Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/SSd9X1VfltlyY1iiTwcwJbaDMvM.roa
File: SSd9X1VfltlyY1iiTwcwJbaDMvM.roa (raw, json)
Hash identifier: +yAFRG5TsjH12y74kqP0sPFz5FFHNMEYuTdp75vlGRY=
Subject key identifier: 49:27:7D:5F:55:5F:96:D9:72:63:58:A2:4F:07:30:25:B6:83:32:F3
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018CC7945025DE81E961BD32B1C13F310874
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/SSd9X1VfltlyY1iiTwcwJbaDMvM.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400039
IP address blocks: 45.143.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 12:21:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:50:25:de:81:e9:61:bd:32:b1:c1:3f:31:08:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49277d5f555f96d9726358a24f073025b68332f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1e:ff:12:43:c5:07:66:73:bb:45:ad:83:12:
a4:c6:0b:37:5d:e2:da:0e:38:42:93:4e:16:f2:3f:
e9:64:fe:a6:fb:00:fc:ce:37:52:1a:c4:72:96:6b:
3f:cd:13:b6:db:43:57:16:1f:0e:2c:3c:30:dd:32:
cb:c9:aa:5d:92:74:d6:25:b2:06:54:28:f3:28:c1:
c1:7a:24:d4:e4:73:28:e2:97:19:f0:77:4a:df:12:
2e:55:6e:65:9b:3d:a0:b7:a1:45:c6:86:f1:0d:5f:
59:58:77:dd:d1:e1:61:fe:02:84:40:ca:d4:85:86:
bc:c8:07:0c:ec:80:16:49:27:9d:9e:d1:79:de:d2:
71:ca:dd:b1:5f:43:73:16:58:0e:15:d1:f1:ce:b6:
1f:5c:d7:ac:a2:ae:a3:60:36:84:e1:e1:cf:5f:09:
70:75:b0:3d:04:92:21:35:91:d2:b0:aa:c6:72:0b:
63:2c:9d:1f:5f:24:1d:db:ca:d3:96:e8:76:2c:90:
94:5a:20:88:28:36:73:04:b2:d3:ea:df:af:e8:09:
b7:3d:7d:bd:c3:5a:5c:37:f0:63:8c:a6:e4:e1:d8:
21:01:94:06:82:d1:64:ad:0c:65:f0:6a:e6:ef:a1:
d8:ad:7e:ff:6c:7d:74:2f:02:76:9e:a5:ec:b4:e3:
d2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:27:7D:5F:55:5F:96:D9:72:63:58:A2:4F:07:30:25:B6:83:32:F3
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/SSd9X1VfltlyY1iiTwcwJbaDMvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.10.0/24
Signature Algorithm: sha256WithRSAEncryption
71:9e:d1:37:ff:99:f9:24:b1:5f:e8:8b:15:2e:2b:c9:8a:c6:
ee:c1:1f:9f:0e:01:b9:04:56:0a:c7:bf:18:4e:4c:aa:ad:2a:
6d:0d:b2:17:d3:f5:af:94:b6:98:83:89:d0:a5:f4:9e:0b:f7:
ba:8d:d6:69:5d:31:db:2d:00:54:5a:f9:43:3b:e5:7d:b3:9c:
a7:ec:62:b7:92:44:f9:0e:02:de:47:f7:a4:05:d9:97:44:8c:
70:f0:da:9b:22:a6:a2:55:b8:1f:f0:0a:34:0f:2d:c3:70:bf:
3b:b5:76:a0:fa:e1:de:f8:1d:3c:53:9e:a0:b1:99:c6:76:16:
89:72:95:8f:ae:1a:b8:40:52:b4:a3:3b:8f:24:af:c5:0c:8c:
c3:61:ce:76:69:63:38:65:38:b2:f6:e3:5b:06:fa:7f:64:4f:
17:32:59:75:d1:f3:91:66:66:59:9c:d4:05:5c:df:97:05:12:
fa:33:0c:00:b8:eb:67:0e:b6:58:4a:4a:85:c0:72:1c:a7:de:
54:01:df:c5:d7:4c:23:0c:bd:3f:b3:cb:e5:65:0b:8e:ef:86:
25:74:62:07:57:c1:86:c8:63:c9:9c:69:f1:00:34:b6:d3:e0:
e8:37:4f:8c:80:39:7c:c6:07:ff:7c:b2:a9:9d:74:57:93:8e:
66:91:c6:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlFAl3oHpYb0yscE/MQh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTI3N2Q1ZjU1NWY5NmQ5NzI2MzU4YTI0ZjA3MzAyNWI2ODMzMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1x7/EkPFB2Zzu0WtgxKkxgs3XeLa
DjhCk04W8j/pZP6m+wD8zjdSGsRylms/zRO220NXFh8OLDww3TLLyapdknTWJbIG
VCjzKMHBeiTU5HMo4pcZ8HdK3xIuVW5lmz2gt6FFxobxDV9ZWHfd0eFh/gKEQMrU
hYa8yAcM7IAWSSedntF53tJxyt2xX0NzFlgOFdHxzrYfXNesoq6jYDaE4eHPXwlw
dbA9BJIhNZHSsKrGcgtjLJ0fXyQd28rTluh2LJCUWiCIKDZzBLLT6t+v6Am3PX29
w1pcN/BjjKbk4dghAZQGgtFkrQxl8Grm76HYrX7/bH10LwJ2nqXstOPSswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEknfV9VX5bZcmNYok8HMCW2gzLzMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvU1NkOVgxVmZsdGx5WTFpaVR3Y3dKYmFETXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY8KMA0G
CSqGSIb3DQEBCwUAA4IBAQBxntE3/5n5JLFf6IsVLivJisbuwR+fDgG5BFYKx78Y
TkyqrSptDbIX0/WvlLaYg4nQpfSeC/e6jdZpXTHbLQBUWvlDO+V9s5yn7GK3kkT5
DgLeR/ekBdmXRIxw8NqbIqaiVbgf8Ao0Dy3DcL87tXag+uHe+B08U56gsZnGdhaJ
cpWPrhq4QFK0ozuPJK/FDIzDYc52aWM4ZTiy9uNbBvp/ZE8XMll10fORZmZZnNQF
XN+XBRL6MwwAuOtnDrZYSkqFwHIcp95UAd/F10wjDL0/s8vlZQuO74YldGIHV8GG
yGPJnGnxADS20+DoN0+MgDl8xgf/fLKpnXRXk45mkcbO
-----END CERTIFICATE-----
Generated at Mon Feb 5 17:24:25 2024 by rpki-client on console-fra.rpki-client.org