e:3d:d9:48:9e:d0:03:fc:75:0a:
26:9f:f5:98:fa:95:f1:57:08:8d:5c:20:bf:d5:b5:3d:46:13:
22:83:ca:eb:4f:c0:b3:f7:18:c6:34:22:7b:71:af:9d:3c:d8:
28:8d:41:cc:fa:6b:9a:18:64:11:7f:1e:8b:a8:b9:27:db:7d:
1c:80:9d:bc:a8:dd:3e:c9:31:4e:6e:2f:94:ac:c8:8e:a0:53:
ca:9a:e1:2c:06:53:30:87:84:50:69:91:7c:32:23:77:6a:0b:
9f:cf:72:19:46:fa:3d:5a:96:94:8d:be:e2:69:60:77:6e:f1:
73:03:b9:9e:01:bd:78:94:af:9b:01:ec:8d:b8:36:64:b3:bd:
ba:08:9d:32:f8:98:03:34:c9:43:0e:61:3d:9b:dc:ec:cc:61:
27:c3:c1:4e:c3:5f:35:0c:79:8b:f3:57:d3:de:0a:35:c8:1b:
24:d0:17:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcalo8dfMaA2OMDysin59BCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU2N2I5MGY5MmYxYjA5MGRjY2RhMmEzMTIwNTBkZDAxYjBhYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklhKRkST+WK1mEhjQ2dB+qhZj3ug
HazFxn89oxeALnZbV2hQPwhDz8lZ2Q2uqVmpFSdwR35AporviiU0NtM+1ImFXDi+
LAUC1foOHBGvbACgaPETDtneJYWgQitUyRoOUv0l5vvxur4IwdeqlUevVwW4KnGm
JbFhm5soZB8nQtI6VGVShTEqpKrmLaMHFWgJhJaPgzS7KPO4nMTQfcs7B5GOcdjD
HdNnmFdMIHb59cB9ioOjMsm6ASyTPx6SfLrtV1UlLQ6ebwRshs/ieqPd5cqskuGu
JYnyQKx+Ki7LZ9DcHYjNYtMKqc1Vvly7/9YHChtxC+qjCCdc1ic4dh3dxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEtWe5D5LxsJDczaKjEgUN0BsKrkMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUzFaN2tQa3ZHd2tOek5vcU1TQlEzUUd3cXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY0PAwQA
XbFtMA0GCSqGSIb3DQEBCwUAA4IBAQBx3C+daFB3xRA4KlYHZivatj+4fMwQu75w
tfcRUP3Pm+duKKq4TprHtBHiNWdFOdeh7qrJ0t8G1yKXuUBc9dF7MWGNdW0taVff
Dz8BczJCOi492Uie0AP8dQomn/WY+pXxVwiNXCC/1bU9RhMig8rrT8Cz9xjGNCJ7
ca+dPNgojUHM+muaGGQRfx6LqLkn230cgJ28qN0+yTFObi+UrMiOoFPKmuEsBlMw
h4RQaZF8MiN3agufz3IZRvo9WpaUjb7iaWB3bvFzA7meAb14lK+bAeyNuDZks726
CJ0y+JgDNMlDDmE9m9zszGEnw8FOw181DHmL81fT3go1yBsk0BeM
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org