Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/bkonOd-_wO1KCzS2UXjtfLTlBHA.roa
File: bkonOd-_wO1KCzS2UXjtfLTlBHA.roa (raw, json)
Hash identifier: zzHMEWJTcx2V/GmkYCmJiUEiNv6vhkxhRdERF8AFAb0=
Subject key identifier: 6E:4A:27:39:DF:BF:C0:ED:4A:0B:34:B6:51:78:ED:7C:B4:E5:04:70
Certificate issuer: /CN=f143d13c7bbd2aa15f5677c139ac33c867879f2c
Certificate serial: 018C2590E3ED7D27656B482A587743DC0B17
Authority key identifier: F1:43:D1:3C:7B:BD:2A:A1:5F:56:77:C1:39:AC:33:C8:67:87:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UPRPHu9KqFfVnfBOawzyGeHnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/bkonOd-_wO1KCzS2UXjtfLTlBHA.roa
Signing time: Fri 01 Dec 2023 13:28:21 +0000
ROA not before: Fri 01 Dec 2023 13:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56701
IP address blocks: 45.157.212.0/24 maxlen: 24
45.157.213.0/24 maxlen: 24
45.157.215.0/24 maxlen: 24
45.157.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:90:e3:ed:7d:27:65:6b:48:2a:58:77:43:dc:0b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f143d13c7bbd2aa15f5677c139ac33c867879f2c
Validity
Not Before: Dec 1 13:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e4a2739dfbfc0ed4a0b34b65178ed7cb4e50470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ea:11:0e:ee:fb:2d:74:67:f2:33:b8:6b:7e:
a5:7f:87:70:ad:9f:f1:fa:57:29:dd:6c:b0:e6:25:
03:ba:cc:f6:a7:da:d2:1c:df:5b:73:61:11:96:52:
5c:fb:e4:d5:59:8e:c3:94:e4:61:2c:82:e4:61:3b:
54:1b:0e:40:d3:e1:1f:06:fb:58:3c:82:07:55:9e:
20:68:84:06:ac:c2:d4:c2:0d:d3:34:70:e4:69:d8:
87:a0:5a:93:3f:bd:ab:ba:26:8d:57:a9:74:2c:4a:
46:4e:ad:1f:69:16:7e:88:b0:84:8d:51:87:9d:5f:
d2:0a:78:89:d7:2f:13:2d:c3:c7:cd:74:1c:d0:3b:
d6:73:33:c5:af:70:49:eb:c6:fd:0f:3c:b8:c3:a1:
d1:6b:18:c8:55:d2:81:8f:06:44:86:62:c1:05:b4:
c3:85:fb:8c:48:a6:97:df:15:f5:3f:17:77:10:e4:
70:1f:9f:bd:7e:c3:cc:06:f2:4a:fd:c4:f5:dc:a4:
fe:f8:a2:c2:09:ad:ef:a8:30:75:c9:ea:6f:32:80:
9f:e8:81:c0:d4:72:de:0d:33:c0:22:fc:19:e5:51:
14:60:05:f7:3b:70:d6:e6:87:f4:2c:ab:21:82:1b:
ef:b1:77:6a:4c:27:a2:65:70:cd:63:a5:a9:5e:9c:
48:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4A:27:39:DF:BF:C0:ED:4A:0B:34:B6:51:78:ED:7C:B4:E5:04:70
X509v3 Authority Key Identifier:
keyid:F1:43:D1:3C:7B:BD:2A:A1:5F:56:77:C1:39:AC:33:C8:67:87:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UPRPHu9KqFfVnfBOawzyGeHnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/bkonOd-_wO1KCzS2UXjtfLTlBHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8359ce-bbd4-4253-9464-a146a1b01f8f/1/8UPRPHu9KqFfVnfBOawzyGeHnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.212.0/22
Signature Algorithm: sha256WithRSAEncryption
47:bc:4b:90:ad:a5:d1:a0:8d:18:38:bb:df:43:9c:b6:70:ea:
78:cf:e2:c0:7b:9d:3c:5e:db:9f:28:4d:01:e6:5d:f1:27:06:
55:72:11:0b:6f:18:59:16:14:5b:66:3e:08:66:32:0b:d5:f4:
d5:1e:4c:92:6c:ac:fe:c1:a1:63:8c:ec:37:9f:2b:99:eb:8c:
d8:b8:56:89:da:8d:61:36:1b:8c:75:76:13:f2:a9:09:1c:4b:
ee:81:0c:8f:d8:77:b5:e3:7d:3e:28:16:27:77:d3:91:cf:16:
b9:32:45:93:65:5f:1a:71:6a:14:06:84:1b:3b:84:1c:0d:a6:
73:04:16:94:90:6e:55:ca:9f:db:af:1c:01:91:a8:8e:dd:c1:
ed:df:a2:cf:b3:77:d8:a6:dd:c6:87:ff:e5:14:e6:9f:eb:47:
9c:28:bb:a1:c5:a6:6c:50:21:7a:eb:f5:df:36:e6:e0:54:8d:
2f:6a:36:ee:23:7f:d6:2f:10:78:a6:11:38:3d:74:92:26:a7:
74:e1:ad:b2:98:98:f9:28:f3:b0:8d:c0:98:7a:f6:95:26:83:
c2:ff:0c:10:41:ac:b7:66:82:45:b2:c8:9a:3d:e8:38:a1:33:
50:bc:c9:61:fa:7c:0b:12:37:80:80:2b:7d:52:4f:74:60:5b:
7d:18:82:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwlkOPtfSdla0gqWHdD3AsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDNkMTNjN2JiZDJhYTE1ZjU2NzdjMTM5YWMzM2M4Njc4
NzlmMmMwHhcNMjMxMjAxMTMyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRhMjczOWRmYmZjMGVkNGEwYjM0YjY1MTc4ZWQ3Y2I0ZTUwNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeoRDu77LXRn8jO4a36lf4dwrZ/x
+lcp3Wyw5iUDusz2p9rSHN9bc2ERllJc++TVWY7DlORhLILkYTtUGw5A0+EfBvtY
PIIHVZ4gaIQGrMLUwg3TNHDkadiHoFqTP72ruiaNV6l0LEpGTq0faRZ+iLCEjVGH
nV/SCniJ1y8TLcPHzXQc0DvWczPFr3BJ68b9Dzy4w6HRaxjIVdKBjwZEhmLBBbTD
hfuMSKaX3xX1Pxd3EORwH5+9fsPMBvJK/cT13KT++KLCCa3vqDB1yepvMoCf6IHA
1HLeDTPAIvwZ5VEUYAX3O3DW5of0LKshghvvsXdqTCeiZXDNY6WpXpxIzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5KJznfv8DtSgs0tlF47Xy05QRwMB8GA1UdIwQY
MBaAFPFD0Tx7vSqhX1Z3wTmsM8hnh58sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVQUlBIdTlLcUZmVm5mQk9hd3p5R2VIbnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MzU5Y2UtYmJkNC00MjUzLTk0NjQt
YTE0NmExYjAxZjhmLzEvYmtvbk9kLV93TzFLQ3pTMlVYanRmTFRsQkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MzU5Y2UtYmJkNC00MjUzLTk0NjQtYTE0NmExYjAxZjhm
LzEvOFVQUlBIdTlLcUZmVm5mQk9hd3p5R2VIbnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ3UMA0G
CSqGSIb3DQEBCwUAA4IBAQBHvEuQraXRoI0YOLvfQ5y2cOp4z+LAe508XtufKE0B
5l3xJwZVchELbxhZFhRbZj4IZjIL1fTVHkySbKz+waFjjOw3nyuZ64zYuFaJ2o1h
NhuMdXYT8qkJHEvugQyP2He1430+KBYnd9ORzxa5MkWTZV8acWoUBoQbO4QcDaZz
BBaUkG5Vyp/brxwBkaiO3cHt36LPs3fYpt3Gh//lFOaf60ecKLuhxaZsUCF66/Xf
NubgVI0vajbuI3/WLxB4phE4PXSSJqd04a2ymJj5KPOwjcCYevaVJoPC/wwQQay3
ZoJFssiaPeg4oTNQvMlh+nwLEjeAgCt9Uk90YFt9GIIi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:37 2024 by rpki-client on console-fra.rpki-client.org