Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/ETv7clMaVFZymzOjY8mjs6bNWLA.roa
File: ETv7clMaVFZymzOjY8mjs6bNWLA.roa (raw, json)
Hash identifier: 8od+Wfd/dLilB3klhWjIDs4pmDfKCKJ0bMDxHjQ4g+4=
Subject key identifier: 11:3B:FB:72:53:1A:54:56:72:9B:33:A3:63:C9:A3:B3:A6:CD:58:B0
Certificate issuer: /CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Certificate serial: 01856C93A2C3719D5520430EF0C5E9B6B180
Authority key identifier: 31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/ETv7clMaVFZymzOjY8mjs6bNWLA.roa
Signing time: Sun 01 Jan 2023 09:04:52 +0000
ROA not before: Sun 01 Jan 2023 09:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203698
IP address blocks: 176.124.40.0/22 maxlen: 22
45.147.208.0/22 maxlen: 22
2a0f:3400::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:a2:c3:71:9d:55:20:43:0e:f0:c5:e9:b6:b1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=315955c4af3eb1a8d3400a86625e365c26298d6a
Validity
Not Before: Jan 1 09:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=113bfb72531a5456729b33a363c9a3b3a6cd58b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:12:72:9d:20:2f:1e:ed:57:bf:3d:ef:52:54:
75:83:39:51:46:a0:0f:7e:e1:f8:0e:7f:6e:06:a0:
ea:05:70:d9:94:25:95:c7:0f:18:0b:a0:e8:98:e4:
2f:f5:92:1b:25:99:aa:3b:a0:29:9b:35:49:84:fd:
29:3f:2c:31:36:93:33:2d:07:cf:ec:cb:47:3d:45:
10:dd:38:6f:5d:82:ba:f9:46:89:61:b2:d8:5a:4b:
ce:bc:47:1a:c9:66:39:f2:45:9c:b7:92:dd:ae:aa:
c2:1e:32:b8:eb:b0:d0:26:33:af:8b:b4:75:3a:36:
a2:76:d7:b4:d4:1d:78:a4:2d:2a:ed:93:92:c8:56:
a4:bb:02:04:06:cf:ee:aa:55:76:c8:83:15:4b:e1:
f4:63:9c:36:d3:c0:f0:c6:d2:bc:cb:36:fe:11:8a:
54:29:6c:85:6c:61:33:ab:cb:9c:78:c9:31:f2:0a:
95:98:24:c9:ea:24:52:b5:04:1c:03:01:d9:23:22:
35:37:63:03:ef:27:e7:36:b9:13:07:bd:ac:c9:c6:
c7:68:4f:e2:8c:45:78:b8:35:5b:50:cd:df:37:fb:
eb:e1:ac:66:1c:6f:d7:5b:f4:35:c6:89:bc:d9:a4:
f4:7e:cc:2d:0b:78:0e:7e:25:ba:9c:53:bc:75:0a:
1b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3B:FB:72:53:1A:54:56:72:9B:33:A3:63:C9:A3:B3:A6:CD:58:B0
X509v3 Authority Key Identifier:
keyid:31:59:55:C4:AF:3E:B1:A8:D3:40:0A:86:62:5E:36:5C:26:29:8D:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MVlVxK8-sajTQAqGYl42XCYpjWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/ETv7clMaVFZymzOjY8mjs6bNWLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/21c61a-d6b1-4aca-9782-97348336f33a/1/MVlVxK8-sajTQAqGYl42XCYpjWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.208.0/22
176.124.40.0/22
IPv6:
2a0f:3400::/29
Signature Algorithm: sha256WithRSAEncryption
87:57:a0:ea:cb:36:3d:c7:46:8e:35:10:12:6c:47:25:68:7e:
ef:68:a2:34:0e:42:e6:0c:b8:ee:51:7b:91:85:a9:78:a8:e9:
25:52:c0:9a:51:fb:59:31:f9:80:58:5b:3e:49:61:c6:f6:89:
5c:43:d7:b1:14:4a:54:3b:2f:80:33:e7:19:71:3d:aa:d7:b6:
8e:24:fd:22:4d:33:5a:76:34:91:23:04:e5:42:df:08:6f:5f:
90:dc:fc:3c:94:07:0f:06:8f:da:37:06:08:cd:d5:54:14:5d:
bd:2b:b3:d9:5b:9f:84:5c:19:67:64:04:5e:6f:44:90:3f:5a:
48:ca:fb:a6:08:20:83:9e:34:3f:1c:02:50:e0:17:1f:c5:05:
5e:73:9b:ce:d9:1e:dc:bd:4d:4c:fa:ca:52:06:5b:a9:18:91:
45:a5:89:76:57:83:34:b5:af:2b:4b:27:ef:76:b7:c6:4d:25:
e0:e8:47:fa:74:80:ec:ff:6c:77:13:02:a3:77:3f:eb:32:0b:
aa:16:83:17:29:08:92:93:3b:8c:8a:94:1b:a8:d9:dc:23:3b:
8f:00:b8:be:41:d3:f4:00:5c:bb:b6:5e:e8:ef:0d:92:d5:c6:
35:1c:22:ce:59:64:53:69:71:24:d4:60:22:36:1c:f5:18:da:
97:d8:e9:01
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsk6LDcZ1VIEMO8MXptrGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNTk1NWM0YWYzZWIxYThkMzQwMGE4NjYyNWUzNjVjMjYy
OThkNmEwHhcNMjMwMTAxMDkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNiZmI3MjUzMWE1NDU2NzI5YjMzYTM2M2M5YTNiM2E2Y2Q1OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRJynSAvHu1Xvz3vUlR1gzlRRqAP
fuH4Dn9uBqDqBXDZlCWVxw8YC6DomOQv9ZIbJZmqO6ApmzVJhP0pPywxNpMzLQfP
7MtHPUUQ3ThvXYK6+UaJYbLYWkvOvEcayWY58kWct5LdrqrCHjK467DQJjOvi7R1
Ojaidte01B14pC0q7ZOSyFakuwIEBs/uqlV2yIMVS+H0Y5w208DwxtK8yzb+EYpU
KWyFbGEzq8uceMkx8gqVmCTJ6iRStQQcAwHZIyI1N2MD7yfnNrkTB72sycbHaE/i
jEV4uDVbUM3fN/vr4axmHG/XW/Q1xom82aT0fswtC3gOfiW6nFO8dQobjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBE7+3JTGlRWcpszo2PJo7OmzViwMB8GA1UdIwQY
MBaAFDFZVcSvPrGo00AKhmJeNlwmKY1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODIt
OTczNDgzMzZmMzNhLzEvRVR2N2NsTWFWRlp5bXpPalk4bWpzNmJOV0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yMWM2MWEtZDZiMS00YWNhLTk3ODItOTczNDgzMzZmMzNh
LzEvTVZsVnhLOC1zYWpUUUFxR1lsNDJYQ1lwaldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZPQAwQC
sHwoMA0EAgACMAcDBQMqDzQAMA0GCSqGSIb3DQEBCwUAA4IBAQCHV6DqyzY9x0aO
NRASbEclaH7vaKI0DkLmDLjuUXuRhal4qOklUsCaUftZMfmAWFs+SWHG9olcQ9ex
FEpUOy+AM+cZcT2q17aOJP0iTTNadjSRIwTlQt8Ib1+Q3Pw8lAcPBo/aNwYIzdVU
FF29K7PZW5+EXBlnZAReb0SQP1pIyvumCCCDnjQ/HAJQ4BcfxQVec5vO2R7cvU1M
+spSBlupGJFFpYl2V4M0ta8rSyfvdrfGTSXg6Ef6dIDs/2x3EwKjdz/rMguqFoMX
KQiSkzuMipQbqNncIzuPALi+QdP0AFy7tl7o7w2S1cY1HCLOWWRTaXEk1GAiNhz1
GNqX2OkB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:47 2024 by rpki-client on console-fra.rpki-client.org