Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wPmhbQCITFgvW0uVmUa0WEdgLHE.roa
File: wPmhbQCITFgvW0uVmUa0WEdgLHE.roa (raw, json)
Hash identifier: jYrpi3wbAR4FHvZThentkUmZoax6QmQ854RWoTBsYFI=
Subject key identifier: C0:F9:A1:6D:00:88:4C:58:2F:5B:4B:95:99:46:B4:58:47:60:2C:71
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01856D9D37A4A7945ACD095FD87DA91EAC03
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wPmhbQCITFgvW0uVmUa0WEdgLHE.roa
Signing time: Sun 01 Jan 2023 13:54:58 +0000
ROA not before: Sun 01 Jan 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 91.208.245.0/24 maxlen: 24
91.208.246.0/24 maxlen: 24
45.10.70.0/23 maxlen: 24
45.10.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 05:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:37:a4:a7:94:5a:cd:09:5f:d8:7d:a9:1e:ac:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0f9a16d00884c582f5b4b959946b45847602c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:c5:77:2f:98:5b:7f:08:33:85:8e:b4:10:
9d:e0:9b:db:b1:c2:cc:a2:d8:bc:68:07:f5:ef:18:
3e:b0:d1:9c:5e:f2:4a:85:85:3f:e3:33:a3:34:43:
2a:d3:dc:ec:09:be:8c:9f:6b:46:5f:0d:73:6f:ce:
1e:cf:8d:61:d4:fb:90:62:a6:f4:c5:9d:1e:d8:bc:
e8:ab:59:bb:13:70:13:a0:93:1f:86:e0:e1:e4:20:
18:d2:03:39:15:96:31:cf:84:b5:09:64:1d:39:00:
3b:c8:0e:eb:80:ed:3c:f3:bc:6b:33:67:84:09:73:
22:84:6d:42:6f:f1:b5:28:39:dd:38:4f:18:e6:cb:
2f:6d:e6:a5:7d:40:17:48:21:40:5b:a0:c4:1f:b2:
56:c0:33:36:c9:69:26:80:b3:59:c7:9a:ae:14:e6:
d6:44:ff:27:44:ef:59:84:e7:19:66:6f:78:53:52:
97:54:47:40:8d:18:43:9e:54:1d:b8:b9:0d:cf:a5:
57:52:c4:da:12:ae:4d:d4:7f:74:1d:fe:f6:1a:20:
64:51:d5:40:41:b5:3f:a9:b3:2d:97:1b:8b:ce:5e:
46:4a:bb:5d:c1:da:c7:ed:2b:2c:27:3d:af:22:14:
5c:4e:ec:13:86:18:31:a1:1b:09:8a:6b:0a:1e:f3:
84:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F9:A1:6D:00:88:4C:58:2F:5B:4B:95:99:46:B4:58:47:60:2C:71
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/wPmhbQCITFgvW0uVmUa0WEdgLHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.69.0-45.10.71.255
91.208.245.0-91.208.246.255
Signature Algorithm: sha256WithRSAEncryption
25:af:33:b0:29:d8:34:bc:5a:6d:26:ff:8e:2c:11:bb:32:86:
49:42:25:6a:d2:79:50:63:61:3b:95:19:fd:8a:0e:2a:c0:ac:
d3:ff:f4:58:d1:5c:04:8e:12:f7:2a:85:a2:0e:0f:22:12:22:
fc:df:46:82:b6:95:16:83:eb:71:1e:93:48:24:37:ef:a5:95:
e2:a8:12:86:33:ad:c2:79:b7:fa:17:f9:c3:9f:0e:49:97:85:
ee:39:b8:40:de:18:4c:34:56:4d:f5:a6:24:d0:ba:63:bd:73:
c1:f7:fd:c8:dc:9b:e6:de:63:90:f6:3d:29:40:cf:7e:da:4c:
d5:c3:e6:16:52:5f:71:cc:20:c8:e2:30:38:ac:a9:ec:ac:f8:
0a:44:52:75:48:e7:20:b1:df:7f:ee:7a:c4:25:03:d6:06:80:
b3:77:2b:ec:ec:db:32:f7:33:cf:37:71:e4:da:d4:7c:e8:64:
77:08:73:97:62:8b:c5:80:21:2b:3e:5b:1f:2e:67:dc:01:78:
e2:2b:35:7e:4e:57:7a:3f:4c:6e:1f:d7:d5:8d:20:1d:01:bb:
a3:68:43:b0:89:c3:bc:19:a4:7a:37:58:25:11:10:ed:ff:ad:
71:bb:79:58:45:cc:01:64:2c:4a:99:db:da:df:3a:3b:c4:45:
52:56:a8:54
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtnTekp5RazQlf2H2pHqwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwMTAxMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY5YTE2ZDAwODg0YzU4MmY1YjRiOTU5OTQ2YjQ1ODQ3NjAyYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KvFdy+YW38IM4WOtBCd4JvbscLM
oti8aAf17xg+sNGcXvJKhYU/4zOjNEMq09zsCb6Mn2tGXw1zb84ez41h1PuQYqb0
xZ0e2Lzoq1m7E3AToJMfhuDh5CAY0gM5FZYxz4S1CWQdOQA7yA7rgO0887xrM2eE
CXMihG1Cb/G1KDndOE8Y5ssvbealfUAXSCFAW6DEH7JWwDM2yWkmgLNZx5quFObW
RP8nRO9ZhOcZZm94U1KXVEdAjRhDnlQduLkNz6VXUsTaEq5N1H90Hf72GiBkUdVA
QbU/qbMtlxuLzl5GSrtdwdrH7SssJz2vIhRcTuwThhgxoRsJimsKHvOEdQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMD5oW0AiExYL1tLlZlGtFhHYCxxMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvd1BtaGJRQ0lURmd2VzB1Vm1VYTBXRWRnTEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAtCkUD
BAMtCkAwDAMEAFvQ9QMEAFvQ9jANBgkqhkiG9w0BAQsFAAOCAQEAJa8zsCnYNLxa
bSb/jiwRuzKGSUIlatJ5UGNhO5UZ/YoOKsCs0//0WNFcBI4S9yqFog4PIhIi/N9G
graVFoPrcR6TSCQ376WV4qgShjOtwnm3+hf5w58OSZeF7jm4QN4YTDRWTfWmJNC6
Y71zwff9yNyb5t5jkPY9KUDPftpM1cPmFlJfccwgyOIwOKyp7Kz4CkRSdUjnILHf
f+56xCUD1gaAs3cr7OzbMvczzzdx5NrUfOhkdwhzl2KLxYAhKz5bHy5n3AF44is1
fk5Xej9Mbh/X1Y0gHQG7o2hDsInDvBmkejdYJREQ7f+tcbt5WEXMAWQsSpnb2t86
O8RFUlaoVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org