Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/THGPDYN4HdAXzo3b6fM0zqywvi0.roa
File: THGPDYN4HdAXzo3b6fM0zqywvi0.roa (raw, json)
Hash identifier: OSM7JIVfJ2TnetxiFHZF83814GGEjC/u+VEI42hLLlo=
Subject key identifier: 4C:71:8F:0D:83:78:1D:D0:17:CE:8D:DB:E9:F3:34:CE:AC:B0:BE:2D
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018CC3B6C5262E6CAED660CB174E83C49059
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/THGPDYN4HdAXzo3b6fM0zqywvi0.roa
Signing time: Mon 01 Jan 2024 06:29:44 +0000
ROA not before: Mon 01 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48108
IP address blocks: 193.43.146.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c5:26:2e:6c:ae:d6:60:cb:17:4e:83:c4:90:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c718f0d83781dd017ce8ddbe9f334ceacb0be2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:1f:a8:35:41:50:48:60:e0:85:93:b4:f2:
7d:12:d1:65:f9:52:2a:2c:9c:34:d8:87:2f:fd:65:
85:43:fa:27:01:0b:1a:61:f0:8c:d9:b2:45:46:51:
9f:b9:84:0b:e1:96:46:50:a8:47:95:3d:26:ce:e5:
41:bb:5d:66:55:f1:de:fa:6d:9c:3c:2b:6b:6c:a7:
68:50:c4:b1:f4:88:eb:5a:f0:d4:0b:95:8b:87:37:
73:05:f9:a8:ff:2e:1b:57:49:1a:d5:b8:4b:b5:8c:
2a:cc:30:7b:8c:14:43:d3:51:f1:ed:e3:75:b1:cf:
be:e2:f9:5e:d7:da:65:26:3d:c0:ed:77:ee:03:70:
4e:2f:ff:00:85:25:e9:39:97:2b:03:1e:b1:72:63:
3b:02:7e:24:52:10:11:26:7a:e2:fc:95:02:8f:54:
5b:a8:59:a2:0b:01:f9:8c:b9:3e:ff:35:61:1c:7a:
7c:a3:82:61:f2:a6:32:a3:fc:88:30:02:ef:91:b7:
52:80:98:34:f1:41:a5:a1:73:df:c6:df:7d:02:82:
ae:a6:ae:e6:88:18:4c:f3:36:eb:eb:86:36:11:9f:
d5:73:2c:cb:fa:72:94:71:37:c1:10:fa:44:d5:ee:
88:d1:88:e8:46:63:56:fe:bd:43:0a:92:16:46:2e:
93:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:71:8F:0D:83:78:1D:D0:17:CE:8D:DB:E9:F3:34:CE:AC:B0:BE:2D
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/THGPDYN4HdAXzo3b6fM0zqywvi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.8.0/23
193.43.146.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d5:e3:e7:ec:f4:3a:2a:34:99:29:2d:49:65:35:21:d2:15:
16:08:f2:70:19:57:8f:83:e7:73:38:b8:7a:10:44:b1:70:bb:
eb:a7:c7:60:8f:a6:e1:1d:f2:50:5e:99:49:cd:9a:95:67:0c:
cd:5d:00:64:31:0c:34:01:94:6b:f8:d0:fb:dc:2f:06:ad:0f:
8c:d7:de:3c:7b:5d:9d:e0:b1:b4:8d:9b:25:63:ad:fd:fb:85:
e5:3e:aa:12:9b:46:5b:7d:d0:8b:02:fb:10:d8:d9:11:92:69:
b8:3f:d3:de:4f:46:3f:df:54:de:5d:5f:68:96:b6:fb:a5:d7:
62:93:58:78:b7:ae:97:93:52:a0:66:7b:b6:d5:57:30:68:0c:
ef:57:5f:2e:c9:79:fb:b7:64:49:aa:ac:89:54:52:de:8c:32:
36:21:f1:68:80:82:0c:08:f2:56:07:82:0f:f6:aa:01:61:eb:
e8:87:bc:f7:f9:cf:ba:14:56:09:75:26:eb:b0:61:2d:92:0d:
a2:8f:94:23:f9:f9:a2:41:f4:4b:b7:be:4d:13:0a:00:58:32:
01:08:bf:db:72:ed:59:99:d5:6f:e2:05:17:11:af:8b:9a:05:
ae:8b:9d:45:ba:c2:7c:d3:da:87:3e:bd:e7:13:fd:4e:59:be:
a8:73:74:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtsUmLmyu1mDLF06DxJBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMTAxMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzcxOGYwZDgzNzgxZGQwMTdjZThkZGJlOWYzMzRjZWFjYjBiZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQcfqDVBUEhg4IWTtPJ9EtFl+VIq
LJw02Icv/WWFQ/onAQsaYfCM2bJFRlGfuYQL4ZZGUKhHlT0mzuVBu11mVfHe+m2c
PCtrbKdoUMSx9IjrWvDUC5WLhzdzBfmo/y4bV0ka1bhLtYwqzDB7jBRD01Hx7eN1
sc++4vle19plJj3A7XfuA3BOL/8AhSXpOZcrAx6xcmM7An4kUhARJnri/JUCj1Rb
qFmiCwH5jLk+/zVhHHp8o4Jh8qYyo/yIMALvkbdSgJg08UGloXPfxt99AoKupq7m
iBhM8zbr64Y2EZ/VcyzL+nKUcTfBEPpE1e6I0YjoRmNW/r1DCpIWRi6TWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFExxjw2DeB3QF86N2+nzNM6ssL4tMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvVEhHUERZTjRIZEFYem8zYjZmTTB6cXl3dmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV0IAwQA
wSuSMA0GCSqGSIb3DQEBCwUAA4IBAQCM1ePn7PQ6KjSZKS1JZTUh0hUWCPJwGVeP
g+dzOLh6EESxcLvrp8dgj6bhHfJQXplJzZqVZwzNXQBkMQw0AZRr+ND73C8GrQ+M
1948e12d4LG0jZslY639+4XlPqoSm0ZbfdCLAvsQ2NkRkmm4P9PeT0Y/31TeXV9o
lrb7pddik1h4t66Xk1KgZnu21VcwaAzvV18uyXn7t2RJqqyJVFLejDI2IfFogIIM
CPJWB4IP9qoBYevoh7z3+c+6FFYJdSbrsGEtkg2ij5Qj+fmiQfRLt75NEwoAWDIB
CL/bcu1ZmdVv4gUXEa+LmgWui51FusJ809qHPr3nE/1OWb6oc3Sm
-----END CERTIFICATE-----
Generated at Mon Jan 15 17:29:58 2024 by rpki-client on console-ams.rpki-client.org