Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/En9qIFB0uW3xYMpUb5psDVrzKao.roa
File: En9qIFB0uW3xYMpUb5psDVrzKao.roa (raw, json)
Hash identifier: kLHTEPGtjHO1jxRv1NroFD9Td3WcljP2q+3Yjbnp7Go=
Subject key identifier: 12:7F:6A:20:50:74:B9:6D:F1:60:CA:54:6F:9A:6C:0D:5A:F3:29:AA
Certificate issuer: /CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Certificate serial: 018B007CD971263313C8F0D0D61BEFBAAB53
Authority key identifier: 53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/En9qIFB0uW3xYMpUb5psDVrzKao.roa
Signing time: Thu 05 Oct 2023 15:37:43 +0000
ROA not before: Thu 05 Oct 2023 15:37:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200069
IP address blocks: 45.14.148.0/22 maxlen: 24
87.253.232.0/24 maxlen: 24
87.253.232.0/21 maxlen: 24
185.189.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:7c:d9:71:26:33:13:c8:f0:d0:d6:1b:ef:ba:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Validity
Not Before: Oct 5 15:37:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=127f6a205074b96df160ca546f9a6c0d5af329aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:47:d2:05:ba:17:94:b3:26:38:4a:9b:9a:8b:
61:d4:be:a3:99:1e:c6:ee:41:61:3c:f6:b8:bf:34:
fc:b5:6c:a6:93:a5:40:9f:e3:62:a8:b7:3d:e1:6e:
7e:64:38:35:42:f7:bf:5b:7a:55:70:c5:58:82:08:
ae:69:4e:56:d4:e7:bd:bf:d5:93:5f:3c:6a:e3:4d:
e8:b9:12:bf:36:6f:8e:4f:74:01:ad:26:ea:57:e7:
85:22:55:51:a2:46:51:72:86:4c:00:79:2c:bd:11:
91:7d:bd:54:9e:42:6b:36:7e:a6:ba:94:44:eb:1b:
5b:fb:22:28:b4:37:f3:0c:b9:96:ed:f1:5a:17:b3:
06:fa:1a:e2:38:f3:78:79:e0:07:42:0f:ff:83:40:
48:d0:3b:28:7a:7e:01:95:07:9b:f5:4a:c3:eb:51:
d7:01:15:3f:a1:54:e5:f5:1d:6c:df:f7:b7:45:a3:
6f:44:be:93:aa:08:5b:a8:f2:a0:ee:82:f2:6e:62:
b0:53:9a:87:68:a8:4f:68:79:e8:36:11:96:4a:37:
66:8d:65:13:fd:b0:46:42:e4:00:24:f4:41:a6:63:
ed:64:b7:f9:5d:54:5b:bc:40:07:94:81:89:95:1e:
52:35:60:05:a6:95:61:79:ed:91:a3:d2:75:62:2a:
63:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:7F:6A:20:50:74:B9:6D:F1:60:CA:54:6F:9A:6C:0D:5A:F3:29:AA
X509v3 Authority Key Identifier:
keyid:53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/En9qIFB0uW3xYMpUb5psDVrzKao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.148.0/22
87.253.232.0/21
185.189.236.0/22
Signature Algorithm: sha256WithRSAEncryption
07:c6:3d:37:c8:fc:74:19:87:39:d1:06:ac:dd:ef:16:f2:01:
cb:4e:f5:6d:e2:98:a9:78:34:9c:20:0e:ac:19:b1:7c:ca:bb:
0e:31:e3:0b:70:63:50:00:10:4f:b3:97:16:2e:2a:50:37:fd:
5d:9e:74:d8:fc:21:d4:84:af:09:6b:10:00:77:0f:58:df:0c:
0d:7a:20:08:b2:16:55:8a:94:fc:31:ff:c1:58:02:59:0c:85:
2d:d6:ba:bf:be:dc:ee:ba:89:1a:cb:9f:b5:1b:28:ea:07:e0:
78:a8:b1:06:18:00:7c:d6:a2:54:4c:91:54:f1:ea:07:e5:ca:
1b:d9:48:3b:40:85:be:9a:e9:3f:79:9d:ad:04:8c:0d:11:84:
b6:07:a6:c8:9c:51:d0:f6:c8:a0:7c:5b:f3:5a:71:f4:f3:ed:
f0:23:30:ff:48:ad:e7:30:50:2c:02:7f:da:06:55:3a:6f:18:
37:53:3c:0d:b1:34:3c:27:c9:2b:12:f0:6b:23:60:26:51:50:
b8:5f:e7:91:c9:85:c5:3a:d0:5e:d5:e4:41:61:6f:86:92:49:
19:81:81:aa:47:19:cf:95:5d:b9:9f:1f:a1:a5:1e:5f:ed:36:
e3:56:ac:a2:af:b7:ac:a5:f2:58:b0:6c:07:e8:78:ce:0f:11:
b0:8d:4f:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsAfNlxJjMTyPDQ1hvvuqtTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWJlNDUzNzZkNTg5ODc0NTJiZDA2NDZiOWE3NGNmOWVi
NmNiMmQwHhcNMjMxMDA1MTUzNzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjdmNmEyMDUwNzRiOTZkZjE2MGNhNTQ2ZjlhNmMwZDVhZjMyOWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkfSBboXlLMmOEqbmoth1L6jmR7G
7kFhPPa4vzT8tWymk6VAn+NiqLc94W5+ZDg1Qve/W3pVcMVYggiuaU5W1Oe9v9WT
Xzxq403ouRK/Nm+OT3QBrSbqV+eFIlVRokZRcoZMAHksvRGRfb1UnkJrNn6mupRE
6xtb+yIotDfzDLmW7fFaF7MG+hriOPN4eeAHQg//g0BI0Dsoen4BlQeb9UrD61HX
ARU/oVTl9R1s3/e3RaNvRL6TqghbqPKg7oLybmKwU5qHaKhPaHnoNhGWSjdmjWUT
/bBGQuQAJPRBpmPtZLf5XVRbvEAHlIGJlR5SNWAFppVhee2Ro9J1YipjkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBJ/aiBQdLlt8WDKVG+abA1a8ymqMB8GA1UdIwQY
MBaAFFNb5FN21YmHRSvQZGuadM+etsstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUt
Y2VjOTJiNTc4MDA2LzEvRW45cUlGQjB1VzN4WU1wVWI1cHNEVnJ6S2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUtY2VjOTJiNTc4MDA2
LzEvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ6UAwQD
V/3oAwQCub3sMA0GCSqGSIb3DQEBCwUAA4IBAQAHxj03yPx0GYc50Qas3e8W8gHL
TvVt4pipeDScIA6sGbF8yrsOMeMLcGNQABBPs5cWLipQN/1dnnTY/CHUhK8JaxAA
dw9Y3wwNeiAIshZVipT8Mf/BWAJZDIUt1rq/vtzuuokay5+1GyjqB+B4qLEGGAB8
1qJUTJFU8eoH5cob2Ug7QIW+muk/eZ2tBIwNEYS2B6bInFHQ9sigfFvzWnH08+3w
IzD/SK3nMFAsAn/aBlU6bxg3UzwNsTQ8J8krEvBrI2AmUVC4X+eRyYXFOtBe1eRB
YW+GkkkZgYGqRxnPlV25nx+hpR5f7TbjVqyir7espfJYsGwH6HjODxGwjU+g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:41 2024 by rpki-client on console-ams.rpki-client.org