Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1MXbMYmmASrYWCn7N5ZA7Z-JVYI.roa
File: 1MXbMYmmASrYWCn7N5ZA7Z-JVYI.roa (raw, json)
Hash identifier: eSLo8o+a3HGWw92EjtMkrKH6xY6H6rx53uIoO18qD58=
Subject key identifier: D4:C5:DB:31:89:A6:01:2A:D8:58:29:FB:37:96:40:ED:9F:89:55:82
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 01856D78A4FAA0BE3B747380EEBC7CD49AF1
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1MXbMYmmASrYWCn7N5ZA7Z-JVYI.roa
Signing time: Sun 01 Jan 2023 13:15:01 +0000
ROA not before: Sun 01 Jan 2023 13:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46261
IP address blocks: 45.153.239.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 14:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a4:fa:a0:be:3b:74:73:80:ee:bc:7c:d4:9a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 13:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4c5db3189a6012ad85829fb379640ed9f895582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:32:a7:47:a8:84:c9:36:e1:e5:40:a0:ec:8f:
4e:5e:a0:6a:d2:08:5a:90:45:d3:80:33:6c:83:ee:
71:e4:20:26:a5:95:88:cb:92:7d:93:d2:1e:14:ca:
d7:eb:41:82:b9:c7:bc:3b:f3:cf:53:ae:90:de:04:
fa:6e:49:68:54:1a:66:92:a6:ef:93:80:70:9d:c9:
76:70:94:12:d7:2a:68:d7:73:1f:7e:ec:15:03:9d:
e4:aa:c1:2f:79:4f:95:c6:83:6b:19:62:4c:b3:04:
48:ce:66:4d:71:cf:3d:27:33:dd:9b:13:c2:c5:a2:
bf:fc:9b:29:bf:3a:5d:3c:8d:b6:3d:bd:49:c3:b1:
04:cd:e1:83:e7:b4:d7:d1:22:79:ea:97:cb:ed:31:
73:93:d7:6e:ad:fa:08:5e:e1:dd:63:54:de:e4:f3:
57:40:81:03:90:6d:53:04:ef:6f:b9:e3:16:8f:c0:
9e:1e:f8:94:b1:1f:5e:8b:3c:fd:d8:36:67:3c:ee:
e5:46:9e:34:cf:63:95:4a:e6:d4:e8:cb:c9:2f:60:
91:aa:9d:33:d1:2e:af:cc:3f:1d:64:fd:63:fc:55:
40:86:59:5f:84:ae:a1:cd:e0:66:12:21:3f:b4:0e:
c7:df:b2:2d:50:5f:a1:56:50:a0:7e:32:26:2f:a9:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C5:DB:31:89:A6:01:2A:D8:58:29:FB:37:96:40:ED:9F:89:55:82
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/1MXbMYmmASrYWCn7N5ZA7Z-JVYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.239.0/24
171.22.189.0/24
Signature Algorithm: sha256WithRSAEncryption
22:bf:79:09:1d:22:40:15:2d:5f:f6:ca:0d:a3:1a:52:a4:4a:
98:37:8c:08:69:13:fc:3c:c9:8b:2d:4e:0b:d1:92:e8:be:5b:
e5:d2:f6:95:2c:b1:fd:dc:d7:0f:ae:d6:3c:e1:2f:96:bd:23:
39:fb:e6:22:6a:31:aa:81:40:ae:24:44:db:74:51:f4:82:e4:
3c:3a:35:5d:09:a8:a1:11:b7:e8:5d:36:35:76:9f:76:ea:ca:
8b:a7:4e:7c:85:17:19:16:68:18:2a:f2:7b:68:f0:c4:62:08:
02:a7:ff:1a:20:e6:b0:64:69:18:49:10:20:0d:35:9b:98:c5:
52:09:92:a6:4f:79:80:5b:8f:e9:a6:8a:15:75:7b:7d:e4:46:
a9:38:4e:31:f2:d6:83:73:f4:f5:1e:b1:56:a8:9b:41:07:ab:
65:18:85:f2:e7:99:e9:a6:09:dc:33:4f:1a:50:7f:88:56:2d:
39:24:d0:33:c7:3f:9d:92:28:b8:96:c9:74:af:fd:c8:98:96:
11:77:4c:ad:30:5e:93:6b:48:da:53:8d:9a:91:8f:9f:8d:af:
06:8b:1f:66:02:81:e0:51:88:e9:ac:4f:97:bf:c5:0a:ad:17:
1f:84:05:ee:de:d2:d6:89:ba:2f:b7:0b:ba:66:9a:c4:89:3b:
15:34:68:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVteKT6oL47dHOA7rx81JrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwMTAxMTMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGM1ZGIzMTg5YTYwMTJhZDg1ODI5ZmIzNzk2NDBlZDlmODk1NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzKnR6iEyTbh5UCg7I9OXqBq0gha
kEXTgDNsg+5x5CAmpZWIy5J9k9IeFMrX60GCuce8O/PPU66Q3gT6bkloVBpmkqbv
k4Bwncl2cJQS1ypo13MffuwVA53kqsEveU+VxoNrGWJMswRIzmZNcc89JzPdmxPC
xaK//JspvzpdPI22Pb1Jw7EEzeGD57TX0SJ56pfL7TFzk9durfoIXuHdY1Te5PNX
QIEDkG1TBO9vueMWj8CeHviUsR9eizz92DZnPO7lRp40z2OVSubU6MvJL2CRqp0z
0S6vzD8dZP1j/FVAhllfhK6hzeBmEiE/tA7H37ItUF+hVlCgfjImL6n3GQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNTF2zGJpgEq2Fgp+zeWQO2fiVWCMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvMU1YYk1ZbW1BU3JZV0NuN041WkE3Wi1KVllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZnvAwQA
qxa9MA0GCSqGSIb3DQEBCwUAA4IBAQAiv3kJHSJAFS1f9soNoxpSpEqYN4wIaRP8
PMmLLU4L0ZLovlvl0vaVLLH93NcPrtY84S+WvSM5++YiajGqgUCuJETbdFH0guQ8
OjVdCaihEbfoXTY1dp926sqLp058hRcZFmgYKvJ7aPDEYggCp/8aIOawZGkYSRAg
DTWbmMVSCZKmT3mAW4/ppooVdXt95EapOE4x8taDc/T1HrFWqJtBB6tlGIXy55np
pgncM08aUH+IVi05JNAzxz+dkii4lsl0r/3ImJYRd0ytMF6Ta0jaU42akY+fja8G
ix9mAoHgUYjprE+Xv8UKrRcfhAXu3tLWibovtwu6ZprEiTsVNGgM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org