Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oxt4XQUYZNF7ZyIvc-jUyheVRp4.roa
File: oxt4XQUYZNF7ZyIvc-jUyheVRp4.roa (raw, json)
Hash identifier: vuSYMMNMUjdW4Ku+D4EkuNUwcwAhjDaP8abHPEXa/Fs=
Subject key identifier: A3:1B:78:5D:05:18:64:D1:7B:67:22:2F:73:E8:D4:CA:17:95:46:9E
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 01878E758D0E8107AE2B830B45FFD55FF681
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oxt4XQUYZNF7ZyIvc-jUyheVRp4.roa
Signing time: Mon 17 Apr 2023 09:04:41 +0000
ROA not before: Mon 17 Apr 2023 09:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.246.37.0/24 maxlen: 24
45.143.160.0/24 maxlen: 24
45.149.166.0/24 maxlen: 24
45.149.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Apr 2023 08:14:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:75:8d:0e:81:07:ae:2b:83:0b:45:ff:d5:5f:f6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Apr 17 09:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a31b785d051864d17b67222f73e8d4ca1795469e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:a1:b9:f0:39:30:00:25:39:b8:34:96:14:
88:c3:9c:02:48:d3:61:2f:38:7e:7b:2b:14:c8:43:
db:e7:71:7b:c3:6b:ca:f8:0f:72:c1:61:b9:73:a2:
70:8d:da:8b:86:e7:b5:ee:e2:cb:08:c6:9b:4f:c5:
83:8a:2f:0b:ca:4e:e2:cb:7a:71:ea:53:04:4e:47:
de:55:40:af:60:4e:f3:1a:14:63:99:71:8f:69:81:
26:fb:d7:96:77:54:b5:95:78:91:d1:72:c0:fa:da:
23:09:28:a7:b3:27:b2:db:de:60:7d:39:91:c5:6b:
b3:54:0c:17:15:ad:0e:b4:87:7d:da:73:37:14:cd:
e3:bd:69:b7:42:b7:67:b4:36:49:62:24:15:4f:c9:
c8:10:d5:62:d2:31:9c:e3:10:2c:9a:2d:8e:e3:f1:
9f:91:8b:c1:35:4a:ce:c5:c6:ee:f8:bd:5e:de:b4:
9e:e6:a3:14:e1:b7:be:98:44:76:f5:1c:68:5c:f8:
ef:d6:d2:9c:c5:c8:d1:a3:e1:ee:c7:c6:57:eb:df:
cd:24:57:3a:90:40:0b:31:30:11:fb:bd:eb:d5:16:
0f:d1:03:11:e9:b9:59:fe:0a:40:65:c7:50:00:a5:
3e:49:23:1a:1e:bf:25:2a:4e:d3:a9:f4:a3:e1:c2:
5c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1B:78:5D:05:18:64:D1:7B:67:22:2F:73:E8:D4:CA:17:95:46:9E
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/oxt4XQUYZNF7ZyIvc-jUyheVRp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.160.0/24
45.149.164.0/24
45.149.166.0/24
194.246.37.0/24
Signature Algorithm: sha256WithRSAEncryption
36:49:40:f7:5b:20:a6:91:04:1b:84:b3:c8:31:f2:4f:7c:50:
60:44:15:fa:1c:73:17:8b:cd:f3:86:6d:a2:bd:50:28:40:8b:
e8:2d:ae:3b:81:53:b5:61:a3:fc:d3:05:18:5f:67:e5:a0:a4:
2c:89:78:b8:38:eb:b0:66:bc:b9:dd:f2:31:7d:f0:b8:38:ac:
3f:9b:c1:eb:a1:6a:24:02:89:af:25:71:b3:b0:99:44:a8:fc:
85:97:ef:c5:04:72:66:04:6c:d2:bd:c1:3a:aa:31:27:76:90:
63:53:ac:49:4e:1a:2b:0a:1b:71:a2:c9:39:dd:e4:4c:d8:ab:
a7:89:9c:da:9e:33:bc:ad:d1:df:57:24:78:71:7e:56:28:82:
26:79:ac:8c:59:24:c1:21:af:d5:67:cd:d5:a8:a7:f7:c1:11:
1c:a3:2f:94:6a:33:b8:a9:7b:5f:18:0f:bf:ae:92:bb:0e:24:
6c:94:58:73:80:9d:69:ce:68:79:36:9b:73:0a:0c:23:4c:7e:
ff:81:c8:b9:6a:c5:65:7e:b3:57:e7:1f:3f:57:12:6e:1b:08:
8c:1d:77:d4:a5:b9:03:06:58:65:46:eb:35:8e:13:9d:78:86:
69:df:5d:e8:08:dd:f8:d5:d0:d4:bd:d2:54:e7:61:7a:f3:03:
ef:d9:59:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeOdY0OgQeuK4MLRf/VX/aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjMwNDE3MDkwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFiNzg1ZDA1MTg2NGQxN2I2NzIyMmY3M2U4ZDRjYTE3OTU0NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRWhufA5MAAlObg0lhSIw5wCSNNh
Lzh+eysUyEPb53F7w2vK+A9ywWG5c6JwjdqLhue17uLLCMabT8WDii8Lyk7iy3px
6lMETkfeVUCvYE7zGhRjmXGPaYEm+9eWd1S1lXiR0XLA+tojCSinsyey295gfTmR
xWuzVAwXFa0OtId92nM3FM3jvWm3QrdntDZJYiQVT8nIENVi0jGc4xAsmi2O4/Gf
kYvBNUrOxcbu+L1e3rSe5qMU4be+mER29RxoXPjv1tKcxcjRo+Hux8ZX69/NJFc6
kEALMTAR+73r1RYP0QMR6blZ/gpAZcdQAKU+SSMaHr8lKk7TqfSj4cJcbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKMbeF0FGGTRe2ciL3Po1MoXlUaeMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvb3h0NFhRVVlaTkY3WnlJdmMtalV5aGVWUnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY+gAwQA
LZWkAwQALZWmAwQAwvYlMA0GCSqGSIb3DQEBCwUAA4IBAQA2SUD3WyCmkQQbhLPI
MfJPfFBgRBX6HHMXi83zhm2ivVAoQIvoLa47gVO1YaP80wUYX2floKQsiXi4OOuw
Zry53fIxffC4OKw/m8HroWokAomvJXGzsJlEqPyFl+/FBHJmBGzSvcE6qjEndpBj
U6xJThorChtxosk53eRM2KuniZzanjO8rdHfVyR4cX5WKIImeayMWSTBIa/VZ83V
qKf3wREcoy+UajO4qXtfGA+/rpK7DiRslFhzgJ1pzmh5NptzCgwjTH7/gci5asVl
frNX5x8/VxJuGwiMHXfUpbkDBlhlRus1jhOdeIZp313oCN341dDUvdJU52F68wPv
2Vne
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org