Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5sSfJRQws7RrMIfntNLkh7t-bYw.roa
File: 5sSfJRQws7RrMIfntNLkh7t-bYw.roa (raw, json)
Hash identifier: XW3eDhO94erzvQrghgB7ISkQOLybrgQbQQ2Hvwdflok=
Subject key identifier: E6:C4:9F:25:14:30:B3:B4:6B:30:87:E7:B4:D2:E4:87:BB:7E:6D:8C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018FE35BE9611D0C420203F0BE09F50006F1
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5sSfJRQws7RrMIfntNLkh7t-bYw.roa
Signing time: Tue 04 Jun 2024 13:06:42 +0000
ROA not before: Tue 04 Jun 2024 13:06:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35751
IP address blocks: 45.10.248.0/22 maxlen: 22
45.95.148.0/22 maxlen: 22
45.129.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 07 Jun 2024 12:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:5b:e9:61:1d:0c:42:02:03:f0:be:09:f5:00:06:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 4 13:06:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6c49f251430b3b46b3087e7b4d2e487bb7e6d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a4:4f:e5:8f:21:9e:dc:92:d5:80:27:69:a1:
bf:e0:ef:84:06:7d:ff:08:ce:96:a1:e8:aa:1f:9e:
db:1b:b6:50:05:f6:ed:b2:d5:ab:70:c2:00:f8:3a:
e2:78:5d:c3:c9:ec:0d:c0:50:ff:52:1e:85:39:ab:
03:c9:d2:e1:c9:9b:89:9a:0e:47:a3:f9:76:2f:2d:
2a:60:47:95:a6:73:47:64:21:43:03:8a:e0:fc:6b:
56:1c:1c:55:1c:f7:d0:07:ed:c2:29:af:4f:e8:90:
fd:78:32:a7:52:09:bf:57:75:4f:55:b0:01:03:b0:
5b:39:30:48:2a:89:1b:ed:9f:ed:38:0e:36:9a:67:
a5:b0:2b:c2:e9:0f:d0:51:c9:74:71:27:02:47:65:
77:4e:d3:a9:7d:1d:f9:a7:4b:62:05:1c:c2:2c:99:
a4:6b:21:ae:f6:18:79:c7:9a:65:b7:47:1d:68:1e:
69:24:81:02:e5:5c:c4:38:32:9d:eb:fc:ee:8f:f4:
72:a1:24:d5:6b:f5:6a:c1:be:58:2e:22:05:3b:0d:
9f:7f:69:8a:b9:6b:b7:e7:92:9f:fb:81:9c:4c:44:
92:f6:16:04:87:96:4d:c7:44:13:78:98:39:e6:dd:
a3:76:0c:06:71:f3:1c:11:b6:fc:34:ce:c9:47:46:
0f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C4:9F:25:14:30:B3:B4:6B:30:87:E7:B4:D2:E4:87:BB:7E:6D:8C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/5sSfJRQws7RrMIfntNLkh7t-bYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.248.0/22
45.95.148.0/22
45.129.4.0/22
Signature Algorithm: sha256WithRSAEncryption
02:88:c8:19:67:63:7e:ab:5c:2c:6f:34:2d:19:a0:58:8f:93:
57:ef:50:19:bf:0f:4d:53:c4:0a:80:ed:8b:44:d1:97:a1:49:
04:75:8b:d2:4d:1b:9a:44:d6:94:05:01:44:e5:71:c9:a3:7a:
b8:e3:2d:3d:9a:48:be:9e:69:64:ab:37:77:38:e0:7e:53:8a:
93:34:0c:4f:e8:4e:65:44:83:6f:6a:e7:7f:ba:34:d3:25:c6:
61:15:91:e8:2a:6e:85:60:30:65:2f:c5:79:5b:66:87:15:e4:
01:15:7d:f8:12:eb:dd:bf:25:dd:52:f3:29:95:ea:ab:56:f2:
7b:6c:4f:10:71:bd:ee:f8:61:67:93:8f:77:5e:87:81:25:31:
ba:89:76:f0:ae:ca:d5:3d:4d:d4:46:40:02:f2:96:60:05:d5:
a1:90:5b:b9:c1:a4:59:f9:05:74:1d:1c:64:a5:08:c6:65:5f:
26:3e:0f:c8:4a:0a:20:95:ce:9d:bc:f0:de:64:4d:4c:ec:7f:
1a:05:63:24:4c:57:e0:7c:e7:c4:08:99:b5:3f:ec:44:c8:a6:
85:53:e5:50:f8:b3:a1:45:1a:33:71:d8:0d:c4:09:d8:0b:ec:
88:f3:c3:bd:91:0f:c0:af:60:9c:4e:09:ae:67:0a:b1:b3:f2:
b0:df:c1:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/jW+lhHQxCAgPwvgn1AAbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNjA0MTMwNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM0OWYyNTE0MzBiM2I0NmIzMDg3ZTdiNGQyZTQ4N2JiN2U2ZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56RP5Y8hntyS1YAnaaG/4O+EBn3/
CM6WoeiqH57bG7ZQBfbtstWrcMIA+DrieF3DyewNwFD/Uh6FOasDydLhyZuJmg5H
o/l2Ly0qYEeVpnNHZCFDA4rg/GtWHBxVHPfQB+3CKa9P6JD9eDKnUgm/V3VPVbAB
A7BbOTBIKokb7Z/tOA42mmelsCvC6Q/QUcl0cScCR2V3TtOpfR35p0tiBRzCLJmk
ayGu9hh5x5plt0cdaB5pJIEC5VzEODKd6/zuj/RyoSTVa/Vqwb5YLiIFOw2ff2mK
uWu355Kf+4GcTESS9hYEh5ZNx0QTeJg55t2jdgwGcfMcEbb8NM7JR0YPJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFObEnyUUMLO0azCH57TS5Ie7fm2MMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNXNTZkpSUXdzN1JyTUlmbnROTGtoN3QtYll3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQr4AwQC
LV+UAwQCLYEEMA0GCSqGSIb3DQEBCwUAA4IBAQACiMgZZ2N+q1wsbzQtGaBYj5NX
71AZvw9NU8QKgO2LRNGXoUkEdYvSTRuaRNaUBQFE5XHJo3q44y09mki+nmlkqzd3
OOB+U4qTNAxP6E5lRINvaud/ujTTJcZhFZHoKm6FYDBlL8V5W2aHFeQBFX34Euvd
vyXdUvMpleqrVvJ7bE8Qcb3u+GFnk493XoeBJTG6iXbwrsrVPU3URkAC8pZgBdWh
kFu5waRZ+QV0HRxkpQjGZV8mPg/ISgoglc6dvPDeZE1M7H8aBWMkTFfgfOfECJm1
P+xEyKaFU+VQ+LOhRRozcdgNxAnYC+yI88O9kQ/Ar2CcTgmuZwqxs/Kw38G6
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:17:22 2024 by rpki-client on console-ams.rpki-client.org