Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IfRvQuGYH6A41Y9wVAtNCmfZfSk.roa
File: IfRvQuGYH6A41Y9wVAtNCmfZfSk.roa (raw, json)
Hash identifier: 2ALUPr8BpbsvxmD4XYEFofjK27EF3i4evyhZKuVd/60=
Subject key identifier: 21:F4:6F:42:E1:98:1F:A0:38:D5:8F:70:54:0B:4D:0A:67:D9:7D:29
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 01856D385F572656D9A3313E7336B1D9057B
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IfRvQuGYH6A41Y9wVAtNCmfZfSk.roa
Signing time: Sun 01 Jan 2023 12:04:49 +0000
ROA not before: Sun 01 Jan 2023 12:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47527
IP address blocks: 45.95.208.0/24 maxlen: 24
213.142.141.0/24 maxlen: 24
2a00:b920:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 08 May 2023 09:44:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:5f:57:26:56:d9:a3:31:3e:73:36:b1:d9:05:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Jan 1 12:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21f46f42e1981fa038d58f70540b4d0a67d97d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f2:e9:41:75:52:05:ac:10:22:8f:57:6d:69:
fd:06:21:b7:3b:27:0c:3d:62:7b:ff:2f:03:28:a6:
ba:dc:11:36:e2:47:d9:28:96:4e:41:85:1f:43:d2:
6d:9f:c8:d5:91:02:1a:cb:5d:2c:c0:87:16:4e:51:
b2:e9:a4:1e:45:fd:12:ac:ea:83:7a:9f:41:06:24:
2d:c5:22:fe:a9:b6:09:d0:dd:2d:11:03:4d:c0:38:
e2:b8:33:44:98:75:70:04:6c:58:73:c5:d4:34:fa:
7c:6b:2b:6a:bb:49:06:a9:f5:b1:ef:27:6e:d2:cf:
5f:61:0f:91:21:28:10:28:0c:9f:c2:7c:1b:cc:f0:
a1:c7:c9:84:c5:85:12:7b:39:01:7a:c7:49:04:8b:
d7:8c:4b:7c:37:d0:22:21:0b:d5:c5:da:1f:31:ba:
d5:cd:d3:f4:af:1f:af:c1:53:aa:35:37:a1:e6:4a:
5c:1d:cf:36:5c:2a:4c:ab:54:e9:ae:20:cc:c0:a7:
5d:57:13:25:7f:05:63:7f:37:4d:a5:0b:14:96:5a:
3b:61:dd:d7:01:29:63:70:34:53:be:fc:70:bc:d5:
1e:99:52:af:ff:5a:6b:89:a9:9f:f5:b2:7a:cc:37:
e7:68:3e:7b:0f:86:5c:73:e5:37:2f:da:28:73:3c:
d8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F4:6F:42:E1:98:1F:A0:38:D5:8F:70:54:0B:4D:0A:67:D9:7D:29
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/IfRvQuGYH6A41Y9wVAtNCmfZfSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.208.0/24
213.142.141.0/24
IPv6:
2a00:b920:200::/40
Signature Algorithm: sha256WithRSAEncryption
16:dd:71:48:3a:9f:74:f0:94:ee:14:1b:ad:eb:55:b0:63:61:
04:63:4f:8b:fb:f0:cb:97:51:c1:4a:3b:15:d6:65:36:96:df:
b3:87:b2:1a:83:ca:6b:08:c1:f5:3e:1c:67:a2:a0:e9:9a:c8:
7f:95:80:df:61:fd:ed:26:50:d7:da:58:0e:14:09:9e:08:2a:
f4:56:58:ae:75:dd:d0:b4:6b:fd:3d:74:60:14:39:78:7c:c4:
2e:cf:de:7e:a0:85:8a:36:1b:46:05:97:32:49:4b:da:8b:8b:
9b:47:aa:1d:bb:50:54:bf:60:2d:6e:99:d5:d5:df:4e:3c:d5:
1e:35:96:4c:bd:63:83:a2:8c:20:15:df:7d:07:dd:ca:c4:96:
08:ab:75:05:e3:97:37:24:fc:e1:14:8c:60:a4:e5:86:ee:8b:
94:91:c4:d8:09:cc:59:80:10:b6:de:be:a1:4d:cf:d4:f5:fe:
e2:df:0e:7d:50:95:2a:ff:e0:a3:4f:7e:48:fd:53:bc:5b:87:
a7:2a:93:15:4d:65:cc:d2:bc:f6:20:f3:35:26:0e:09:a2:b7:
1a:4f:ef:3a:fa:8e:93:eb:a7:d5:25:bb:4b:fc:a1:51:2d:29:
b9:15:06:69:7f:47:0b:39:03:8b:4b:d4:5b:3a:5c:86:df:1c:
9f:d5:78:95
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtOF9XJlbZozE+czax2QV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjMwMTAxMTIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY0NmY0MmUxOTgxZmEwMzhkNThmNzA1NDBiNGQwYTY3ZDk3ZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvLpQXVSBawQIo9XbWn9BiG3OycM
PWJ7/y8DKKa63BE24kfZKJZOQYUfQ9Jtn8jVkQIay10swIcWTlGy6aQeRf0SrOqD
ep9BBiQtxSL+qbYJ0N0tEQNNwDjiuDNEmHVwBGxYc8XUNPp8aytqu0kGqfWx7ydu
0s9fYQ+RISgQKAyfwnwbzPChx8mExYUSezkBesdJBIvXjEt8N9AiIQvVxdofMbrV
zdP0rx+vwVOqNTeh5kpcHc82XCpMq1TpriDMwKddVxMlfwVjfzdNpQsUllo7Yd3X
ASljcDRTvvxwvNUemVKv/1priamf9bJ6zDfnaD57D4Zcc+U3L9ooczzYVQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCH0b0LhmB+gONWPcFQLTQpn2X0pMB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvSWZSdlF1R1lINkE0MVk5d1ZBdE5DbWZaZlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALV/QAwQA
1Y6NMA4EAgACMAgDBgAqALkgAjANBgkqhkiG9w0BAQsFAAOCAQEAFt1xSDqfdPCU
7hQbretVsGNhBGNPi/vwy5dRwUo7FdZlNpbfs4eyGoPKawjB9T4cZ6Kg6ZrIf5WA
32H97SZQ19pYDhQJnggq9FZYrnXd0LRr/T10YBQ5eHzELs/efqCFijYbRgWXMklL
2ouLm0eqHbtQVL9gLW6Z1dXfTjzVHjWWTL1jg6KMIBXffQfdysSWCKt1BeOXNyT8
4RSMYKTlhu6LlJHE2AnMWYAQtt6+oU3P1PX+4t8OfVCVKv/go09+SP1TvFuHpyqT
FU1lzNK89iDzNSYOCaK3Gk/vOvqOk+un1SW7S/yhUS0puRUGaX9HCzkDi0vUWzpc
ht8cn9V4lQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:17 2024 by rpki-client on console-fra.rpki-client.org