Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/D_pTH2RFkBHzpguzGWNtDrJd-2k.roa
File: D_pTH2RFkBHzpguzGWNtDrJd-2k.roa (raw, json)
Hash identifier: EGItkf6MVmmKZnk2Y/dB5MKfVu273YqBOWHA1N3FC4E=
Subject key identifier: 0F:FA:53:1F:64:45:90:11:F3:A6:0B:B3:19:63:6D:0E:B2:5D:FB:69
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 018CAAA263E8CF24AC88E6C66EBA2C8E8191
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/D_pTH2RFkBHzpguzGWNtDrJd-2k.roa
Signing time: Wed 27 Dec 2023 09:36:58 +0000
ROA not before: Wed 27 Dec 2023 09:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5405
IP address blocks: 45.153.82.0/23 maxlen: 24
45.153.81.0/24 maxlen: 24
91.247.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:aa:a2:63:e8:cf:24:ac:88:e6:c6:6e:ba:2c:8e:81:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Dec 27 09:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ffa531f64459011f3a60bb319636d0eb25dfb69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:7d:6d:ea:b1:b3:bf:27:f9:f0:64:d5:14:
e1:1a:e2:54:72:b5:b7:6b:f4:01:68:54:7b:6d:bd:
33:54:ec:9f:35:d2:3a:ae:66:9e:0c:72:ab:d7:fb:
35:89:ff:4e:99:6c:fb:56:c9:8f:d3:a5:3f:ea:f4:
fb:c9:1c:7b:ba:16:f9:0c:05:61:36:86:82:49:45:
9f:c3:06:1e:1f:db:fd:c2:61:75:80:55:39:f9:cd:
fe:c8:23:9b:5d:05:f4:8a:9c:1a:86:99:bf:33:e7:
4d:61:6f:d9:87:f3:70:5b:47:7c:0d:3d:36:6b:cd:
04:29:25:c1:d9:14:af:79:9b:e3:92:4f:c6:65:f7:
cc:23:5c:f7:e3:24:57:ce:e3:6c:19:0c:3b:60:df:
28:9e:94:ca:17:d0:bf:9f:8f:b0:62:fa:e8:f5:c4:
17:c2:1d:89:bb:30:4d:b0:32:8f:05:50:83:3b:ae:
14:22:eb:a5:90:03:cb:cf:62:8c:fe:e6:80:8b:73:
71:6f:19:0b:4d:ad:d7:48:61:0c:85:b9:1b:b2:9a:
67:bf:48:1f:bb:4b:b8:7f:da:c1:f5:28:19:34:a7:
b4:29:68:95:72:d8:ab:bb:39:2a:b5:c8:b4:ae:6f:
d7:c9:9b:e2:23:34:bc:9a:ee:77:c4:80:8e:92:26:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:FA:53:1F:64:45:90:11:F3:A6:0B:B3:19:63:6D:0E:B2:5D:FB:69
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/D_pTH2RFkBHzpguzGWNtDrJd-2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.81.0-45.153.83.255
91.247.160.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:e1:fb:90:2f:17:82:1f:ca:9e:83:a9:81:b3:9c:10:35:86:
bc:c1:4e:20:e5:d8:e5:f9:2c:22:95:63:fa:ee:a4:43:3d:8f:
bb:b3:5f:84:76:13:09:6b:22:8d:b4:f2:d7:49:4d:fb:ca:7e:
66:67:7b:75:4d:96:c1:cd:90:f1:ad:b8:02:19:af:dc:cb:d4:
8e:9b:0f:61:9b:cf:db:8d:62:35:2e:ae:2c:1f:35:64:fa:27:
af:8c:b6:38:4a:fd:b1:6a:34:98:99:41:20:18:f9:09:08:55:
88:c3:93:97:79:56:25:1d:19:64:0d:9f:45:67:5f:f2:e9:f5:
12:02:7c:e3:ce:c8:21:78:9c:55:73:2f:1d:c7:bd:fe:46:21:
96:0e:d3:3f:a1:d5:7e:51:cc:fd:0d:5c:fc:c6:9d:ac:7c:a8:
e9:dd:a6:e4:5f:27:40:8a:29:ac:73:7d:8d:75:c8:c9:03:80:
6e:86:0e:d9:d8:61:76:6a:4c:1d:07:ce:53:10:cf:e3:ec:cb:
94:35:ae:7e:6d:90:4b:a7:07:06:ec:3e:3a:65:7a:0f:0e:fa:
3f:0d:3f:d4:82:d0:8e:08:63:7b:71:c4:9b:ef:62:26:6b:e1:
ac:fe:cd:f6:6a:67:6a:75:12:69:42:dc:f5:e7:02:f6:d3:75:
76:1a:c7:af
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyqomPozySsiObGbrosjoGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjMxMjI3MDkzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmZhNTMxZjY0NDU5MDExZjNhNjBiYjMxOTYzNmQwZWIyNWRmYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlN9beqxs78n+fBk1RThGuJUcrW3
a/QBaFR7bb0zVOyfNdI6rmaeDHKr1/s1if9OmWz7VsmP06U/6vT7yRx7uhb5DAVh
NoaCSUWfwwYeH9v9wmF1gFU5+c3+yCObXQX0ipwahpm/M+dNYW/Zh/NwW0d8DT02
a80EKSXB2RSveZvjkk/GZffMI1z34yRXzuNsGQw7YN8onpTKF9C/n4+wYvro9cQX
wh2JuzBNsDKPBVCDO64UIuulkAPLz2KM/uaAi3NxbxkLTa3XSGEMhbkbsppnv0gf
u0u4f9rB9SgZNKe0KWiVctiruzkqtci0rm/XyZviIzS8mu53xICOkiYkIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA/6Ux9kRZAR86YLsxljbQ6yXftpMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvRF9wVEgyUkZrQkh6cGd1ekdXTnREckpkLTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtmVED
BAItmVADBABb96AwDQYJKoZIhvcNAQELBQADggEBAAzh+5AvF4Ifyp6DqYGznBA1
hrzBTiDl2OX5LCKVY/rupEM9j7uzX4R2EwlrIo208tdJTfvKfmZne3VNlsHNkPGt
uAIZr9zL1I6bD2Gbz9uNYjUuriwfNWT6J6+MtjhK/bFqNJiZQSAY+QkIVYjDk5d5
ViUdGWQNn0VnX/Lp9RICfOPOyCF4nFVzLx3Hvf5GIZYO0z+h1X5RzP0NXPzGnax8
qOndpuRfJ0CKKaxzfY11yMkDgG6GDtnYYXZqTB0HzlMQz+Psy5Q1rn5tkEunBwbs
Pjpleg8O+j8NP9SC0I4IY3txxJvvYiZr4az+zfZqZ2p1EmlC3PXnAvbTdXYax68=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:46 2024 by rpki-client on console-fra.rpki-client.org