Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/rfiVvqeyqp9iBQZexZkPvqB1Mbk.roa
File: rfiVvqeyqp9iBQZexZkPvqB1Mbk.roa (raw, json)
Hash identifier: MoWBDHIP1CgtPPMKeN34O13NSKVr0wbIRuiRQqWrHz4=
Subject key identifier: AD:F8:95:BE:A7:B2:AA:9F:62:05:06:5E:C5:99:0F:BE:A0:75:31:B9
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 018F30D83B9832A5C855916CAAE0DA71A56C
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/rfiVvqeyqp9iBQZexZkPvqB1Mbk.roa
Signing time: Tue 30 Apr 2024 21:10:28 +0000
ROA not before: Tue 30 Apr 2024 21:10:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.158.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 18:52:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:d8:3b:98:32:a5:c8:55:91:6c:aa:e0:da:71:a5:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Apr 30 21:10:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adf895bea7b2aa9f6205065ec5990fbea07531b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:53:90:03:5f:6b:98:91:59:d2:6d:cc:ac:
da:81:5e:a0:e5:0b:a3:7c:c7:ba:76:a9:ca:18:57:
54:e2:90:dd:db:49:87:40:50:2d:4b:d9:3f:de:9a:
f4:87:38:74:d1:d9:b8:84:03:17:5b:52:51:3f:84:
d3:76:c0:e3:9b:09:5d:81:69:b3:05:c1:9d:95:93:
2f:4f:7d:27:e3:0e:19:63:da:4f:2d:a0:d2:4e:42:
54:73:47:77:cb:5e:d5:6a:59:a8:7a:fd:52:19:b7:
21:04:0b:2d:10:b4:31:26:7d:3c:81:0a:95:49:10:
60:73:ff:88:91:37:14:a9:57:95:66:4f:1b:cc:4a:
d2:1a:12:64:02:53:5b:64:65:44:d5:ab:69:c3:ec:
be:10:31:1b:44:aa:5e:85:23:65:99:b4:62:0b:4f:
50:62:fc:e6:59:07:e3:96:04:83:63:b4:fb:78:9e:
dc:b5:fe:cf:71:85:49:fb:a5:c4:82:47:bc:b5:1b:
66:ab:bd:3f:66:02:f1:4b:66:c0:9b:14:bb:09:13:
44:b4:34:33:84:17:20:b2:21:ec:5f:e8:57:28:f3:
eb:bb:48:5d:d6:6b:3c:7d:b2:e8:56:a3:d1:61:b8:
43:5c:75:bf:6a:3a:0c:cd:ac:a2:da:8a:f0:3a:0d:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F8:95:BE:A7:B2:AA:9F:62:05:06:5E:C5:99:0F:BE:A0:75:31:B9
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/rfiVvqeyqp9iBQZexZkPvqB1Mbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.125.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1d:48:54:74:c7:f5:0f:b8:f2:1f:b6:cd:58:9c:e0:36:39:
37:e3:20:b2:74:2a:ba:33:7a:9f:d4:74:a0:90:ed:cb:7e:5b:
2a:63:48:c7:80:aa:3c:15:43:e5:3b:0b:53:58:fc:3f:75:13:
5e:f2:af:61:5f:16:a7:c4:6c:0a:db:7c:58:7a:de:f4:e5:e4:
e0:19:ad:d2:a6:f7:45:cb:a9:ae:aa:be:50:a4:3e:e5:97:4a:
33:e5:11:3d:ab:cd:6b:0a:28:c7:dc:ad:78:22:6f:ae:84:85:
bc:c1:c7:a3:30:9f:50:35:fe:51:48:b6:d5:e4:8d:2f:ff:6f:
bc:2d:e2:ea:29:c4:1c:b4:c5:2c:a2:6b:cb:8a:69:38:a8:1b:
64:30:61:60:f7:ac:01:bc:d5:0e:84:97:10:62:0a:cb:19:c1:
f7:37:79:8d:ae:54:bd:af:f4:62:19:85:34:9f:2a:cc:4a:47:
7e:35:a1:6b:e1:63:2e:af:e1:1d:2a:3c:dc:38:03:99:ae:d4:
35:40:9c:6a:e8:88:74:b2:8f:ea:6d:32:3d:df:7c:e4:ae:57:
83:9f:d1:c3:70:a6:fb:5a:e6:ec:16:3e:08:ca:66:fa:fe:92:
95:dc:97:16:5a:6e:52:60:0a:a7:70:9f:60:46:36:0b:21:e6:
7e:f5:33:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8w2DuYMqXIVZFsquDacaVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjQwNDMwMjExMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY4OTViZWE3YjJhYTlmNjIwNTA2NWVjNTk5MGZiZWEwNzUzMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBpTkANfa5iRWdJtzKzagV6g5Quj
fMe6dqnKGFdU4pDd20mHQFAtS9k/3pr0hzh00dm4hAMXW1JRP4TTdsDjmwldgWmz
BcGdlZMvT30n4w4ZY9pPLaDSTkJUc0d3y17Valmoev1SGbchBAstELQxJn08gQqV
SRBgc/+IkTcUqVeVZk8bzErSGhJkAlNbZGVE1atpw+y+EDEbRKpehSNlmbRiC09Q
YvzmWQfjlgSDY7T7eJ7ctf7PcYVJ+6XEgke8tRtmq70/ZgLxS2bAmxS7CRNEtDQz
hBcgsiHsX+hXKPPru0hd1ms8fbLoVqPRYbhDXHW/ajoMzayi2orwOg3ftQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK34lb6nsqqfYgUGXsWZD76gdTG5MB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvcmZpVnZxZXlxcDlpQlFaZXhaa1B2cUIxTWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ59MA0G
CSqGSIb3DQEBCwUAA4IBAQB4HUhUdMf1D7jyH7bNWJzgNjk34yCydCq6M3qf1HSg
kO3LflsqY0jHgKo8FUPlOwtTWPw/dRNe8q9hXxanxGwK23xYet705eTgGa3SpvdF
y6muqr5QpD7ll0oz5RE9q81rCijH3K14Im+uhIW8wcejMJ9QNf5RSLbV5I0v/2+8
LeLqKcQctMUsomvLimk4qBtkMGFg96wBvNUOhJcQYgrLGcH3N3mNrlS9r/RiGYU0
nyrMSkd+NaFr4WMur+EdKjzcOAOZrtQ1QJxq6Ih0so/qbTI933zkrleDn9HDcKb7
WubsFj4Iymb6/pKV3JcWWm5SYAqncJ9gRjYLIeZ+9TPM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org