Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i6BaS2BJnKD4f-z_3_oh257k6n0.roa
File: i6BaS2BJnKD4f-z_3_oh257k6n0.roa (raw, json)
Hash identifier: KCGh1/+Vade6tqSmb5VGgrfdj/JN2w91LnjolkZNI0E=
Subject key identifier: 8B:A0:5A:4B:60:49:9C:A0:F8:7F:EC:FF:DF:FA:21:DB:9E:E4:EA:7D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018F2B24CB34C4CF84773AF6ED8D397BCEC2
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i6BaS2BJnKD4f-z_3_oh257k6n0.roa
Signing time: Mon 29 Apr 2024 18:36:22 +0000
ROA not before: Mon 29 Apr 2024 18:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215391
IP address blocks: 45.43.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 13:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2b:24:cb:34:c4:cf:84:77:3a:f6:ed:8d:39:7b:ce:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 29 18:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba05a4b60499ca0f87fecffdffa21db9ee4ea7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2c:d2:39:80:16:69:cd:40:4c:37:ec:1e:2c:
a4:7f:11:1e:15:d7:d6:9f:92:82:96:53:ce:e8:28:
90:b7:27:9e:2d:83:4b:34:91:2f:29:ea:a2:7b:e2:
b3:dd:53:a4:54:70:96:bc:7e:29:0f:f4:c1:16:f0:
bd:23:29:2d:a7:73:c5:35:c3:3e:9f:1c:72:c6:9b:
07:6f:cc:ec:34:b8:bf:b2:3c:4b:d5:c6:67:cf:62:
d1:b7:d1:6f:45:29:24:f7:a0:87:ff:5e:3c:36:37:
06:3c:07:4e:09:0c:2a:75:d2:b4:26:4c:ef:2e:67:
db:2a:e4:04:b6:40:b8:a7:18:f2:b6:ca:34:48:7a:
97:4e:a3:80:da:de:f5:d6:c8:43:08:7b:d5:5c:2e:
3a:15:31:5e:8b:4e:8b:31:2f:b9:7a:5b:56:ab:62:
50:cf:67:ae:e6:a0:ef:26:fe:5d:8f:01:f3:36:e4:
20:a7:21:71:c4:6b:22:b4:cc:b2:8a:88:af:21:fe:
d5:43:78:e8:a1:d9:56:12:d8:30:cd:7c:72:60:5d:
56:55:3d:97:ad:32:24:91:6e:21:3d:2a:23:86:2d:
3d:5d:3e:86:47:37:c3:7e:c2:0b:20:16:55:ef:e4:
ac:42:54:9a:08:69:e9:dc:88:ce:0e:c9:d2:81:92:
70:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A0:5A:4B:60:49:9C:A0:F8:7F:EC:FF:DF:FA:21:DB:9E:E4:EA:7D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/i6BaS2BJnKD4f-z_3_oh257k6n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.143.0/24
Signature Algorithm: sha256WithRSAEncryption
10:59:bd:07:f6:1a:43:f7:54:8c:ce:0c:2b:7b:ac:43:7a:14:
c9:c0:e3:a0:74:b0:11:14:ec:dd:28:1d:23:c8:da:c8:f1:a6:
35:1d:55:c7:f1:f7:cf:21:ea:db:10:95:2f:bb:00:b6:6d:a5:
83:d0:e0:18:39:04:1a:a6:20:88:53:af:76:1d:3d:e7:54:4f:
3b:7a:a9:79:bb:9c:70:16:bb:12:33:46:df:42:bf:5d:4f:d9:
c4:b5:b3:6c:f0:5f:c8:57:c1:1a:3d:88:6c:98:9a:3e:31:93:
3e:0c:98:92:43:bb:21:89:fa:ee:97:20:00:10:cc:f8:e4:22:
3c:ea:ef:39:71:ef:36:74:b9:45:d2:8a:bc:3f:50:53:2d:6f:
18:2b:58:1c:fb:d7:89:ff:74:42:4f:f6:d8:df:d5:00:13:db:
c3:51:64:8d:e6:2a:65:42:ce:4e:20:f4:7e:09:b5:84:dc:41:
b9:ea:c5:f0:bd:6a:0e:01:f7:b1:a3:6a:d8:02:c0:74:f4:f0:
97:f4:eb:79:63:9e:47:e3:ba:db:a9:b3:7f:07:75:29:0e:27:
53:a9:c5:e3:42:8c:3c:66:51:fa:f5:8e:09:5f:9c:c8:40:4e:
9e:32:90:33:b9:ee:c6:4f:fd:56:ef:15:fe:06:00:f4:1a:3c:
73:a1:b1:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8rJMs0xM+Edzr27Y05e87CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDI5MTgzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmEwNWE0YjYwNDk5Y2EwZjg3ZmVjZmZkZmZhMjFkYjllZTRlYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCzSOYAWac1ATDfsHiykfxEeFdfW
n5KCllPO6CiQtyeeLYNLNJEvKeqie+Kz3VOkVHCWvH4pD/TBFvC9Iyktp3PFNcM+
nxxyxpsHb8zsNLi/sjxL1cZnz2LRt9FvRSkk96CH/148NjcGPAdOCQwqddK0Jkzv
LmfbKuQEtkC4pxjytso0SHqXTqOA2t711shDCHvVXC46FTFei06LMS+5eltWq2JQ
z2eu5qDvJv5djwHzNuQgpyFxxGsitMyyioivIf7VQ3joodlWEtgwzXxyYF1WVT2X
rTIkkW4hPSojhi09XT6GRzfDfsILIBZV7+SsQlSaCGnp3IjODsnSgZJwoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIugWktgSZyg+H/s/9/6Idue5Op9MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaTZCYVMyQkpuS0Q0Zi16XzNfb2gyNTdrNm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALSuPMA0G
CSqGSIb3DQEBCwUAA4IBAQAQWb0H9hpD91SMzgwre6xDehTJwOOgdLARFOzdKB0j
yNrI8aY1HVXH8ffPIerbEJUvuwC2baWD0OAYOQQapiCIU692HT3nVE87eql5u5xw
FrsSM0bfQr9dT9nEtbNs8F/IV8EaPYhsmJo+MZM+DJiSQ7shifrulyAAEMz45CI8
6u85ce82dLlF0oq8P1BTLW8YK1gc+9eJ/3RCT/bY39UAE9vDUWSN5iplQs5OIPR+
CbWE3EG56sXwvWoOAfexo2rYAsB09PCX9Ot5Y55H47rbqbN/B3UpDidTqcXjQow8
ZlH69Y4JX5zIQE6eMpAzue7GT/1W7xX+BgD0GjxzobFo
-----END CERTIFICATE-----
Generated at Tue May 7 17:27:44 2024 by rpki-client on console-fra.rpki-client.org