Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VP4CvUbS5CF6KJYLmlEmvoS5gH8.roa
File: VP4CvUbS5CF6KJYLmlEmvoS5gH8.roa (raw, json)
Hash identifier: my/wZK9j2sj291UXG/XWhimtiZhwOOMVKcnHTN/uBuI=
Subject key identifier: 54:FE:02:BD:46:D2:E4:21:7A:28:96:0B:9A:51:26:BE:84:B9:80:7F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018EA9A7DC4BBD43B8FD1863B9FD9B38A0CE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VP4CvUbS5CF6KJYLmlEmvoS5gH8.roa
Signing time: Thu 04 Apr 2024 15:08:54 +0000
ROA not before: Thu 04 Apr 2024 15:08:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
45.150.32.0/22 maxlen: 22
64.137.51.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 00:43:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:a7:dc:4b:bd:43:b8:fd:18:63:b9:fd:9b:38:a0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 4 15:08:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54fe02bd46d2e4217a28960b9a5126be84b9807f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:bc:58:cd:26:18:40:b7:bf:ae:e0:ef:67:
3f:f7:90:77:70:95:d2:79:c3:cc:f1:66:da:3e:b6:
55:55:a0:52:2a:36:0a:1e:a8:a2:2b:8f:97:ed:b8:
74:3a:8d:17:1c:31:0b:65:c3:53:46:fa:91:fe:82:
e0:0d:da:61:b4:a4:49:06:36:68:8f:db:ad:73:5d:
65:f7:88:38:c2:56:fa:eb:70:03:c0:6e:17:2d:8b:
d8:29:f0:5d:e3:63:ce:33:7e:6d:5c:e1:7a:9f:66:
e0:a0:4c:75:e0:68:ae:dd:64:36:27:4b:09:95:ae:
63:94:98:c1:b3:64:0e:52:36:f8:16:eb:91:c8:2a:
b4:c4:d9:cc:47:da:24:4c:c4:a2:e8:f6:6c:cc:c8:
13:03:c6:aa:eb:51:af:9f:64:66:58:f9:fb:2d:1a:
80:9a:dd:ca:f6:37:c2:8a:f4:71:ba:22:c6:7c:7b:
ad:52:d8:30:da:5d:cd:43:d6:aa:18:df:0d:e7:87:
5f:45:93:4b:6e:ed:c9:47:6e:c8:ed:a2:cc:96:b6:
3c:a5:e9:2d:80:66:a3:af:67:95:4b:d2:44:93:86:
37:c2:fa:5a:d7:2f:1e:35:39:98:7e:bd:63:19:c4:
ee:d8:76:e9:72:aa:1e:55:bf:e3:9e:bf:ff:25:01:
4a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FE:02:BD:46:D2:E4:21:7A:28:96:0B:9A:51:26:BE:84:B9:80:7F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VP4CvUbS5CF6KJYLmlEmvoS5gH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
45.150.32.0/22
64.137.51.0/24
204.52.112.0/24
Signature Algorithm: sha256WithRSAEncryption
06:e2:94:55:e4:c5:6a:ac:e9:ac:2f:ea:b4:7a:40:49:be:3c:
cb:a3:25:06:14:db:c4:3c:1d:54:3d:d4:0e:89:49:04:c6:c8:
4e:24:30:e8:fa:f1:0a:e8:2c:7c:a9:18:35:55:e2:47:4b:10:
00:36:66:18:d6:ac:90:35:6c:cb:82:99:92:cf:e0:64:24:a3:
f2:e7:7b:70:f9:03:01:32:e1:74:40:ae:cb:59:1e:9c:ed:f8:
21:77:b0:ba:c0:7d:20:38:f6:ca:fa:4e:33:e1:ec:e1:39:2d:
86:80:b0:bd:a5:4d:85:bb:97:ac:10:eb:69:19:47:64:cb:c0:
9e:0f:24:5c:7d:ab:80:22:4e:0b:fc:86:37:53:f0:94:5d:77:
2d:f6:b0:71:fe:1c:f9:77:bb:b2:c6:dc:41:de:3e:f3:3c:71:
db:ab:75:9f:1b:0f:39:14:b4:0e:a4:0c:76:1f:e5:5d:84:a6:
d3:42:9c:22:8b:07:27:01:5b:e4:58:7c:1c:e6:61:c6:2e:94:
86:f7:ea:88:75:ec:16:5a:cf:e4:88:4d:20:b7:a8:04:8f:13:
25:56:48:1b:a4:2f:28:05:5e:79:b3:e5:a7:d3:7d:e3:1c:eb:
55:c9:ca:cd:5e:72:61:de:a8:aa:a5:d7:42:01:f7:97:57:f5:
97:c4:6f:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6pp9xLvUO4/Rhjuf2bOKDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDA0MTUwODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGZlMDJiZDQ2ZDJlNDIxN2EyODk2MGI5YTUxMjZiZTg0Yjk4MDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaS8WM0mGEC3v67g72c/95B3cJXS
ecPM8WbaPrZVVaBSKjYKHqiiK4+X7bh0Oo0XHDELZcNTRvqR/oLgDdphtKRJBjZo
j9utc11l94g4wlb663ADwG4XLYvYKfBd42POM35tXOF6n2bgoEx14Giu3WQ2J0sJ
la5jlJjBs2QOUjb4FuuRyCq0xNnMR9okTMSi6PZszMgTA8aq61Gvn2RmWPn7LRqA
mt3K9jfCivRxuiLGfHutUtgw2l3NQ9aqGN8N54dfRZNLbu3JR27I7aLMlrY8pekt
gGajr2eVS9JEk4Y3wvpa1y8eNTmYfr1jGcTu2HbpcqoeVb/jnr//JQFKrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFT+Ar1G0uQheiiWC5pRJr6EuYB/MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVlA0Q3ZVYlM1Q0Y2S0pZTG1sRW12b1M1Z0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSulAwQC
LZYgAwQAQIkzAwQAzDRwMA0GCSqGSIb3DQEBCwUAA4IBAQAG4pRV5MVqrOmsL+q0
ekBJvjzLoyUGFNvEPB1UPdQOiUkExshOJDDo+vEK6Cx8qRg1VeJHSxAANmYY1qyQ
NWzLgpmSz+BkJKPy53tw+QMBMuF0QK7LWR6c7fghd7C6wH0gOPbK+k4z4ezhOS2G
gLC9pU2Fu5esEOtpGUdky8CeDyRcfauAIk4L/IY3U/CUXXct9rBx/hz5d7uyxtxB
3j7zPHHbq3WfGw85FLQOpAx2H+VdhKbTQpwiiwcnAVvkWHwc5mHGLpSG9+qIdewW
Ws/kiE0gt6gEjxMlVkgbpC8oBV55s+Wn033jHOtVycrNXnJh3qiqpddCAfeXV/WX
xG8o
-----END CERTIFICATE-----
Generated at Thu Apr 18 03:14:39 2024 by rpki-client on console-fra.rpki-client.org