Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/fHsfTAn_9GUWUuNhWbKTThZ7mAQ.roa
File: fHsfTAn_9GUWUuNhWbKTThZ7mAQ.roa (raw, json)
Hash identifier: VCehiI/2AZdz1pwVMZr+BGxl5SCR7bk04/zxf1DfBr0=
Subject key identifier: 7C:7B:1F:4C:09:FF:F4:65:16:52:E3:61:59:B2:93:4E:16:7B:98:04
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 01878E4508736324D6691A4C8BDD7FDDB651
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/fHsfTAn_9GUWUuNhWbKTThZ7mAQ.roa
Signing time: Mon 17 Apr 2023 08:11:41 +0000
ROA not before: Mon 17 Apr 2023 08:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53850
IP address blocks: 45.143.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Jun 2023 13:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:45:08:73:63:24:d6:69:1a:4c:8b:dd:7f:dd:b6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Apr 17 08:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c7b1f4c09fff4651652e36159b2934e167b9804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:19:25:7b:d0:04:ce:ba:2c:a2:96:d6:5c:20:
b6:12:69:7a:21:2f:41:08:bd:75:e0:ad:0b:a6:51:
dd:a3:0f:2c:29:fc:a6:97:8f:dc:ef:1a:65:83:45:
52:af:c8:35:86:04:2f:10:dc:7a:b8:25:db:8c:e7:
60:2c:85:25:4b:7c:a0:6e:0f:ce:88:47:c7:22:58:
12:0a:2d:ec:b7:20:66:a5:81:f3:e1:59:45:02:41:
25:bf:77:fe:a2:f0:d5:b8:c6:07:12:d5:e1:bd:c9:
da:72:da:99:ce:a9:15:89:a9:1f:4b:55:aa:fd:94:
33:c3:73:fd:7a:e9:32:f0:3a:08:dd:50:9c:b8:f1:
ca:27:16:8a:bf:6d:5b:10:36:22:4f:40:d6:d9:ec:
e0:da:fb:41:1d:6e:5f:10:48:56:77:5d:42:5c:28:
95:a2:cc:c5:5c:11:db:fe:9e:29:56:e5:96:1f:1e:
56:d5:af:ee:0b:35:e8:05:01:b9:e0:89:bd:66:68:
fa:dc:0a:76:30:28:9f:35:9b:04:04:e3:dc:bc:be:
43:6e:8a:60:d7:32:34:39:6d:d6:24:a4:47:02:eb:
bc:c5:e1:5e:d2:65:c1:dc:3f:58:8e:85:8e:24:60:
a6:dc:2d:68:8f:6c:3a:92:f1:03:5e:8f:56:cf:79:
63:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7B:1F:4C:09:FF:F4:65:16:52:E3:61:59:B2:93:4E:16:7B:98:04
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/fHsfTAn_9GUWUuNhWbKTThZ7mAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.6.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ac:39:c5:d5:7b:e4:c9:39:47:d2:b7:1b:ca:05:6a:74:3d:
01:0d:0f:f3:44:e1:86:b9:c3:ed:64:c8:ad:24:7b:c8:b3:72:
de:d5:2e:10:d6:c0:79:55:bd:fd:43:ad:01:e7:b5:67:10:40:
cd:d8:84:ca:bf:a8:4d:10:8e:1a:11:e8:7a:43:b8:4f:4b:ac:
6f:3b:30:97:0d:e7:e7:c1:a4:dd:8a:05:06:bf:38:45:4a:d1:
75:a1:b1:fc:67:f4:ee:9c:f0:0c:a7:41:03:eb:65:81:1f:bc:
22:3c:7d:25:5c:9a:8d:2a:a8:84:9a:f7:f9:cc:51:68:81:dc:
6d:db:3d:98:ee:27:18:a5:90:8d:51:6c:d1:b7:c3:95:37:8f:
68:46:e5:34:24:0d:45:52:fd:ea:3c:29:52:da:59:42:1e:27:
0a:e8:97:d7:70:d6:a2:97:d2:5a:94:56:c1:ab:96:46:8c:3e:
5e:54:e4:45:3b:09:10:c3:d0:e6:cf:23:4a:41:10:de:d2:46:
b8:d6:48:ec:8a:9e:57:3d:aa:92:c7:f6:3d:df:e4:d3:33:21:
ce:ee:c0:bc:66:18:48:93:0b:34:3d:eb:ef:8d:82:05:0b:88:
8d:c5:49:94:de:44:32:c6:79:71:58:d5:96:20:50:8e:e4:f8:
5e:6d:8e:f5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYeORQhzYyTWaRpMi91/3bZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNDE3MDgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdiMWY0YzA5ZmZmNDY1MTY1MmUzNjE1OWIyOTM0ZTE2N2I5ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBkle9AEzrosopbWXCC2Eml6IS9B
CL114K0LplHdow8sKfyml4/c7xplg0VSr8g1hgQvENx6uCXbjOdgLIUlS3ygbg/O
iEfHIlgSCi3styBmpYHz4VlFAkElv3f+ovDVuMYHEtXhvcnactqZzqkViakfS1Wq
/ZQzw3P9euky8DoI3VCcuPHKJxaKv21bEDYiT0DW2ezg2vtBHW5fEEhWd11CXCiV
oszFXBHb/p4pVuWWHx5W1a/uCzXoBQG54Im9Zmj63Ap2MCifNZsEBOPcvL5Dbopg
1zI0OW3WJKRHAuu8xeFe0mXB3D9YjoWOJGCm3C1oj2w6kvEDXo9Wz3lj/wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHx7H0wJ//RlFlLjYVmyk04We5gEMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL2ZIc2ZUQW5fOUdVV1V1TmhXYktUVGhaN21BUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtjwYw
DQYJKoZIhvcNAQELBQADggEBAHGsOcXVe+TJOUfStxvKBWp0PQEND/NE4Ya5w+1k
yK0ke8izct7VLhDWwHlVvf1DrQHntWcQQM3YhMq/qE0QjhoR6HpDuE9LrG87MJcN
5+fBpN2KBQa/OEVK0XWhsfxn9O6c8AynQQPrZYEfvCI8fSVcmo0qqISa9/nMUWiB
3G3bPZjuJxilkI1RbNG3w5U3j2hG5TQkDUVS/eo8KVLaWUIeJwrol9dw1qKX0lqU
VsGrlkaMPl5U5EU7CRDD0ObPI0pBEN7SRrjWSOyKnlc9qpLH9j3f5NMzIc7uwLxm
GEiTCzQ96++NggULiI3FSZTeRDLGeXFY1ZYgUI7k+F5tjvU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org