Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/353k-7WTxqIWpSI-GPnMMSV3c7I.roa
File: 353k-7WTxqIWpSI-GPnMMSV3c7I.roa (raw, json)
Hash identifier: 9HGXwZA4kqu6UbhWnwvFm20pyESdf5gMpmx3HhkEAzE=
Subject key identifier: DF:9D:E4:FB:B5:93:C6:A2:16:A5:22:3E:18:F9:CC:31:25:77:73:B2
Certificate issuer: /CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Certificate serial: 018BC976F0B7CD3972F5A9C46B339AB19F34
Authority key identifier: 71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/353k-7WTxqIWpSI-GPnMMSV3c7I.roa
Signing time: Mon 13 Nov 2023 16:14:57 +0000
ROA not before: Mon 13 Nov 2023 16:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208718
IP address blocks: 45.87.192.0/24 maxlen: 24
45.87.193.0/24 maxlen: 24
45.87.195.0/24 maxlen: 24
45.87.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:76:f0:b7:cd:39:72:f5:a9:c4:6b:33:9a:b1:9f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Validity
Not Before: Nov 13 16:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df9de4fbb593c6a216a5223e18f9cc31257773b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:8d:f2:8a:1f:27:db:43:52:e7:5f:38:b2:
b5:53:02:67:9b:ae:37:38:f6:0b:bc:16:0d:b9:a3:
6f:c1:1b:58:ca:49:46:4b:92:81:d3:43:5c:46:8d:
4d:83:49:3b:10:b2:7e:f5:a4:a6:e5:b6:86:b2:f9:
64:26:4f:f5:03:3a:2d:b1:36:56:21:4a:11:2b:c4:
08:dd:9d:e5:f8:91:c8:b7:28:76:6f:db:aa:64:e1:
34:cc:21:93:82:30:0f:72:12:95:04:19:fd:37:1c:
9f:c5:0d:54:e9:f4:ab:70:cf:09:10:fa:fe:10:4d:
32:7b:9b:46:44:84:12:eb:f0:ea:c3:75:7e:89:9a:
65:23:b1:1d:8d:1f:e2:bc:7a:40:1a:7a:cf:04:d2:
1b:81:0a:c9:9b:7f:f7:86:95:b1:b5:dc:45:a3:6f:
1e:86:d9:4e:8b:62:71:d4:bc:99:e7:68:41:ae:e1:
d4:42:9e:cf:41:24:ba:97:be:77:90:ad:15:55:94:
7a:bc:4f:60:e0:e0:59:1b:43:cb:cf:ec:81:ab:5d:
ac:9e:f0:50:be:5c:d4:23:3c:e0:d0:41:7f:61:13:
9d:4e:21:29:dc:85:b7:c1:09:18:0d:bb:fe:df:c6:
ae:cb:2f:70:f9:45:5d:e0:b0:e7:ab:37:b6:70:08:
1b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9D:E4:FB:B5:93:C6:A2:16:A5:22:3E:18:F9:CC:31:25:77:73:B2
X509v3 Authority Key Identifier:
keyid:71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/353k-7WTxqIWpSI-GPnMMSV3c7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
33:18:24:37:bf:86:31:01:0e:d5:23:ce:ba:14:24:ec:f4:08:
5c:27:09:8c:16:aa:90:87:d2:e9:f7:d8:fe:3f:1c:3d:7f:22:
97:66:1d:e9:29:80:77:1f:84:9a:8f:1b:0a:b5:be:9d:9c:10:
bf:53:09:61:79:e4:4b:cc:42:2c:e3:c6:23:bb:ad:62:70:38:
16:ea:0b:ad:fb:20:55:72:17:1f:4a:d0:ca:f8:31:07:71:ba:
89:13:7a:83:7c:14:3a:f8:f6:17:86:02:2f:88:c3:28:72:74:
62:60:a3:08:d5:a2:fe:b6:1e:df:76:cd:6e:d5:27:75:ff:f2:
21:bc:ca:65:b6:66:0d:c2:c3:4c:8b:57:1a:9a:cc:f0:91:00:
bd:c2:e7:ba:c3:3f:e8:04:16:e5:9b:0f:2a:94:ea:1e:16:27:
23:a3:38:50:d4:89:1b:8e:1b:5a:10:d9:a6:a9:43:fd:64:b6:
b5:50:60:e7:68:4c:da:be:b6:52:aa:c9:a1:49:0e:35:e1:c8:
49:52:41:d6:0b:d0:91:66:e4:49:54:9d:a4:25:fd:66:5c:62:
73:a8:97:20:c9:66:36:cb:39:d1:ea:85:25:2b:4e:c1:64:6c:
8d:97:67:2d:b1:d7:82:44:60:ec:f0:3f:8a:75:c7:f0:99:a3:
e3:99:48:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvJdvC3zTly9anEazOasZ80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYjZkMGUwMDcyZDBjYWIyOWJmYTg3MzdkZTJhNTNlNTE0
MTgyNzYwHhcNMjMxMTEzMTYxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjlkZTRmYmI1OTNjNmEyMTZhNTIyM2UxOGY5Y2MzMTI1Nzc3M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj2N8oofJ9tDUudfOLK1UwJnm643
OPYLvBYNuaNvwRtYyklGS5KB00NcRo1Ng0k7ELJ+9aSm5baGsvlkJk/1AzotsTZW
IUoRK8QI3Z3l+JHItyh2b9uqZOE0zCGTgjAPchKVBBn9NxyfxQ1U6fSrcM8JEPr+
EE0ye5tGRIQS6/Dqw3V+iZplI7EdjR/ivHpAGnrPBNIbgQrJm3/3hpWxtdxFo28e
htlOi2Jx1LyZ52hBruHUQp7PQSS6l753kK0VVZR6vE9g4OBZG0PLz+yBq12snvBQ
vlzUIzzg0EF/YROdTiEp3IW3wQkYDbv+38auyy9w+UVd4LDnqze2cAgbHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN+d5Pu1k8aiFqUiPhj5zDEld3OyMB8GA1UdIwQY
MBaAFHG20OAHLQyrKb+oc33ipT5RQYJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYt
YjFmY2YzODk2OTk5LzEvMzUzay03V1R4cUlXcFNJLUdQbk1NU1YzYzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYtYjFmY2YzODk2OTk5
LzEvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVfAMA0G
CSqGSIb3DQEBCwUAA4IBAQAzGCQ3v4YxAQ7VI866FCTs9AhcJwmMFqqQh9Lp99j+
Pxw9fyKXZh3pKYB3H4SajxsKtb6dnBC/UwlheeRLzEIs48Yju61icDgW6gut+yBV
chcfStDK+DEHcbqJE3qDfBQ6+PYXhgIviMMocnRiYKMI1aL+th7fds1u1Sd1//Ih
vMpltmYNwsNMi1camszwkQC9wue6wz/oBBblmw8qlOoeFicjozhQ1IkbjhtaENmm
qUP9ZLa1UGDnaEzavrZSqsmhSQ414chJUkHWC9CRZuRJVJ2kJf1mXGJzqJcgyWY2
yznR6oUlK07BZGyNl2ctsdeCRGDs8D+KdcfwmaPjmUjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:25 2024 by rpki-client on console-ams.rpki-client.org