Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8zHOcL4POoZCQjLtI3D6GiHFmpo.roa
File: 8zHOcL4POoZCQjLtI3D6GiHFmpo.roa (raw, json)
Hash identifier: mntjX8QrfCuGiAY9croBIrNfqw+ykjDFCcfUNsy6gIY=
Subject key identifier: F3:31:CE:70:BE:0F:3A:86:42:42:32:ED:23:70:FA:1A:21:C5:9A:9A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01902FBD9F26E438AEE248DF0777680B24DF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8zHOcL4POoZCQjLtI3D6GiHFmpo.roa
Signing time: Wed 19 Jun 2024 09:04:34 +0000
ROA not before: Wed 19 Jun 2024 09:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.95.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 05:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2f:bd:9f:26:e4:38:ae:e2:48:df:07:77:68:0b:24:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 19 09:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f331ce70be0f3a86424232ed2370fa1a21c59a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:35:81:09:36:32:3a:2f:e6:30:d8:bb:2c:eb:
21:0c:be:b9:29:f7:7e:bb:23:66:f3:a3:c4:f3:9b:
34:bc:12:ea:33:b7:31:3e:e1:88:20:79:d9:75:ef:
d9:b3:57:14:49:6e:e7:28:fb:ff:94:58:88:c9:af:
5c:67:85:f8:88:8b:97:24:0c:9c:a3:e5:73:6d:60:
41:ab:33:86:bb:7e:99:8e:42:f3:9c:7c:a5:5d:82:
9a:32:08:d0:a1:dc:53:98:40:29:05:85:89:c4:51:
9e:24:0d:a7:f0:ce:a8:8c:3a:92:c4:93:20:f4:cb:
46:21:a5:a9:ae:d0:55:2e:b5:b6:70:4e:8f:c9:ef:
3b:35:70:cb:b2:1c:ec:08:a1:9c:12:d0:e1:93:55:
d1:3a:fc:44:71:4b:0d:f3:be:b1:cf:1f:da:42:5b:
57:31:27:d6:c0:f0:b4:ec:05:fa:2e:11:ce:7d:12:
63:29:06:e8:f3:c4:39:d3:c6:70:3f:aa:83:7e:5b:
4f:dd:7b:25:80:14:be:08:f0:1c:08:96:20:23:e2:
9d:dd:0f:b1:39:22:51:99:d3:8d:e4:3a:cc:c2:34:
31:63:15:6a:f1:70:e7:79:9f:ac:fd:eb:1a:b9:08:
c9:6a:21:51:fe:15:0c:43:e4:73:fb:e6:7c:3c:92:
89:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:31:CE:70:BE:0F:3A:86:42:42:32:ED:23:70:FA:1A:21:C5:9A:9A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8zHOcL4POoZCQjLtI3D6GiHFmpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.243.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ac:e5:91:b2:77:0a:57:cd:ee:fa:80:a9:ff:c0:77:da:3c:
cd:54:e6:d6:fe:30:ae:cd:a7:c8:69:c9:ec:c1:65:d0:e0:18:
24:50:13:83:63:aa:71:78:ae:ec:e7:3d:5a:71:ad:ff:51:50:
c5:a1:08:7d:d1:6a:be:61:a7:6a:64:0f:63:06:15:bd:ba:b8:
71:97:16:cb:2b:38:59:b6:0c:08:54:2e:d8:81:3b:c1:86:36:
9a:35:9b:a4:6b:07:c7:e0:e1:04:48:4d:b1:b6:cf:af:0b:f2:
9a:5f:09:57:97:3e:e8:7b:33:e9:56:05:30:f0:e8:24:6c:54:
47:06:9f:31:3e:92:77:66:f5:5c:c2:19:e6:f7:cb:1b:ed:71:
42:69:7e:71:22:c7:9b:93:4b:d3:d9:86:17:ae:12:ca:9c:0f:
45:cf:26:81:c6:18:fb:28:e1:79:7d:a2:5c:d4:40:f1:4d:0c:
ba:1f:1f:3c:66:e9:96:81:63:f1:23:a9:3a:95:39:eb:7d:e7:
f4:40:a5:3e:57:24:23:5a:5e:ed:93:3b:69:ce:57:f0:cd:a4:
61:a9:90:68:c1:4b:b6:19:01:59:9c:aa:88:90:34:27:aa:d2:
01:91:52:91:23:a7:da:73:9a:da:ec:90:ff:7a:dc:0a:59:d6:
20:99:32:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAvvZ8m5Diu4kjfB3doCyTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNjE5MDkwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzMxY2U3MGJlMGYzYTg2NDI0MjMyZWQyMzcwZmExYTIxYzU5YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzWBCTYyOi/mMNi7LOshDL65Kfd+
uyNm86PE85s0vBLqM7cxPuGIIHnZde/Zs1cUSW7nKPv/lFiIya9cZ4X4iIuXJAyc
o+VzbWBBqzOGu36ZjkLznHylXYKaMgjQodxTmEApBYWJxFGeJA2n8M6ojDqSxJMg
9MtGIaWprtBVLrW2cE6Pye87NXDLshzsCKGcEtDhk1XROvxEcUsN876xzx/aQltX
MSfWwPC07AX6LhHOfRJjKQbo88Q508ZwP6qDfltP3XslgBS+CPAcCJYgI+Kd3Q+x
OSJRmdON5DrMwjQxYxVq8XDneZ+s/esauQjJaiFR/hUMQ+Rz++Z8PJKJXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMxznC+DzqGQkIy7SNw+hohxZqaMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOHpIT2NMNFBPb1pDUWpMdEkzRDZHaUhGbXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/zMA0G
CSqGSIb3DQEBCwUAA4IBAQBxrOWRsncKV83u+oCp/8B32jzNVObW/jCuzafIacns
wWXQ4BgkUBODY6pxeK7s5z1aca3/UVDFoQh90Wq+YadqZA9jBhW9urhxlxbLKzhZ
tgwIVC7YgTvBhjaaNZukawfH4OEESE2xts+vC/KaXwlXlz7oezPpVgUw8OgkbFRH
Bp8xPpJ3ZvVcwhnm98sb7XFCaX5xIsebk0vT2YYXrhLKnA9FzyaBxhj7KOF5faJc
1EDxTQy6Hx88ZumWgWPxI6k6lTnrfef0QKU+VyQjWl7tkztpzlfwzaRhqZBowUu2
GQFZnKqIkDQnqtIBkVKRI6fac5ra7JD/etwKWdYgmTJ9
-----END CERTIFICATE-----
Generated at Thu Jun 27 07:00:52 2024 by rpki-client on console-fra.rpki-client.org