Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/H8I6ykajoQ6hiVdsR2fKS1Een4Q.roa
File: H8I6ykajoQ6hiVdsR2fKS1Een4Q.roa (raw, json)
Hash identifier: 9KshZms5nVbO0i4kToX/jR1EhPcmKzUxG3fyYCoxBp0=
Subject key identifier: 1F:C2:3A:CA:46:A3:A1:0E:A1:89:57:6C:47:67:CA:4B:51:1E:9F:84
Certificate issuer: /CN=6d8e0e7e86775b415d3d5780ce4cfec0c859189c
Certificate serial: 01856EC2389EF2A78ED02124A834161BF13E
Authority key identifier: 6D:8E:0E:7E:86:77:5B:41:5D:3D:57:80:CE:4C:FE:C0:C8:59:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/H8I6ykajoQ6hiVdsR2fKS1Een4Q.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212976
IP address blocks: 185.45.255.0/24 maxlen: 24
185.45.254.0/24 maxlen: 24
185.45.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:38:9e:f2:a7:8e:d0:21:24:a8:34:16:1b:f1:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d8e0e7e86775b415d3d5780ce4cfec0c859189c
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fc23aca46a3a10ea189576c4767ca4b511e9f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:39:4b:ef:63:8b:dd:e0:2c:25:02:63:ec:03:
16:7f:d8:67:3d:aa:4c:01:5b:b2:55:ad:7a:27:5a:
2c:e5:31:80:75:1d:a4:fb:1c:7c:92:bb:8e:f7:a7:
76:34:9b:05:91:f4:6f:29:f4:62:b8:a7:d8:94:3f:
fb:0f:40:dd:de:f8:93:2a:e5:5d:4e:9c:7b:ac:10:
5b:19:96:34:41:cf:04:79:d1:38:d8:0d:c5:cf:5a:
bf:0e:c0:ae:3e:d6:83:a1:9d:59:f7:bb:d3:56:41:
5c:06:c4:23:a1:80:f6:f7:ed:ee:ab:ee:d0:19:2e:
ae:78:31:a5:4f:19:10:1c:1e:12:6c:ec:06:13:93:
34:aa:49:ea:17:56:0c:be:d7:e1:5a:88:7c:d8:9e:
8b:7f:29:d9:85:88:79:0b:e5:ef:43:33:5b:d0:cc:
52:0e:19:b3:e4:64:41:a6:06:df:cc:de:22:1a:48:
aa:e3:a0:a7:75:51:b4:05:22:16:d2:71:68:ca:c0:
92:39:e9:37:ee:e4:8a:7e:15:1b:3d:16:ac:c9:e6:
7c:a8:bb:4a:dd:e1:a2:1a:f3:28:b4:2b:44:0e:5d:
26:8c:cb:3b:a1:fa:b7:0d:79:97:7b:f2:61:24:c8:
56:dc:75:90:6c:ce:06:97:f3:16:bb:81:de:81:9c:
70:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C2:3A:CA:46:A3:A1:0E:A1:89:57:6C:47:67:CA:4B:51:1E:9F:84
X509v3 Authority Key Identifier:
keyid:6D:8E:0E:7E:86:77:5B:41:5D:3D:57:80:CE:4C:FE:C0:C8:59:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/H8I6ykajoQ6hiVdsR2fKS1Een4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/056235-df36-4870-8746-ae5f4c12de79/1/bY4OfoZ3W0FdPVeAzkz-wMhZGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.254.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:26:4e:f2:d2:b3:3f:9f:65:ae:11:60:61:df:69:d8:17:85:
f8:53:3b:ed:2c:74:47:50:33:7f:d3:65:a3:7d:4d:97:f4:90:
13:f4:cd:f1:3a:d3:f6:64:23:ba:0e:99:e4:76:f0:a2:5c:f7:
cd:8b:a6:3f:a6:35:fc:78:e9:31:9c:81:41:19:08:b9:1e:07:
09:e0:1d:fc:1c:53:bb:55:83:5a:f2:b3:67:11:59:74:e0:68:
47:7f:a2:36:b5:5f:15:5f:20:75:c5:3d:10:2e:16:80:66:51:
ac:2e:14:4d:90:5d:0e:29:0b:fc:03:de:89:9d:cf:83:a0:e1:
26:f1:86:ae:5f:dd:79:87:09:18:32:65:7c:ab:50:ae:65:66:
1c:e3:17:24:13:e5:ac:ac:d3:88:4e:19:0f:90:50:d5:26:bd:
de:c5:9a:21:75:d1:96:a4:40:88:58:7d:60:25:52:18:ff:6c:
d7:38:00:09:ef:da:85:4f:cc:b1:99:16:d2:62:46:06:6e:0b:
40:5b:de:22:3b:e5:ba:cc:25:62:47:3b:88:b7:b6:30:aa:33:
8a:9e:61:b1:85:55:44:f0:e4:5c:7b:5c:15:ce:2a:a8:3f:7a:
4a:4e:e4:0f:b7:d9:e6:8d:c8:3a:7e:d1:62:ac:2e:b8:72:18:
ce:f2:02:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwjie8qeO0CEkqDQWG/E+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOGUwZTdlODY3NzViNDE1ZDNkNTc4MGNlNGNmZWMwYzg1
OTE4OWMwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmMyM2FjYTQ2YTNhMTBlYTE4OTU3NmM0NzY3Y2E0YjUxMWU5Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijlL72OL3eAsJQJj7AMWf9hnPapM
AVuyVa16J1os5TGAdR2k+xx8kruO96d2NJsFkfRvKfRiuKfYlD/7D0Dd3viTKuVd
Tpx7rBBbGZY0Qc8EedE42A3Fz1q/DsCuPtaDoZ1Z97vTVkFcBsQjoYD29+3uq+7Q
GS6ueDGlTxkQHB4SbOwGE5M0qknqF1YMvtfhWoh82J6LfynZhYh5C+XvQzNb0MxS
Dhmz5GRBpgbfzN4iGkiq46CndVG0BSIW0nFoysCSOek37uSKfhUbPRasyeZ8qLtK
3eGiGvMotCtEDl0mjMs7ofq3DXmXe/JhJMhW3HWQbM4Gl/MWu4HegZxwZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/COspGo6EOoYlXbEdnyktRHp+EMB8GA1UdIwQY
MBaAFG2ODn6Gd1tBXT1XgM5M/sDIWRicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlk0T2ZvWjNXMEZkUFZlQXprei13TWhaR0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8wNTYyMzUtZGYzNi00ODcwLTg3NDYt
YWU1ZjRjMTJkZTc5LzEvSDhJNnlrYWpvUTZoaVZkc1IyZktTMUVlbjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8wNTYyMzUtZGYzNi00ODcwLTg3NDYtYWU1ZjRjMTJkZTc5
LzEvYlk0T2ZvWjNXMEZkUFZlQXprei13TWhaR0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuS3+MA0G
CSqGSIb3DQEBCwUAA4IBAQDCJk7y0rM/n2WuEWBh32nYF4X4UzvtLHRHUDN/02Wj
fU2X9JAT9M3xOtP2ZCO6DpnkdvCiXPfNi6Y/pjX8eOkxnIFBGQi5HgcJ4B38HFO7
VYNa8rNnEVl04GhHf6I2tV8VXyB1xT0QLhaAZlGsLhRNkF0OKQv8A96Jnc+DoOEm
8YauX915hwkYMmV8q1CuZWYc4xckE+WsrNOIThkPkFDVJr3exZohddGWpECIWH1g
JVIY/2zXOAAJ79qFT8yxmRbSYkYGbgtAW94iO+W6zCViRzuIt7YwqjOKnmGxhVVE
8ORce1wVziqoP3pKTuQPt9nmjcg6ftFirC64chjO8gIV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:30 2024 by rpki-client on console-fra.rpki-client.org