Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/SO96XstYOhw4GBXuaKVMt0-UscQ.roa
File: SO96XstYOhw4GBXuaKVMt0-UscQ.roa (raw, json)
Hash identifier: KxFNq6zZKRmSlsOoRX+eODW+/DmHI+mq7CqTkE8l4XU=
Subject key identifier: 48:EF:7A:5E:CB:58:3A:1C:38:18:15:EE:68:A5:4C:B7:4F:94:B1:C4
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018C25A5F2BDE8178213E082B7810FDD4923
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/SO96XstYOhw4GBXuaKVMt0-UscQ.roa
Signing time: Fri 01 Dec 2023 13:51:21 +0000
ROA not before: Fri 01 Dec 2023 13:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.146.202.0/23 maxlen: 24
45.95.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 06:16:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:a5:f2:bd:e8:17:82:13:e0:82:b7:81:0f:dd:49:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Dec 1 13:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48ef7a5ecb583a1c381815ee68a54cb74f94b1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:10:2f:23:a2:11:1b:f7:25:88:71:34:6e:3a:
09:f8:6d:d4:c7:8b:fd:bb:58:b9:cd:09:36:7b:53:
b8:16:ba:58:3e:b1:36:17:33:b4:57:79:82:ed:75:
91:d2:d5:e4:f5:b5:fc:c7:be:e7:97:b3:63:98:f8:
74:1c:91:81:4f:ea:09:8f:2f:c2:c1:75:c1:d5:56:
9d:00:07:0c:21:c1:1d:57:41:e9:06:49:7b:ce:f2:
56:b4:e8:b9:ff:96:82:3e:a3:9e:0b:22:f3:c5:fa:
8a:5a:c3:da:3e:06:8b:31:1b:fb:c5:32:73:07:95:
bb:78:67:c8:14:b9:91:69:84:29:12:4c:e4:0e:10:
56:e1:a0:4d:39:58:9c:8d:7a:2d:35:0a:3c:e2:67:
e5:bb:e7:ae:34:16:c5:df:84:94:ce:be:0d:97:af:
4b:54:43:3c:8a:b2:b1:33:b6:0d:ae:2f:a8:56:29:
b2:b9:cc:dd:35:50:0b:c1:20:76:87:7b:59:65:2e:
b6:2a:b6:77:cf:d6:1f:6d:25:30:5c:36:05:06:38:
1f:81:24:0f:3e:99:b1:a8:09:34:68:2a:93:d7:05:
7e:d3:1f:81:5d:d5:ea:91:2f:49:ce:89:17:1d:b9:
c4:33:ee:5b:2b:cc:d6:05:48:f2:82:e6:04:be:41:
44:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:EF:7A:5E:CB:58:3A:1C:38:18:15:EE:68:A5:4C:B7:4F:94:B1:C4
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/SO96XstYOhw4GBXuaKVMt0-UscQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.35.0/24
45.146.202.0/23
Signature Algorithm: sha256WithRSAEncryption
56:a5:bb:a8:3b:dc:c1:96:cb:7f:b3:78:fa:c7:6a:f1:37:77:
24:fd:ce:c6:57:ff:4a:56:24:01:26:0c:0a:bb:c9:2a:9a:e6:
55:c5:66:c4:d8:2d:70:05:53:c9:4a:b8:5a:31:5e:68:89:b1:
9f:01:98:1d:70:19:95:21:ce:0b:bb:98:47:01:5b:6e:97:79:
4a:fa:06:3c:53:8e:c1:8d:45:8b:0a:ad:2f:2e:41:02:3b:11:
c5:58:be:b5:d2:5a:84:cb:72:7f:ef:19:fd:af:41:97:1a:7b:
de:7b:c8:0f:d0:a7:b6:ed:0a:d0:38:8c:3b:16:c1:fd:3d:fe:
36:30:71:55:06:c2:1f:1b:ed:2e:b8:82:0a:a0:78:f6:e7:9d:
42:6c:e7:91:7f:9b:74:09:d3:38:d5:b8:a0:1f:bb:00:15:23:
b7:db:a3:f1:75:5f:8c:ca:1a:2e:62:c6:04:f7:8a:49:1b:cd:
94:80:b1:05:1c:93:7f:57:fb:eb:2a:93:e3:b3:31:78:4f:69:
d4:26:cd:b6:33:95:40:72:aa:8f:49:8d:b6:8a:52:00:13:ad:
79:6e:6f:3d:f9:14:f1:a7:77:f7:ab:7b:a4:84:a7:5d:46:fe:
f1:09:e1:c4:e3:50:df:3e:41:b6:ec:79:a6:20:13:fc:02:a5:
66:d3:10:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwlpfK96BeCE+CCt4EP3UkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjMxMjAxMTM1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVmN2E1ZWNiNTgzYTFjMzgxODE1ZWU2OGE1NGNiNzRmOTRiMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghAvI6IRG/cliHE0bjoJ+G3Ux4v9
u1i5zQk2e1O4FrpYPrE2FzO0V3mC7XWR0tXk9bX8x77nl7NjmPh0HJGBT+oJjy/C
wXXB1VadAAcMIcEdV0HpBkl7zvJWtOi5/5aCPqOeCyLzxfqKWsPaPgaLMRv7xTJz
B5W7eGfIFLmRaYQpEkzkDhBW4aBNOVicjXotNQo84mflu+euNBbF34SUzr4Nl69L
VEM8irKxM7YNri+oVimyuczdNVALwSB2h3tZZS62KrZ3z9YfbSUwXDYFBjgfgSQP
PpmxqAk0aCqT1wV+0x+BXdXqkS9JzokXHbnEM+5bK8zWBUjyguYEvkFE/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEjvel7LWDocOBgV7milTLdPlLHEMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvU085NlhzdFlPaHc0R0JYdWFLVk10MC1Vc2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV8jAwQB
LZLKMA0GCSqGSIb3DQEBCwUAA4IBAQBWpbuoO9zBlst/s3j6x2rxN3ck/c7GV/9K
ViQBJgwKu8kqmuZVxWbE2C1wBVPJSrhaMV5oibGfAZgdcBmVIc4Lu5hHAVtul3lK
+gY8U47BjUWLCq0vLkECOxHFWL610lqEy3J/7xn9r0GXGnvee8gP0Ke27QrQOIw7
FsH9Pf42MHFVBsIfG+0uuIIKoHj2551CbOeRf5t0CdM41bigH7sAFSO326PxdV+M
yhouYsYE94pJG82UgLEFHJN/V/vrKpPjszF4T2nUJs22M5VAcqqPSY22ilIAE615
bm89+RTxp3f3q3ukhKddRv7xCeHE41DfPkG27HmmIBP8AqVm0xA7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:49 2024 by rpki-client on console-ams.rpki-client.org