Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/hzW45pLka84LcklISgA3xx_5TUk.roa
File: hzW45pLka84LcklISgA3xx_5TUk.roa (raw, json)
Hash identifier: kYsRKX94dfXD7O29ut89a9JIMiwVqdOXwvedl+pOD1Q=
Subject key identifier: 87:35:B8:E6:92:E4:6B:CE:0B:72:49:48:4A:00:37:C7:1F:F9:4D:49
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0189B4258E01346ED32DE133354B3B402275
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/hzW45pLka84LcklISgA3xx_5TUk.roa
Signing time: Wed 02 Aug 2023 02:48:27 +0000
ROA not before: Wed 02 Aug 2023 02:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.246.37.0/24 maxlen: 24
194.247.44.0/24 maxlen: 24
45.149.166.0/24 maxlen: 24
45.149.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 00:26:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b4:25:8e:01:34:6e:d3:2d:e1:33:35:4b:3b:40:22:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Aug 2 02:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8735b8e692e46bce0b7249484a0037c71ff94d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:39:33:de:1f:e3:20:1e:ff:09:84:ac:bd:47:
da:19:77:ff:17:01:d9:66:dc:32:78:03:99:24:19:
48:13:d3:32:17:e2:ef:7a:68:60:ed:8f:b6:26:5d:
2a:e4:28:58:24:76:7d:17:06:1b:ff:3d:9f:2c:7e:
8e:83:55:f0:85:4f:a7:33:96:82:be:9b:d3:ea:df:
98:2d:00:39:5c:d4:e8:4d:e7:1a:67:ed:fb:0e:53:
42:b9:18:64:2e:c2:04:8d:90:c3:0d:22:a8:97:03:
18:a3:5b:86:2f:f4:32:89:9e:bb:19:72:2e:58:b0:
15:63:e6:cd:f5:bb:7f:18:e5:3c:bf:0d:62:75:6b:
c5:91:e1:be:9d:57:e7:26:5c:73:ca:0f:75:e2:a3:
20:51:ef:e2:69:8b:64:8c:7d:67:b2:11:1b:c2:9c:
a7:62:6d:6c:cb:b0:47:4d:3d:5c:09:1c:4d:93:2f:
2f:67:c1:fc:99:26:93:42:c6:56:55:f1:e3:71:d7:
15:99:67:f2:a3:38:04:27:50:3f:26:c6:8a:e1:68:
b0:bc:37:04:94:1d:ae:81:29:ad:e3:26:5a:92:ad:
a6:e1:fe:af:1c:61:88:ac:9e:f0:86:b5:88:94:45:
23:15:a9:fa:a6:34:9b:2c:a0:59:e7:43:37:25:45:
c0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:B8:E6:92:E4:6B:CE:0B:72:49:48:4A:00:37:C7:1F:F9:4D:49
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/hzW45pLka84LcklISgA3xx_5TUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
45.149.166.0/24
194.246.37.0/24
194.247.44.0/24
Signature Algorithm: sha256WithRSAEncryption
51:f4:1a:73:24:11:f1:2d:5c:3f:d4:3c:cd:26:ab:20:6d:54:
21:b4:14:5c:29:8a:ce:b8:7e:3a:83:cb:6d:6a:31:0f:24:21:
ca:8a:04:0f:c5:88:84:4d:b9:5d:95:ff:24:ba:d4:11:fd:07:
a0:81:8f:71:ba:02:79:d8:c6:61:4a:33:67:c0:da:74:f1:4b:
94:44:ef:ed:62:26:b5:af:31:8e:78:b6:97:d1:9f:b6:b8:b2:
12:a2:16:2b:6e:41:c0:c6:be:0c:86:95:13:74:63:a3:7b:31:
78:7c:85:0d:a3:ac:c2:36:a0:86:0b:47:18:6e:93:89:f6:b3:
20:41:53:10:b9:e4:9b:3b:1e:6d:24:1f:b6:56:87:ea:5d:4b:
47:f8:e0:3e:21:67:6d:89:61:e4:b3:fc:5c:cd:47:32:f3:b4:
92:5f:69:a9:1f:a7:07:4a:4b:02:5b:bf:d8:b0:46:65:f0:05:
60:05:f8:48:d0:57:58:14:cf:76:3d:81:47:4a:91:7d:07:b2:
48:5d:dc:ec:25:c7:31:be:75:b8:c5:f5:74:56:2d:e9:e8:59:
3c:be:3b:10:03:6f:8a:21:b4:ee:d0:2d:7a:27:32:db:76:75:
b2:1c:93:35:39:2b:9d:bb:2b:a1:4a:cd:79:82:0b:31:40:52:
7e:76:80:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm0JY4BNG7TLeEzNUs7QCJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjMwODAyMDI0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM1YjhlNjkyZTQ2YmNlMGI3MjQ5NDg0YTAwMzdjNzFmZjk0ZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Tkz3h/jIB7/CYSsvUfaGXf/FwHZ
ZtwyeAOZJBlIE9MyF+Lvemhg7Y+2Jl0q5ChYJHZ9FwYb/z2fLH6Og1XwhU+nM5aC
vpvT6t+YLQA5XNToTecaZ+37DlNCuRhkLsIEjZDDDSKolwMYo1uGL/QyiZ67GXIu
WLAVY+bN9bt/GOU8vw1idWvFkeG+nVfnJlxzyg914qMgUe/iaYtkjH1nshEbwpyn
Ym1sy7BHTT1cCRxNky8vZ8H8mSaTQsZWVfHjcdcVmWfyozgEJ1A/JsaK4WiwvDcE
lB2ugSmt4yZakq2m4f6vHGGIrJ7whrWIlEUjFan6pjSbLKBZ50M3JUXAXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIc1uOaS5GvOC3JJSEoAN8cf+U1JMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvaHpXNDVwTGthODRMY2tsSVNnQTN4eF81VFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZWkAwQA
LZWmAwQAwvYlAwQAwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQBR9BpzJBHxLVw/1DzN
JqsgbVQhtBRcKYrOuH46g8ttajEPJCHKigQPxYiETbldlf8kutQR/QeggY9xugJ5
2MZhSjNnwNp08UuURO/tYia1rzGOeLaX0Z+2uLISohYrbkHAxr4MhpUTdGOjezF4
fIUNo6zCNqCGC0cYbpOJ9rMgQVMQueSbOx5tJB+2VofqXUtH+OA+IWdtiWHks/xc
zUcy87SSX2mpH6cHSksCW7/YsEZl8AVgBfhI0FdYFM92PYFHSpF9B7JIXdzsJccx
vnW4xfV0Vi3p6Fk8vjsQA2+KIbTu0C16JzLbdnWyHJM1OSuduyuhSs15ggsxQFJ+
doBA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org