Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/1-OfffeU23NJpvv6zr8kLBvxLG74.roa
File: 1-OfffeU23NJpvv6zr8kLBvxLG74.roa (raw, json)
Hash identifier: vx65PFc44DqoB0tu73b0z6arTvCInaQCaaV3zhWFVEM=
Subject key identifier: F8:E7:DF:7D:E5:36:DC:D2:69:BE:FE:B3:AF:C9:0B:06:FC:4B:1B:BE
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 018CC348F497D0B4AF4ECB3EF7574029BF23
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/1-OfffeU23NJpvv6zr8kLBvxLG74.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35197
IP address blocks: 45.142.137.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 11:20:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f4:97:d0:b4:af:4e:cb:3e:f7:57:40:29:bf:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8e7df7de536dcd269befeb3afc90b06fc4b1bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:b2:e3:b5:4f:0e:82:eb:93:e3:9b:97:5d:
c8:9e:0b:43:ea:2b:a6:07:76:05:c2:e3:1e:e7:5a:
35:11:af:39:ec:c9:42:97:e2:04:83:52:d7:d6:71:
fd:de:8d:67:3e:08:18:08:5a:1d:4f:17:6c:1d:f8:
be:49:04:14:c5:b6:bf:35:3d:ff:07:d1:73:c4:a3:
c3:52:c9:6d:3b:30:39:ac:2a:90:05:64:40:ec:6c:
f5:7c:bf:cd:32:cc:ca:a9:be:7f:ed:c2:ad:08:34:
ed:d5:8b:58:fa:a8:4c:c2:96:14:b6:04:4a:6f:73:
af:23:fa:6d:1d:34:1a:b8:13:4f:53:21:26:29:64:
21:77:a4:19:bc:15:1c:3e:f5:31:98:ad:22:2a:63:
a9:db:b8:10:59:58:99:17:6d:49:43:83:79:96:4b:
14:e2:43:c9:23:96:09:f0:81:25:dc:9f:0c:41:6a:
f2:ae:8c:c3:a6:18:b2:a1:3a:65:79:03:51:b8:1f:
0f:ce:f0:4a:98:11:41:1b:28:b1:72:00:af:33:07:
a5:be:6c:7a:c1:67:69:9c:8d:f2:c7:9b:84:1a:6d:
21:09:10:2e:da:c0:ed:ef:08:1b:b1:d7:39:c0:34:
e6:86:08:05:f9:24:37:a4:a8:11:4c:71:a6:4e:6f:
20:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E7:DF:7D:E5:36:DC:D2:69:BE:FE:B3:AF:C9:0B:06:FC:4B:1B:BE
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/1-OfffeU23NJpvv6zr8kLBvxLG74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.137.0/24
185.187.129.0-185.187.130.255
Signature Algorithm: sha256WithRSAEncryption
1a:74:bf:b8:52:d1:22:f5:a9:fd:d7:44:13:15:4d:2e:25:d5:
fb:36:20:8b:d1:9c:30:30:7b:5f:69:ef:13:e3:54:51:b2:b5:
47:f8:95:7f:22:8a:00:3b:8b:09:4d:69:87:67:70:de:ee:5f:
c0:96:00:03:f0:3e:ad:0a:d4:dc:85:70:84:42:1e:a9:de:6a:
e3:82:dc:8c:f7:3c:cf:df:aa:6b:52:ae:7d:51:64:46:6a:1c:
20:35:09:e0:e6:0a:9d:a2:8c:bb:6f:c8:df:e4:12:6c:0c:6d:
46:f3:fc:70:39:16:cb:79:2f:c4:da:60:2a:f6:24:72:8d:a8:
12:31:b6:85:21:dc:7b:26:c2:46:68:d4:41:b3:36:8c:ba:4e:
aa:46:ff:78:68:22:a6:ed:bd:af:aa:ba:1b:8a:57:3e:e8:4a:
29:09:3e:d9:54:39:01:25:47:35:58:01:82:21:01:a4:ad:79:
de:99:8e:48:be:af:84:8e:dc:08:b8:1f:28:5b:5a:09:67:a0:
56:dc:a7:37:a1:a8:98:af:34:16:63:1c:2e:8c:9f:05:48:72:
f0:25:65:00:b0:95:c3:d9:e1:9b:e9:44:e5:f3:29:d0:fd:ca:
d5:4a:c9:57:1e:07:8c:fe:30:66:60:d4:36:dd:71:5f:c8:93:
3d:90:b8:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSPSX0LSvTss+91dAKb8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU3ZGY3ZGU1MzZkY2QyNjliZWZlYjNhZmM5MGIwNmZjNGIxYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+uy47VPDoLrk+Obl13IngtD6ium
B3YFwuMe51o1Ea857MlCl+IEg1LX1nH93o1nPggYCFodTxdsHfi+SQQUxba/NT3/
B9FzxKPDUsltOzA5rCqQBWRA7Gz1fL/NMszKqb5/7cKtCDTt1YtY+qhMwpYUtgRK
b3OvI/ptHTQauBNPUyEmKWQhd6QZvBUcPvUxmK0iKmOp27gQWViZF21JQ4N5lksU
4kPJI5YJ8IEl3J8MQWryrozDphiyoTpleQNRuB8PzvBKmBFBGyixcgCvMwelvmx6
wWdpnI3yx5uEGm0hCRAu2sDt7wgbsdc5wDTmhggF+SQ3pKgRTHGmTm8gYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPjn333lNtzSab7+s6/JCwb8Sxu+MB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvMS1PZmZmZVUyM05KcHZ2NnpyOGtMQnZ4TEc3NC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTAvNWI5MmE3LTI4MzctNDY5ZS04MjE0LWU4MTFlMjNjMTgw
NC8xL2tZa0JaaXFPeGY5TlAwalNrSmtqQ2dWMTdJby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAC2OiTAM
AwQAubuBAwQAubuCMA0GCSqGSIb3DQEBCwUAA4IBAQAadL+4UtEi9an910QTFU0u
JdX7NiCL0ZwwMHtfae8T41RRsrVH+JV/IooAO4sJTWmHZ3De7l/AlgAD8D6tCtTc
hXCEQh6p3mrjgtyM9zzP36prUq59UWRGahwgNQng5gqdooy7b8jf5BJsDG1G8/xw
ORbLeS/E2mAq9iRyjagSMbaFIdx7JsJGaNRBszaMuk6qRv94aCKm7b2vqrobilc+
6EopCT7ZVDkBJUc1WAGCIQGkrXnemY5Ivq+EjtwIuB8oW1oJZ6BW3Kc3oaiYrzQW
YxwujJ8FSHLwJWUAsJXD2eGb6UTl8ynQ/crVSslXHgeM/jBmYNQ23XFfyJM9kLh2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:41 2024 by rpki-client on console-ams.rpki-client.org