Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/S1ymfk4HDEYn1fGM1ljnepnH11g.roa
File: S1ymfk4HDEYn1fGM1ljnepnH11g.roa (raw, json)
Hash identifier: MbXphRFBKOrd2HI0X5F38dWOIQ38uGl0pRgHq9oglvc=
Subject key identifier: 4B:5C:A6:7E:4E:07:0C:46:27:D5:F1:8C:D6:58:E7:7A:99:C7:D7:58
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018BF60D3242D02DB834FC79CF178C1C8970
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/S1ymfk4HDEYn1fGM1ljnepnH11g.roa
Signing time: Wed 22 Nov 2023 08:02:21 +0000
ROA not before: Wed 22 Nov 2023 08:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 45.95.240.0/24 maxlen: 24
45.130.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:0d:32:42:d0:2d:b8:34:fc:79:cf:17:8c:1c:89:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 22 08:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5ca67e4e070c4627d5f18cd658e77a99c7d758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:98:aa:7c:47:7e:91:ce:63:23:d8:f6:f2:d4:
5a:1a:ff:35:39:c8:ac:d8:9f:c2:08:3d:91:17:1f:
2d:f3:1e:5d:87:20:37:c9:d1:2d:57:b4:35:06:85:
c1:79:d7:b9:c3:bc:49:6a:f7:6a:ae:c8:a8:28:d1:
d4:6a:08:9a:59:c8:07:03:e3:d0:79:16:9f:6d:26:
72:b1:22:77:a5:68:0d:be:69:5b:92:51:86:05:97:
2d:d0:86:2b:68:cf:76:b3:01:06:08:ec:ba:f1:c0:
1d:04:5a:d1:4f:73:34:74:f5:04:c9:7a:1a:ed:40:
78:41:2e:7f:73:5e:bb:4f:fa:c8:85:4d:f7:60:4a:
1f:16:01:62:dc:d9:df:37:28:b4:7d:d4:dd:39:ac:
96:a9:5f:a7:50:3c:39:53:50:87:98:4a:ba:77:5e:
68:9a:18:9d:99:2a:14:b6:de:e3:73:4b:a0:20:41:
b4:57:7d:86:06:8b:6b:7b:72:e7:57:be:54:d1:78:
5c:1e:40:fe:f9:74:46:3e:ff:e0:cc:73:77:54:40:
06:9b:3e:1f:7a:95:ac:c8:5f:a2:50:88:8c:fd:73:
42:85:74:ec:cc:06:f0:ff:22:21:a1:78:32:43:a8:
3d:a1:2b:13:2b:98:8d:d1:24:7a:9d:6f:7e:64:b4:
52:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5C:A6:7E:4E:07:0C:46:27:D5:F1:8C:D6:58:E7:7A:99:C7:D7:58
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/S1ymfk4HDEYn1fGM1ljnepnH11g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.240.0/24
45.130.142.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6c:76:e5:e5:85:c9:cf:1d:a4:29:57:ae:2b:09:94:01:38:
24:71:0e:65:67:3e:ea:2d:94:ee:e3:4e:87:9c:32:ff:aa:33:
7b:be:e4:c0:00:a8:21:bd:06:ca:15:bc:9f:24:9d:29:82:41:
6d:13:c2:38:cf:7e:96:44:d7:7f:e8:b5:17:e1:14:81:26:69:
62:dd:39:2f:30:09:e3:e4:f0:5a:f8:7e:4c:1e:6c:99:fe:b1:
34:8d:fe:bd:4f:41:2c:e6:9d:7f:07:9c:28:9a:e9:a9:c4:e4:
20:67:52:53:22:a1:60:ff:08:e5:f0:9e:b8:d0:f1:5d:50:d1:
16:3c:39:24:9e:91:26:4c:f6:3c:e0:f4:01:a3:ee:f3:92:cb:
29:8a:34:48:85:a6:41:48:c2:2d:6d:9f:fc:3f:60:c5:44:02:
23:33:f9:bc:5f:ae:aa:62:09:e1:f1:bd:7a:03:d4:6b:1e:1a:
77:ea:13:70:e8:12:56:35:ff:9f:59:b9:e8:c6:51:98:3b:de:
27:cc:0e:2d:42:4f:70:71:07:d3:80:e1:f3:f9:7f:b0:fb:fb:
6c:32:ea:f4:9d:db:04:fe:8a:3a:7a:27:03:d1:23:e3:8c:8d:
82:bd:d0:cf:29:a2:c8:87:58:da:5b:9c:73:fd:ba:8a:78:be:
73:56:a4:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv2DTJC0C24NPx5zxeMHIlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTIyMDgwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVjYTY3ZTRlMDcwYzQ2MjdkNWYxOGNkNjU4ZTc3YTk5YzdkNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopiqfEd+kc5jI9j28tRaGv81Ocis
2J/CCD2RFx8t8x5dhyA3ydEtV7Q1BoXBede5w7xJavdqrsioKNHUagiaWcgHA+PQ
eRafbSZysSJ3pWgNvmlbklGGBZct0IYraM92swEGCOy68cAdBFrRT3M0dPUEyXoa
7UB4QS5/c167T/rIhU33YEofFgFi3NnfNyi0fdTdOayWqV+nUDw5U1CHmEq6d15o
mhidmSoUtt7jc0ugIEG0V32GBotre3LnV75U0XhcHkD++XRGPv/gzHN3VEAGmz4f
epWsyF+iUIiM/XNChXTszAbw/yIhoXgyQ6g9oSsTK5iN0SR6nW9+ZLRSNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEtcpn5OBwxGJ9XxjNZY53qZx9dYMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUzF5bWZrNEhERVluMWZHTTFsam5lcG5IMTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV/wAwQA
LYKOMA0GCSqGSIb3DQEBCwUAA4IBAQBPbHbl5YXJzx2kKVeuKwmUATgkcQ5lZz7q
LZTu406HnDL/qjN7vuTAAKghvQbKFbyfJJ0pgkFtE8I4z36WRNd/6LUX4RSBJmli
3TkvMAnj5PBa+H5MHmyZ/rE0jf69T0Es5p1/B5womumpxOQgZ1JTIqFg/wjl8J64
0PFdUNEWPDkknpEmTPY84PQBo+7zksspijRIhaZBSMItbZ/8P2DFRAIjM/m8X66q
Ygnh8b16A9RrHhp36hNw6BJWNf+fWbnoxlGYO94nzA4tQk9wcQfTgOHz+X+w+/ts
Mur0ndsE/oo6eicD0SPjjI2CvdDPKaLIh1jaW5xz/bqKeL5zVqR1
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org