Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o1-i7WN05PCp8wYez1ZUO91phPs.roa
File: o1-i7WN05PCp8wYez1ZUO91phPs.roa (raw, json)
Hash identifier: QnOblNtwfPfG3NkuIjwxZXRfmz/iIEtFEXlLYjoQHwo=
Subject key identifier: A3:5F:A2:ED:63:74:E4:F0:A9:F3:06:1E:CF:56:54:3B:DD:69:84:FB
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018CC5DC1168AECBD394074FB56E56538AB3
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o1-i7WN05PCp8wYez1ZUO91phPs.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/24 maxlen: 24
45.143.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 04:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:11:68:ae:cb:d3:94:07:4f:b5:6e:56:53:8a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a35fa2ed6374e4f0a9f3061ecf56543bdd6984fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:56:9e:1a:15:3d:19:c4:04:4a:eb:d1:86:3f:
b7:ed:b5:ee:35:64:5f:99:df:5d:40:0a:90:22:a0:
0b:4b:05:dc:11:9e:d5:65:72:85:22:b6:da:ab:19:
c7:43:05:86:30:59:ab:2e:16:77:cc:ac:a1:95:38:
23:45:94:df:ac:f2:c0:79:c0:5b:2b:37:77:8e:07:
9e:ff:72:f8:e5:ef:fc:0b:fc:ae:cb:11:be:c7:93:
ce:1b:6b:cf:5e:be:f2:7d:50:ab:ec:70:02:a8:66:
20:b1:80:a0:a0:6a:72:e7:76:eb:f0:5a:2d:ae:ce:
a2:4d:76:c7:52:2e:24:a5:f4:b5:05:2d:20:6f:04:
20:16:c8:3f:24:da:d9:05:71:bc:52:91:8d:ed:e2:
b5:65:b0:45:44:67:d3:ca:ee:ff:41:33:69:21:71:
7b:d3:c9:52:77:c4:0a:7a:5f:87:8c:34:1a:7f:3f:
e1:0b:cd:f9:34:bf:78:1c:6f:fd:a2:4f:5a:8f:85:
39:6d:ee:76:e0:a1:08:8d:8e:1c:e8:85:38:fa:cd:
b2:0a:7c:1f:d6:35:c9:ae:c9:28:ce:6d:cc:ca:26:
c8:a6:ef:e6:61:d2:78:7b:23:6c:c7:2f:b3:1e:11:
23:28:1d:cb:98:dc:c3:d2:23:f6:2e:df:01:09:40:
98:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5F:A2:ED:63:74:E4:F0:A9:F3:06:1E:CF:56:54:3B:DD:69:84:FB
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/o1-i7WN05PCp8wYez1ZUO91phPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.161.0/24
194.246.36.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:03:5e:13:df:94:70:64:4f:95:9d:0c:ab:e0:78:8d:3c:f5:
36:cf:2f:d7:ae:46:11:82:ea:7b:b5:35:a1:96:1f:eb:8d:60:
4b:b0:08:7d:ba:0f:e4:51:a0:d9:79:50:2f:ee:d0:1c:94:85:
3f:36:15:58:67:63:2f:a9:e2:58:13:a7:7d:f3:bc:54:f0:ed:
86:72:ea:8d:b3:97:9f:dd:6b:18:3b:7f:4b:2f:ca:0d:6e:6f:
0f:b8:5d:a1:61:a4:6e:50:18:b3:dd:4b:a4:33:1b:b9:08:8f:
bc:d2:70:ad:d7:5c:53:f6:e0:5b:77:21:34:03:5a:32:ca:ab:
1f:3f:72:5d:1c:42:2a:ab:be:83:21:b6:da:5b:15:4e:4b:98:
18:31:93:e2:77:c9:33:70:54:ad:98:48:08:e1:67:2c:80:9b:
f9:47:f4:fd:df:bb:d0:4e:15:fc:fe:81:92:25:05:d2:9a:04:
6f:30:95:d4:8e:f9:16:ba:59:90:91:53:fb:c6:7a:17:99:06:
fd:a3:44:9b:dd:b6:b9:60:0c:b1:dc:6a:87:13:4e:f0:75:09:
93:38:5e:92:f1:5e:d1:89:92:2d:75:c1:22:b2:05:b0:4e:ec:
62:a6:bd:30:a4:01:2d:b2:b2:46:cf:8e:4d:68:64:37:2a:0b:
75:df:8b:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3BForsvTlAdPtW5WU4qzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVmYTJlZDYzNzRlNGYwYTlmMzA2MWVjZjU2NTQzYmRkNjk4NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1aeGhU9GcQESuvRhj+37bXuNWRf
md9dQAqQIqALSwXcEZ7VZXKFIrbaqxnHQwWGMFmrLhZ3zKyhlTgjRZTfrPLAecBb
Kzd3jgee/3L45e/8C/yuyxG+x5POG2vPXr7yfVCr7HACqGYgsYCgoGpy53br8Fot
rs6iTXbHUi4kpfS1BS0gbwQgFsg/JNrZBXG8UpGN7eK1ZbBFRGfTyu7/QTNpIXF7
08lSd8QKel+HjDQafz/hC835NL94HG/9ok9aj4U5be524KEIjY4c6IU4+s2yCnwf
1jXJrskozm3MyibIpu/mYdJ4eyNsxy+zHhEjKB3LmNzD0iP2Lt8BCUCYXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNfou1jdOTwqfMGHs9WVDvdaYT7MB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvbzEtaTdXTjA1UENwOHdZZXoxWlVPOTFwaFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY+hAwQA
wvYkMA0GCSqGSIb3DQEBCwUAA4IBAQBrA14T35RwZE+VnQyr4HiNPPU2zy/XrkYR
gup7tTWhlh/rjWBLsAh9ug/kUaDZeVAv7tAclIU/NhVYZ2MvqeJYE6d987xU8O2G
cuqNs5ef3WsYO39LL8oNbm8PuF2hYaRuUBiz3UukMxu5CI+80nCt11xT9uBbdyE0
A1oyyqsfP3JdHEIqq76DIbbaWxVOS5gYMZPid8kzcFStmEgI4WcsgJv5R/T937vQ
ThX8/oGSJQXSmgRvMJXUjvkWulmQkVP7xnoXmQb9o0Sb3ba5YAyx3GqHE07wdQmT
OF6S8V7RiZItdcEisgWwTuxipr0wpAEtsrJGz45NaGQ3Kgt134uU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org