Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/4Lr3Jc31ceFremRY21L9B0gewFs.roa
File: 4Lr3Jc31ceFremRY21L9B0gewFs.roa (raw, json)
Hash identifier: UdU3XkFpm2qkrDVKTA7XyQSwlS2C7n6zhsrJ/FkyR3w=
Subject key identifier: E0:BA:F7:25:CD:F5:71:E1:6B:7A:64:58:DB:52:FD:07:48:1E:C0:5B
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018571956E75DA02F7577776371187A29D4B
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/4Lr3Jc31ceFremRY21L9B0gewFs.roa
Signing time: Mon 02 Jan 2023 08:24:56 +0000
ROA not before: Mon 02 Jan 2023 08:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203952
IP address blocks: 145.15.112.0/24 maxlen: 24
145.15.113.0/24 maxlen: 24
145.15.41.0/24 maxlen: 24
145.15.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:6e:75:da:02:f7:57:77:76:37:11:87:a2:9d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 08:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0baf725cdf571e16b7a6458db52fd07481ec05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b9:14:a9:f9:9b:45:ff:ec:dc:d1:5b:6c:77:
a2:f7:1b:b3:e1:1c:89:d0:48:55:e2:08:ea:80:76:
92:41:8d:78:2e:a8:db:54:50:f3:1b:d5:21:18:7a:
94:fa:e4:b9:22:14:1a:65:62:bf:1f:53:44:97:3c:
98:fa:51:d6:5d:8f:1d:8f:0e:b9:d3:5c:61:4f:7d:
1d:c5:7d:2a:9c:7f:10:03:d2:6d:e3:3b:33:ba:a8:
15:0c:4f:b8:96:98:cd:62:20:b4:ab:90:6a:44:14:
fa:6b:af:56:1c:1d:6e:c7:1d:80:65:ba:36:79:50:
1b:1b:56:bf:f0:88:e4:e8:bc:98:5f:91:1f:0a:b6:
ff:d3:80:e8:11:15:02:d5:8a:55:7e:b6:09:be:c1:
fc:e7:c7:68:e6:9a:ea:8e:4c:5f:1f:ca:41:da:b0:
01:2f:35:bb:03:da:fa:7e:ac:66:4a:6d:33:eb:bd:
9f:0e:a0:72:7b:da:61:46:41:df:b0:8b:5b:e4:2a:
27:ea:73:09:96:20:3a:69:d8:48:bb:e9:1a:b6:87:
64:a9:6d:51:d3:a3:8f:f0:7b:42:a1:50:ab:e1:33:
3b:59:ff:4c:27:5f:b7:42:a2:0f:b4:9d:7b:94:0e:
ed:4f:59:1e:1b:fb:15:44:c4:4c:93:24:2c:f8:be:
84:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BA:F7:25:CD:F5:71:E1:6B:7A:64:58:DB:52:FD:07:48:1E:C0:5B
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/4Lr3Jc31ceFremRY21L9B0gewFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.15.40.0/23
145.15.112.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:8c:f0:5b:25:00:90:40:fc:d5:92:62:db:7c:21:da:c5:23:
86:a9:c0:63:79:ad:9c:2a:6a:f9:5c:7e:31:b5:77:46:a3:9b:
d0:e1:df:e8:1b:7a:59:be:64:03:7b:b7:87:3a:1c:7c:31:db:
13:ba:64:1a:98:af:ea:74:a5:12:22:01:f9:5f:8e:08:18:b0:
60:a1:70:00:30:24:b7:31:6e:e2:26:6b:2a:59:05:56:dd:88:
31:1e:dd:9a:63:2c:a6:6b:11:c7:77:02:4a:b4:3d:7b:1d:53:
73:29:00:44:6b:65:5b:c1:2d:bf:23:2d:ee:f2:3d:39:61:42:
7a:38:e9:35:2b:d1:37:37:16:2b:ed:f3:d0:40:9f:e5:e3:bc:
90:67:1f:94:47:8e:ee:8f:76:2e:7c:0f:95:a4:0a:a7:b5:13:
9b:45:9d:f9:a1:71:46:6c:f2:2c:da:99:a9:aa:b4:fd:3b:5c:
ba:ab:32:c1:7e:f5:46:64:17:8e:8e:c8:30:7e:d6:93:07:9d:
13:d2:f7:4a:16:53:dc:98:09:3a:d8:2d:2a:08:e4:01:3c:a8:
df:b1:d4:61:00:09:dc:57:39:9f:89:a5:a0:e3:b8:00:d0:84:
69:e5:63:4c:39:f1:d0:40:cb:0d:52:c6:97:b8:1f:bf:d9:43:
ab:f0:d3:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxlW512gL3V3d2NxGHop1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjMwMTAyMDgyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJhZjcyNWNkZjU3MWUxNmI3YTY0NThkYjUyZmQwNzQ4MWVjMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbkUqfmbRf/s3NFbbHei9xuz4RyJ
0EhV4gjqgHaSQY14LqjbVFDzG9UhGHqU+uS5IhQaZWK/H1NElzyY+lHWXY8djw65
01xhT30dxX0qnH8QA9Jt4zszuqgVDE+4lpjNYiC0q5BqRBT6a69WHB1uxx2AZbo2
eVAbG1a/8Ijk6LyYX5EfCrb/04DoERUC1YpVfrYJvsH858do5prqjkxfH8pB2rAB
LzW7A9r6fqxmSm0z672fDqBye9phRkHfsItb5Con6nMJliA6adhIu+katodkqW1R
06OP8HtCoVCr4TM7Wf9MJ1+3QqIPtJ17lA7tT1keG/sVRMRMkyQs+L6E5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOC69yXN9XHha3pkWNtS/QdIHsBbMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvNExyM0pjMzFjZUZyZW1SWTIxTDlCMGdld0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBkQ8oAwQB
kQ9wMA0GCSqGSIb3DQEBCwUAA4IBAQBKjPBbJQCQQPzVkmLbfCHaxSOGqcBjea2c
Kmr5XH4xtXdGo5vQ4d/oG3pZvmQDe7eHOhx8MdsTumQamK/qdKUSIgH5X44IGLBg
oXAAMCS3MW7iJmsqWQVW3YgxHt2aYyymaxHHdwJKtD17HVNzKQBEa2VbwS2/Iy3u
8j05YUJ6OOk1K9E3NxYr7fPQQJ/l47yQZx+UR47uj3YufA+VpAqntRObRZ35oXFG
bPIs2pmpqrT9O1y6qzLBfvVGZBeOjsgwftaTB50T0vdKFlPcmAk62C0qCOQBPKjf
sdRhAAncVzmfiaWg47gA0IRp5WNMOfHQQMsNUsaXuB+/2UOr8NP8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:44 2024 by rpki-client on console-ams.rpki-client.org