Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ae859OLe2D341nQorEpbwsWbYTA.roa
File: ae859OLe2D341nQorEpbwsWbYTA.roa (raw, json)
Hash identifier: sz6AtyUxtB3Z0ErBNom8YXBBpjhfCj5lMgCjNViG1t8=
Subject key identifier: 69:EF:39:F4:E2:DE:D8:3D:F8:D6:74:28:AC:4A:5B:C2:C5:9B:61:30
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018F7B453B0C32363F53705CA209FB54F014
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ae859OLe2D341nQorEpbwsWbYTA.roa
Signing time: Wed 15 May 2024 08:01:25 +0000
ROA not before: Wed 15 May 2024 08:01:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56322
IP address blocks: 45.144.172.0/24 maxlen: 24
86.107.101.0/24 maxlen: 24
89.45.44.0/24 maxlen: 24
93.113.57.0/24 maxlen: 24
94.177.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7b:45:3b:0c:32:36:3f:53:70:5c:a2:09:fb:54:f0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 15 08:01:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ef39f4e2ded83df8d67428ac4a5bc2c59b6130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:42:a5:20:d7:2f:bd:5d:9b:ed:f6:62:b0:d2:
6d:9f:89:4c:44:2f:fb:be:35:f8:c4:92:a8:1d:f6:
7a:29:21:9e:cb:d4:14:aa:ae:b9:76:36:ed:72:3f:
a6:ce:1f:c7:35:19:3e:c0:cd:e0:05:d4:37:b7:76:
7c:1c:b9:a6:00:df:23:ff:1a:db:2e:dd:d1:66:50:
15:e8:31:55:b0:fe:97:0f:3c:11:45:c6:67:f3:ec:
67:3d:8f:b8:cc:89:18:b6:1b:51:35:23:8d:8b:30:
51:81:b4:22:8a:0d:ec:4f:16:de:e0:25:f8:21:ad:
44:c1:78:11:ca:af:49:12:2f:51:94:a6:6a:e9:d4:
ab:3e:36:ae:83:b1:97:07:1e:1a:d0:2a:a0:aa:b1:
fb:48:5e:cf:d9:f9:3a:d4:57:75:64:a9:0e:5b:af:
85:91:15:fc:57:1b:30:7c:37:61:ee:07:3f:dd:1f:
97:d5:24:34:62:5c:52:fa:7e:9b:ce:82:d1:43:cf:
79:ac:aa:b5:83:81:c4:7a:59:74:0b:e4:77:d3:f4:
fe:e0:e6:f6:33:85:03:b3:3d:92:0a:d9:7e:fd:ad:
21:98:ca:b8:29:e4:c9:f0:4f:a9:5b:b9:95:a0:b6:
6e:18:21:80:13:77:6d:aa:6f:79:f5:b8:05:c1:79:
7d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EF:39:F4:E2:DE:D8:3D:F8:D6:74:28:AC:4A:5B:C2:C5:9B:61:30
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ae859OLe2D341nQorEpbwsWbYTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.172.0/24
86.107.101.0/24
89.45.44.0/24
93.113.57.0/24
94.177.147.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6d:bb:34:34:64:c8:c8:8f:55:56:e6:4b:79:f7:e6:ee:ed:
9d:36:47:03:2b:e6:a2:55:c1:e7:b7:30:6e:a6:53:6f:ab:6c:
aa:8b:f9:36:03:26:e3:09:6d:39:6a:8e:50:16:a3:4c:bf:d2:
0a:49:12:12:a9:3c:67:6b:d5:75:b0:42:13:97:b2:4e:f7:ed:
a6:cf:3f:ab:3c:62:76:9d:5b:45:55:a7:ed:ee:85:58:ed:97:
35:12:73:25:b4:45:8e:10:9a:18:96:61:5e:3b:3a:c2:31:0d:
c8:77:5c:9d:0e:a7:f8:41:87:b2:b6:0b:d7:9d:80:c1:70:46:
ff:a4:e9:8d:b3:4f:b5:8b:96:0d:f0:90:d2:c3:d6:ed:7d:45:
38:bb:7c:a9:c2:20:66:7e:f2:ff:11:a2:89:79:31:55:0c:67:
5c:05:54:66:09:f6:f2:0c:19:3e:b7:71:d1:39:1a:6a:35:57:
e9:b5:19:fd:5f:a1:1a:16:77:3b:f4:4b:07:e1:26:4c:4a:cd:
36:f2:38:eb:ef:71:93:4a:8d:61:72:6d:fe:af:c2:c8:23:7f:
ad:26:d4:cc:a9:2e:53:6f:c7:55:3c:94:39:9b:a1:10:3f:d3:
6e:70:d0:e6:74:e1:2a:b7:e5:07:68:5e:e6:13:96:5f:28:fb:
4b:6d:9b:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY97RTsMMjY/U3Bcogn7VPAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNTE1MDgwMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVmMzlmNGUyZGVkODNkZjhkNjc0MjhhYzRhNWJjMmM1OWI2MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EKlINcvvV2b7fZisNJtn4lMRC/7
vjX4xJKoHfZ6KSGey9QUqq65djbtcj+mzh/HNRk+wM3gBdQ3t3Z8HLmmAN8j/xrb
Lt3RZlAV6DFVsP6XDzwRRcZn8+xnPY+4zIkYthtRNSONizBRgbQiig3sTxbe4CX4
Ia1EwXgRyq9JEi9RlKZq6dSrPjaug7GXBx4a0CqgqrH7SF7P2fk61Fd1ZKkOW6+F
kRX8VxswfDdh7gc/3R+X1SQ0YlxS+n6bzoLRQ895rKq1g4HEell0C+R30/T+4Ob2
M4UDsz2SCtl+/a0hmMq4KeTJ8E+pW7mVoLZuGCGAE3dtqm959bgFwXl9cQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGnvOfTi3tg9+NZ0KKxKW8LFm2EwMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYWU4NTlPTGUyRDM0MW5Rb3JFcGJ3c1diWVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZCsAwQA
VmtlAwQAWS0sAwQAXXE5AwQAXrGTMA0GCSqGSIb3DQEBCwUAA4IBAQBhbbs0NGTI
yI9VVuZLeffm7u2dNkcDK+aiVcHntzBuplNvq2yqi/k2AybjCW05ao5QFqNMv9IK
SRISqTxna9V1sEITl7JO9+2mzz+rPGJ2nVtFVaft7oVY7Zc1EnMltEWOEJoYlmFe
OzrCMQ3Id1ydDqf4QYeytgvXnYDBcEb/pOmNs0+1i5YN8JDSw9btfUU4u3ypwiBm
fvL/EaKJeTFVDGdcBVRmCfbyDBk+t3HRORpqNVfptRn9X6EaFnc79EsH4SZMSs02
8jjr73GTSo1hcm3+r8LII3+tJtTMqS5Tb8dVPJQ5m6EQP9NucNDmdOEqt+UHaF7m
E5ZfKPtLbZvM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org