Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/f-eCsdB940OCOE_XTaOcMKGyZkY.roa
File: f-eCsdB940OCOE_XTaOcMKGyZkY.roa (raw, json)
Hash identifier: WgId7cc42MHfkra7tX7ggsvxN+ecxGXzXlrROQSrjJ8=
Subject key identifier: 7F:E7:82:B1:D0:7D:E3:43:82:38:4F:D7:4D:A3:9C:30:A1:B2:66:46
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB849B42F4B75999AE55637D529323C
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/f-eCsdB940OCOE_XTaOcMKGyZkY.roa
Signing time: Sun 01 Jan 2023 09:44:54 +0000
ROA not before: Sun 01 Jan 2023 09:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31629
IP address blocks: 81.255.154.0/23 maxlen: 24
81.255.154.0/24 maxlen: 24
81.255.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:49:b4:2f:4b:75:99:9a:e5:56:37:d5:29:32:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fe782b1d07de34382384fd74da39c30a1b26646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:b8:7b:7a:a2:99:3c:6f:fd:75:28:86:cc:
1d:4f:de:21:d8:b3:4d:96:19:fe:0d:00:ac:43:56:
fc:cf:63:e8:93:37:fd:28:84:44:46:4f:a6:80:2f:
d4:a9:72:be:1b:8a:25:38:fc:e3:cd:cf:11:ac:ce:
35:2d:4d:08:53:4d:ca:20:ab:ff:33:2d:cb:51:50:
9b:a1:92:4f:64:32:07:23:eb:08:4b:55:c7:53:ce:
4b:d7:d8:d8:30:de:7f:60:fc:ee:66:d3:e7:08:2d:
a6:f9:8a:39:39:92:78:3a:72:26:af:e2:a3:8f:c2:
a1:89:cf:e7:63:17:93:d7:2e:e9:82:7a:a5:53:ed:
ba:9d:1f:dd:d6:82:01:9d:5d:66:b6:12:f0:95:94:
94:17:98:f4:02:ca:15:c5:f2:56:12:82:78:1e:d4:
4b:83:41:11:ba:b9:8e:47:d3:a6:28:65:b4:d3:3b:
80:62:60:2f:55:39:08:04:10:5e:8b:98:90:9d:c7:
69:e9:ff:5e:e3:25:bd:de:84:ed:c8:d1:7f:d1:07:
12:7f:a7:46:b6:06:f3:8d:7f:4a:44:1b:f0:28:d0:
70:2d:47:8a:18:c8:80:0d:cc:06:f7:1c:57:4c:32:
d2:9f:2f:39:0b:19:4c:5b:2b:97:68:9d:97:a3:53:
3a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E7:82:B1:D0:7D:E3:43:82:38:4F:D7:4D:A3:9C:30:A1:B2:66:46
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/f-eCsdB940OCOE_XTaOcMKGyZkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.154.0/23
Signature Algorithm: sha256WithRSAEncryption
45:71:17:45:43:38:79:d4:7d:eb:c6:6b:95:cf:33:88:9b:c4:
56:b7:3d:ad:57:ed:80:2d:b5:15:ed:9c:1a:59:a1:01:f8:6b:
dc:53:45:11:3d:38:9b:ba:f6:0a:43:ea:5b:f3:52:83:3d:79:
64:8d:70:57:9e:d5:ca:b8:6c:ee:b9:b2:89:83:49:9d:46:54:
0e:36:58:d8:34:48:00:c2:a0:a8:41:8b:8f:a5:0e:4e:83:97:
c9:21:87:9b:05:30:82:09:3c:70:cd:70:68:4f:1a:57:bc:de:
61:f2:a9:d2:52:e3:04:a3:37:c0:8a:d2:82:38:18:8f:80:3c:
90:78:ce:06:72:07:77:f1:cb:83:a6:21:88:53:46:32:eb:ac:
a0:fe:59:e6:ff:79:87:e4:51:3f:03:d7:b9:cd:c2:20:b0:e8:
74:ca:7b:f0:c6:b0:08:0e:95:09:22:7b:32:9a:28:70:3d:6e:
98:08:de:5d:7f:b1:35:79:b9:cf:0f:0c:01:ae:59:55:de:14:
74:22:07:cd:d4:79:0c:0c:f9:d4:46:36:d1:74:24:79:f6:38:
96:52:54:f6:cf:40:fd:bc:3c:76:bc:22:1c:ac:2c:f1:e1:d0:
ac:7c:cd:3c:b7:0e:55:2d:68:0d:bb:11:2c:fc:d0:3f:29:a3:
d6:48:d8:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuEm0L0t1mZrlVjfVKTI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU3ODJiMWQwN2RlMzQzODIzODRmZDc0ZGEzOWMzMGExYjI2NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+m4e3qimTxv/XUohswdT94h2LNN
lhn+DQCsQ1b8z2Pokzf9KIRERk+mgC/UqXK+G4olOPzjzc8RrM41LU0IU03KIKv/
My3LUVCboZJPZDIHI+sIS1XHU85L19jYMN5/YPzuZtPnCC2m+Yo5OZJ4OnImr+Kj
j8Khic/nYxeT1y7pgnqlU+26nR/d1oIBnV1mthLwlZSUF5j0AsoVxfJWEoJ4HtRL
g0ERurmOR9OmKGW00zuAYmAvVTkIBBBei5iQncdp6f9e4yW93oTtyNF/0QcSf6dG
tgbzjX9KRBvwKNBwLUeKGMiADcwG9xxXTDLSny85CxlMWyuXaJ2Xo1M6FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/ngrHQfeNDgjhP102jnDChsmZGMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZi1lQ3NkQjk0ME9DT0VfWFRhT2NNS0d5WmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUf+aMA0G
CSqGSIb3DQEBCwUAA4IBAQBFcRdFQzh51H3rxmuVzzOIm8RWtz2tV+2ALbUV7Zwa
WaEB+GvcU0URPTibuvYKQ+pb81KDPXlkjXBXntXKuGzuubKJg0mdRlQONljYNEgA
wqCoQYuPpQ5Og5fJIYebBTCCCTxwzXBoTxpXvN5h8qnSUuMEozfAitKCOBiPgDyQ
eM4Gcgd38cuDpiGIU0Yy66yg/lnm/3mH5FE/A9e5zcIgsOh0ynvwxrAIDpUJInsy
mihwPW6YCN5df7E1ebnPDwwBrllV3hR0IgfN1HkMDPnURjbRdCR59jiWUlT2z0D9
vDx2vCIcrCzx4dCsfM08tw5VLWgNuxEs/NA/KaPWSNjv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:19 2024 by rpki-client on console-ams.rpki-client.org