Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/S5r_g5xlOTZlMEFlUfz_f11JKjk.roa
File: S5r_g5xlOTZlMEFlUfz_f11JKjk.roa (raw, json)
Hash identifier: CNuUz8oT/hX78QZsHE4sCPnJKjy4j8+HMU4hOOrmQUw=
Subject key identifier: 4B:9A:FF:83:9C:65:39:36:65:30:41:65:51:FC:FF:7F:5D:49:2A:39
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01902A8149844DDF1D33A9DD86F037D3C1D8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/S5r_g5xlOTZlMEFlUfz_f11JKjk.roa
Signing time: Tue 18 Jun 2024 08:40:34 +0000
ROA not before: Tue 18 Jun 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
64.137.51.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
216.173.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 07:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:81:49:84:4d:df:1d:33:a9:dd:86:f0:37:d3:c1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 18 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b9aff839c6539366530416551fcff7f5d492a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:a7:71:57:6d:5e:a9:8d:b2:9f:79:57:ad:
40:c4:08:32:f3:47:b9:d3:ce:99:af:9a:d4:f0:93:
82:df:4b:11:b6:9b:9e:7e:2b:84:34:31:71:b4:5d:
79:90:91:04:68:ca:14:2b:b4:a4:cf:d2:25:e1:b8:
bf:d5:ef:97:8d:41:02:5e:c3:83:b6:0d:92:76:61:
bb:a2:03:71:43:0e:d1:b0:78:b0:06:96:de:bb:7b:
f8:3b:d8:6f:ca:fc:16:34:6a:d9:f3:4b:0a:14:e4:
37:83:4f:4c:f9:22:71:a4:af:ec:f8:67:c6:93:fa:
bc:ec:ce:d5:57:37:dd:4c:b8:08:3a:a4:db:ff:52:
c4:20:8b:a9:d9:87:a7:80:5e:36:34:08:f8:d8:bf:
29:e0:ce:9f:7b:8c:b7:fc:0b:78:02:12:1d:85:c4:
8c:90:37:84:25:60:b1:ee:66:f5:d9:5d:ec:48:3d:
76:0e:8e:b7:30:09:2f:10:73:09:02:25:b6:dd:27:
71:c2:7d:7e:8d:3f:40:aa:bb:39:43:d4:2b:55:a2:
da:c8:c6:d4:67:30:91:18:1b:75:f0:c5:e1:32:a1:
c0:d8:7c:bf:7e:3f:d7:b5:67:16:8d:7d:7d:d5:f7:
fb:4e:94:96:22:04:90:a6:57:a0:20:74:4c:15:5f:
1f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9A:FF:83:9C:65:39:36:65:30:41:65:51:FC:FF:7F:5D:49:2A:39
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/S5r_g5xlOTZlMEFlUfz_f11JKjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.51.0/24
204.52.112.0/24
216.173.77.0/24
Signature Algorithm: sha256WithRSAEncryption
58:67:51:23:b1:37:aa:b9:5e:81:d0:4e:0a:8b:aa:10:40:9a:
d5:84:48:37:24:ea:f3:62:49:4f:6e:14:ae:94:c0:fe:34:34:
79:5e:ee:75:99:9c:db:6b:90:94:c2:a9:2c:2b:ec:42:ce:c7:
ab:45:fc:91:b5:67:77:fe:d6:f1:0f:2d:58:81:2f:71:0e:81:
70:32:18:dc:da:26:86:6d:15:93:d4:44:1c:b5:6c:27:c6:3e:
9d:7b:e4:47:0d:1b:61:4f:37:75:72:ee:40:d1:94:24:93:fa:
fe:f0:2c:e0:c9:d9:93:aa:d6:19:a1:87:4e:3f:e6:5f:fc:d5:
aa:f8:3f:6c:0a:1f:ce:b3:bb:90:92:cd:f6:df:ab:af:fd:31:
b8:25:e3:24:49:cc:39:ae:b9:9b:6c:cf:72:b8:e4:c1:a6:62:
12:ab:d0:cc:e0:a2:41:01:19:85:ff:e2:b2:13:d6:f0:a3:7b:
c4:73:25:f8:3f:a8:cd:67:16:52:4c:5c:52:61:11:7a:0b:4f:
d9:2e:41:d4:d0:8a:ab:16:1c:cf:1e:1e:33:42:b9:13:60:ef:
7c:18:80:58:12:24:3a:91:84:3e:fc:a9:db:c9:6a:91:d6:ab:
84:5f:f9:dd:66:37:35:68:68:23:5b:c5:93:ce:ef:e6:ed:95:
81:5a:4a:25
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZAqgUmETd8dM6ndhvA308HYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNjE4MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlhZmY4MzljNjUzOTM2NjUzMDQxNjU1MWZjZmY3ZjVkNDkyYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug+ncVdtXqmNsp95V61AxAgy80e5
086Zr5rU8JOC30sRtpuefiuENDFxtF15kJEEaMoUK7Skz9Il4bi/1e+XjUECXsOD
tg2SdmG7ogNxQw7RsHiwBpbeu3v4O9hvyvwWNGrZ80sKFOQ3g09M+SJxpK/s+GfG
k/q87M7VVzfdTLgIOqTb/1LEIIup2YengF42NAj42L8p4M6fe4y3/At4AhIdhcSM
kDeEJWCx7mb12V3sSD12Do63MAkvEHMJAiW23Sdxwn1+jT9Aqrs5Q9QrVaLayMbU
ZzCRGBt18MXhMqHA2Hy/fj/XtWcWjX191ff7TpSWIgSQplegIHRMFV8faQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEua/4OcZTk2ZTBBZVH8/39dSSo5MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUzVyX2c1eGxPVFpsTUVGbFVmel9mMTFKS2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALSulAwQC
LZYgAwQAQIkzAwQAzDRwAwQA2K1NMA0GCSqGSIb3DQEBCwUAA4IBAQBYZ1EjsTeq
uV6B0E4Ki6oQQJrVhEg3JOrzYklPbhSulMD+NDR5Xu51mZzba5CUwqksK+xCzser
RfyRtWd3/tbxDy1YgS9xDoFwMhjc2iaGbRWT1EQctWwnxj6de+RHDRthTzd1cu5A
0ZQkk/r+8CzgydmTqtYZoYdOP+Zf/NWq+D9sCh/Os7uQks3236uv/TG4JeMkScw5
rrmbbM9yuOTBpmISq9DM4KJBARmF/+KyE9bwo3vEcyX4P6jNZxZSTFxSYRF6C0/Z
LkHU0IqrFhzPHh4zQrkTYO98GIBYEiQ6kYQ+/KnbyWqR1quEX/ndZjc1aGgjW8WT
zu/m7ZWBWkol
-----END CERTIFICATE-----
Generated at Mon Jul 15 08:34:30 2024 by rpki-client on console-fra.rpki-client.org