Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/_bGcUtiVjaRElrL8PXsYrrVkE9U.roa
File: _bGcUtiVjaRElrL8PXsYrrVkE9U.roa (raw, json)
Hash identifier: 4krPq5PEtb6bHVpiRTC1weneBQhUTEfQDn1nsbTe3yg=
Subject key identifier: FD:B1:9C:52:D8:95:8D:A4:44:96:B2:FC:3D:7B:18:AE:B5:64:13:D5
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018570F0B521FBF28CAA390A2CD32FFE8C59
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/_bGcUtiVjaRElrL8PXsYrrVkE9U.roa
Signing time: Mon 02 Jan 2023 05:25:01 +0000
ROA not before: Mon 02 Jan 2023 05:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59456
IP address blocks: 195.244.18.0/24 maxlen: 24
91.239.15.0/24 maxlen: 24
45.152.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:b5:21:fb:f2:8c:aa:39:0a:2c:d3:2f:fe:8c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 2 05:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdb19c52d8958da44496b2fc3d7b18aeb56413d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:17:c8:f0:7d:4d:05:c6:88:03:c7:08:a6:fb:
c8:79:68:7e:eb:68:9c:16:db:6c:7c:90:b2:3a:33:
fc:6d:81:d3:6f:f6:45:49:5a:c6:aa:d8:e4:13:a0:
26:de:06:1c:74:8f:e6:c2:cb:62:f6:f0:aa:14:15:
7a:c5:5c:bf:e0:90:e4:5d:9e:ac:e3:b9:b3:eb:b3:
a2:eb:e8:2a:6c:6c:08:f7:6c:b0:31:57:53:be:b9:
e9:8b:81:6a:ce:70:0a:27:f4:1f:e6:a9:97:ca:71:
0f:5c:9c:22:ac:34:7b:b6:f6:79:d5:e5:af:79:32:
34:82:8b:ee:7a:ff:b0:ff:79:1c:fc:8c:9c:d9:f8:
1d:ab:c2:45:0d:3b:dc:3f:c5:61:3c:1a:ab:64:53:
c9:5e:eb:45:c9:aa:d6:f6:84:6a:73:2e:04:57:82:
21:66:88:b3:5b:8e:50:15:bd:da:ff:f3:9d:62:ba:
b1:01:1c:8e:0b:cb:ad:2e:9b:c3:1e:8f:51:e9:24:
b1:26:f6:30:10:92:c0:b6:69:4e:eb:d1:1b:84:d4:
5e:42:92:a6:61:11:80:7a:52:3c:11:c6:c3:49:28:
fc:3e:be:c2:48:2c:c2:7d:cd:71:49:fa:e3:f4:5f:
bf:17:5d:97:60:55:cd:4b:da:cc:5a:b8:ff:db:52:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:B1:9C:52:D8:95:8D:A4:44:96:B2:FC:3D:7B:18:AE:B5:64:13:D5
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/_bGcUtiVjaRElrL8PXsYrrVkE9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.40.0/22
91.239.15.0/24
195.244.18.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8c:d7:03:d3:36:b9:26:aa:8b:8c:24:72:2b:fe:29:85:04:
e9:92:75:65:00:60:4e:87:18:db:7b:3b:cb:66:1e:b7:24:35:
b5:60:61:50:8d:4b:fb:aa:fd:0f:5c:c9:4a:25:b2:4c:90:ec:
ee:8d:51:bf:f4:d9:c5:c4:62:ad:a1:64:87:1a:d5:ff:6d:41:
af:fd:53:aa:e5:c2:0c:51:ae:1c:04:fc:0b:b1:02:ed:51:12:
57:ff:c2:16:04:a9:57:8f:01:5b:f6:12:d1:aa:88:23:e7:a7:
ee:64:c5:8e:e1:a8:4c:fa:9f:dd:35:5c:32:d8:04:f8:11:f6:
05:c5:4b:b7:13:33:d5:72:d6:41:e4:e2:6c:14:95:e9:ab:4b:
75:eb:d8:8b:5c:f6:9b:5f:9a:d1:e7:a6:eb:5e:b5:97:1d:f1:
fc:43:00:37:9a:ce:d7:3d:59:e7:a4:55:2c:07:2b:bb:c5:b7:
ba:fe:57:46:33:82:af:d2:85:4e:05:a2:41:8d:33:bb:77:9a:
27:d6:61:ab:3a:e6:32:c4:ab:50:81:2b:d9:ec:5e:87:28:cc:
61:ab:d0:81:3d:a0:9b:26:df:21:77:85:bb:8a:e4:93:9e:b8:
8a:06:03:30:a4:2a:e7:a0:3c:cf:b8:ab:a5:cc:2f:68:ad:d0:
bb:60:de:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw8LUh+/KMqjkKLNMv/oxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjMwMTAyMDUyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGIxOWM1MmQ4OTU4ZGE0NDQ5NmIyZmMzZDdiMThhZWI1NjQxM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBfI8H1NBcaIA8cIpvvIeWh+62ic
FttsfJCyOjP8bYHTb/ZFSVrGqtjkE6Am3gYcdI/mwsti9vCqFBV6xVy/4JDkXZ6s
47mz67Oi6+gqbGwI92ywMVdTvrnpi4FqznAKJ/Qf5qmXynEPXJwirDR7tvZ51eWv
eTI0govuev+w/3kc/Iyc2fgdq8JFDTvcP8VhPBqrZFPJXutFyarW9oRqcy4EV4Ih
ZoizW45QFb3a//OdYrqxARyOC8utLpvDHo9R6SSxJvYwEJLAtmlO69EbhNReQpKm
YRGAelI8EcbDSSj8Pr7CSCzCfc1xSfrj9F+/F12XYFXNS9rMWrj/21KD0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP2xnFLYlY2kRJay/D17GK61ZBPVMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvX2JHY1V0aVZqYVJFbHJMOFBYc1lyclZrRTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZgoAwQA
W+8PAwQAw/QSMA0GCSqGSIb3DQEBCwUAA4IBAQBvjNcD0za5JqqLjCRyK/4phQTp
knVlAGBOhxjbezvLZh63JDW1YGFQjUv7qv0PXMlKJbJMkOzujVG/9NnFxGKtoWSH
GtX/bUGv/VOq5cIMUa4cBPwLsQLtURJX/8IWBKlXjwFb9hLRqogj56fuZMWO4ahM
+p/dNVwy2AT4EfYFxUu3EzPVctZB5OJsFJXpq0t169iLXPabX5rR56brXrWXHfH8
QwA3ms7XPVnnpFUsByu7xbe6/ldGM4Kv0oVOBaJBjTO7d5on1mGrOuYyxKtQgSvZ
7F6HKMxhq9CBPaCbJt8hd4W7iuSTnriKBgMwpCrnoDzPuKulzC9ordC7YN50
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:02 2024 by rpki-client on console-ams.rpki-client.org