Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/sy536VbLnxX87GfzBtEo2g0KGNg.roa
File: sy536VbLnxX87GfzBtEo2g0KGNg.roa (raw, json)
Hash identifier: 1PoxSu3EuBfUIU80w4yp7RHQ/di6QHTRjIEbBwADraA=
Subject key identifier: B3:2E:77:E9:56:CB:9F:15:FC:EC:67:F3:06:D1:28:DA:0D:0A:18:D8
Certificate issuer: /CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Certificate serial: 018CD945A10A35D9814009D7C73B2793A586
Authority key identifier: 7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/sy536VbLnxX87GfzBtEo2g0KGNg.roa
Signing time: Fri 05 Jan 2024 10:57:48 +0000
ROA not before: Fri 05 Jan 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.158.127.0/24 maxlen: 24
45.158.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 18:52:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:45:a1:0a:35:d9:81:40:09:d7:c7:3b:27:93:a5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f515ead095eed9ac4cabc5ab4ad0b5867d9f01b
Validity
Not Before: Jan 5 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b32e77e956cb9f15fcec67f306d128da0d0a18d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b9:c2:37:46:f3:ef:7f:d7:db:96:60:d9:e1:
b1:58:49:5f:dd:2a:ca:0d:80:b8:04:9d:16:1a:b3:
ae:84:b5:71:39:30:6a:4f:cb:b7:f0:ef:04:2d:33:
92:a8:ed:06:5e:19:71:ac:05:22:b2:0e:69:03:80:
9d:05:1b:61:fd:8b:a0:3f:18:3e:38:02:60:f6:e5:
fd:aa:17:81:f5:ad:06:e3:5e:d0:f8:2b:dd:b4:32:
f4:a0:84:62:c1:70:73:31:22:64:28:39:83:73:a0:
1c:6b:bb:4f:fc:c0:f8:72:a7:31:53:ab:4d:aa:9c:
01:8d:47:2a:ed:a9:42:c2:5b:6c:43:e7:40:b7:06:
c9:29:90:f5:3c:6b:d2:f2:71:57:64:4d:26:c4:d9:
c5:a5:c1:7a:65:61:8e:e8:b1:94:4a:64:c9:84:73:
72:be:64:87:04:a0:97:61:f0:81:f0:44:02:7f:87:
f8:11:f0:15:62:d3:5f:3e:06:46:93:d5:69:1b:95:
c5:84:35:40:ea:1a:3c:52:21:b0:2a:cf:54:9e:c7:
3a:76:2d:94:74:23:9f:1a:67:36:a9:ff:6b:db:4e:
c5:e0:2f:2a:cd:08:8b:6f:5c:ab:71:11:3b:38:d7:
82:87:af:e2:61:4a:67:4c:ad:b6:20:88:ad:85:d0:
31:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2E:77:E9:56:CB:9F:15:FC:EC:67:F3:06:D1:28:DA:0D:0A:18:D8
X509v3 Authority Key Identifier:
keyid:7F:51:5E:AD:09:5E:ED:9A:C4:CA:BC:5A:B4:AD:0B:58:67:D9:F0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1FerQle7ZrEyrxatK0LWGfZ8Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/sy536VbLnxX87GfzBtEo2g0KGNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5c2a59-6025-400e-ab28-f0a624d40912/1/f1FerQle7ZrEyrxatK0LWGfZ8Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.126.0/23
Signature Algorithm: sha256WithRSAEncryption
84:40:ad:d0:0c:19:08:76:a4:a6:ba:ca:84:f2:91:20:a1:2b:
63:53:8f:c1:7d:7b:23:9c:e5:c2:b3:07:34:2f:24:3d:d7:b0:
f3:8e:51:50:6b:54:f6:7d:a3:81:c6:33:f2:72:23:8a:59:99:
ae:4f:ab:75:e9:6e:31:2d:9b:70:5e:1e:64:d9:d1:b8:de:91:
b3:ff:1b:44:51:1f:e2:d1:92:6b:96:13:96:32:ed:42:1a:cd:
ce:4d:26:64:bf:fe:7a:c3:cf:1a:c3:ff:5e:9c:26:0f:22:1d:
50:35:93:ec:fd:46:bd:29:62:3c:c5:82:85:c5:bd:d8:8d:22:
5b:a1:25:4a:7e:fd:fd:24:60:65:29:8a:2b:96:dc:01:97:9b:
3d:4c:f0:10:ca:c8:ac:ef:3a:e5:c5:25:9e:90:50:bf:a1:76:
49:ce:f3:b4:f2:05:38:1f:5d:29:82:75:16:d1:70:62:be:c8:
27:e1:9c:fc:d0:bb:e6:18:89:36:df:b6:10:04:be:f6:e2:12:
bd:fb:d0:7c:e2:0f:e4:41:fc:56:db:66:ae:ce:43:1d:77:02:
8b:7d:fa:26:87:17:9e:e6:39:23:4c:6c:a9:61:41:fd:5c:42:
cc:34:d2:ca:04:c9:28:bf:da:82:2a:5a:0f:a9:29:23:c5:ee:
af:7f:37:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzZRaEKNdmBQAnXxzsnk6WGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTE1ZWFkMDk1ZWVkOWFjNGNhYmM1YWI0YWQwYjU4Njdk
OWYwMWIwHhcNMjQwMTA1MTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJlNzdlOTU2Y2I5ZjE1ZmNlYzY3ZjMwNmQxMjhkYTBkMGExOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLnCN0bz73/X25Zg2eGxWElf3SrK
DYC4BJ0WGrOuhLVxOTBqT8u38O8ELTOSqO0GXhlxrAUisg5pA4CdBRth/YugPxg+
OAJg9uX9qheB9a0G417Q+CvdtDL0oIRiwXBzMSJkKDmDc6Aca7tP/MD4cqcxU6tN
qpwBjUcq7alCwltsQ+dAtwbJKZD1PGvS8nFXZE0mxNnFpcF6ZWGO6LGUSmTJhHNy
vmSHBKCXYfCB8EQCf4f4EfAVYtNfPgZGk9VpG5XFhDVA6ho8UiGwKs9Unsc6di2U
dCOfGmc2qf9r207F4C8qzQiLb1yrcRE7ONeCh6/iYUpnTK22IIithdAxGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMud+lWy58V/Oxn8wbRKNoNChjYMB8GA1UdIwQY
MBaAFH9RXq0JXu2axMq8WrStC1hn2fAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgt
ZjBhNjI0ZDQwOTEyLzEvc3k1MzZWYkxueFg4N0dmekJ0RW8yZzBLR05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81YzJhNTktNjAyNS00MDBlLWFiMjgtZjBhNjI0ZDQwOTEy
LzEvZjFGZXJRbGU3WnJFeXJ4YXRLMExXR2ZaOEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ5+MA0G
CSqGSIb3DQEBCwUAA4IBAQCEQK3QDBkIdqSmusqE8pEgoStjU4/BfXsjnOXCswc0
LyQ917DzjlFQa1T2faOBxjPyciOKWZmuT6t16W4xLZtwXh5k2dG43pGz/xtEUR/i
0ZJrlhOWMu1CGs3OTSZkv/56w88aw/9enCYPIh1QNZPs/Ua9KWI8xYKFxb3YjSJb
oSVKfv39JGBlKYorltwBl5s9TPAQysis7zrlxSWekFC/oXZJzvO08gU4H10pgnUW
0XBivsgn4Zz80LvmGIk237YQBL724hK9+9B84g/kQfxW22auzkMddwKLffomhxee
5jkjTGypYUH9XELMNNLKBMkov9qCKloPqSkjxe6vfzcR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:45 2024 by rpki-client on console-fra.rpki-client.org