Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/73FEbhV1kEqoCDNM9EUL4-uwCEA.roa
File: 73FEbhV1kEqoCDNM9EUL4-uwCEA.roa (raw, json)
Hash identifier: jD21oGekQTHxi65Q+kNrEGsQ+rswrdPIvinEh7DgOtw=
Subject key identifier: EF:71:44:6E:15:75:90:4A:A8:08:33:4C:F4:45:0B:E3:EB:B0:08:40
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018CC492E2D470D42621E416042A52659EA6
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/73FEbhV1kEqoCDNM9EUL4-uwCEA.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 45.11.233.0/24 maxlen: 24
185.15.178.0/23 maxlen: 23
185.15.177.0/24 maxlen: 24
185.15.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 10:36:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e2:d4:70:d4:26:21:e4:16:04:2a:52:65:9e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef71446e1575904aa808334cf4450be3ebb00840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:da:d2:38:eb:80:ba:d5:5a:f7:81:30:87:
91:c4:f6:db:30:a9:c5:9d:9a:b7:1d:7b:4c:6a:ba:
de:47:33:a5:17:d8:8a:29:7b:af:66:63:d5:72:90:
89:19:08:ea:56:16:c7:97:fd:19:f9:04:7f:a7:7a:
b8:45:d8:d4:79:64:e5:1e:04:48:c4:3c:50:89:02:
93:ba:f5:c3:cd:0a:65:9d:3e:b8:f3:21:7c:51:9e:
4d:54:44:6e:48:d2:84:4d:5d:a5:5b:0f:4b:e3:ae:
e4:73:7f:0a:8e:53:0e:06:a1:07:0b:28:89:ee:9f:
3d:88:5b:04:ce:51:98:05:03:3b:33:45:a9:df:30:
7e:5d:c6:2f:c5:00:35:c8:78:44:be:2d:9e:3f:19:
94:5b:9f:b3:9f:40:cc:7c:40:e9:ff:de:71:c8:8f:
20:4e:e7:c2:79:9f:93:f2:b6:db:76:d1:72:ad:7b:
d6:f7:59:0b:01:33:bb:c1:e7:a5:84:d3:ba:21:75:
76:34:17:66:af:2b:90:d3:78:60:19:4f:93:68:4b:
50:ec:58:8f:e5:76:3f:54:3e:53:98:d8:e6:37:90:
59:08:8c:b4:3c:ab:02:c4:5e:66:a6:35:52:06:b9:
19:c6:6d:63:55:36:1e:ef:24:84:fb:30:1e:f6:c5:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:71:44:6E:15:75:90:4A:A8:08:33:4C:F4:45:0B:E3:EB:B0:08:40
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/73FEbhV1kEqoCDNM9EUL4-uwCEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.233.0/24
185.15.176.0/22
Signature Algorithm: sha256WithRSAEncryption
11:1f:3a:e0:ac:24:27:33:8e:f8:22:48:e4:bb:04:fb:13:53:
c9:0b:6b:c4:9c:23:a0:0f:11:2f:80:3e:ae:1e:7a:8f:21:f6:
5f:1e:88:ae:9c:4e:8c:76:f9:ae:24:ee:e5:9b:7b:70:88:ea:
d8:db:cf:2d:fd:65:5f:a4:a6:72:38:b7:35:70:1c:8f:fa:2b:
80:97:9e:91:5b:5c:ea:fc:e8:57:46:1a:33:cd:98:36:90:a5:
ef:c2:16:a5:0a:2e:80:3b:ff:0e:cc:1c:81:9b:87:f8:85:d6:
61:cb:77:69:65:38:7c:3e:37:7b:71:37:27:44:7a:02:d5:f4:
23:4c:bf:7d:dd:43:1a:7c:40:82:3e:3a:31:28:1b:20:69:f5:
16:ff:c8:cb:ce:eb:93:6b:ad:c6:f4:f0:fe:94:66:2a:b5:bb:
50:e0:13:35:e1:7e:2d:ec:87:d5:01:b4:2b:44:44:b5:36:db:
25:64:f9:73:5c:e8:37:1e:f6:28:4c:8c:75:c8:15:78:60:ce:
79:51:b8:a8:94:a3:93:d8:92:7a:4d:6c:c4:38:e2:8e:55:42:
32:71:67:04:c1:00:b6:51:82:48:62:75:71:09:8b:f3:04:c3:
61:b7:d2:f5:52:2c:2a:88:f9:cc:0f:76:8f:b7:05:c6:28:84:
2b:e8:76:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkuLUcNQmIeQWBCpSZZ6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjcxNDQ2ZTE1NzU5MDRhYTgwODMzNGNmNDQ1MGJlM2ViYjAwODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4Ha0jjrgLrVWveBMIeRxPbbMKnF
nZq3HXtMarreRzOlF9iKKXuvZmPVcpCJGQjqVhbHl/0Z+QR/p3q4RdjUeWTlHgRI
xDxQiQKTuvXDzQplnT648yF8UZ5NVERuSNKETV2lWw9L467kc38KjlMOBqEHCyiJ
7p89iFsEzlGYBQM7M0Wp3zB+XcYvxQA1yHhEvi2ePxmUW5+zn0DMfEDp/95xyI8g
TufCeZ+T8rbbdtFyrXvW91kLATO7weelhNO6IXV2NBdmryuQ03hgGU+TaEtQ7FiP
5XY/VD5TmNjmN5BZCIy0PKsCxF5mpjVSBrkZxm1jVTYe7ySE+zAe9sW1JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO9xRG4VdZBKqAgzTPRFC+PrsAhAMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvNzNGRWJoVjFrRXFvQ0ROTTlFVUw0LXV3Q0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQvpAwQC
uQ+wMA0GCSqGSIb3DQEBCwUAA4IBAQARHzrgrCQnM474IkjkuwT7E1PJC2vEnCOg
DxEvgD6uHnqPIfZfHoiunE6MdvmuJO7lm3twiOrY288t/WVfpKZyOLc1cByP+iuA
l56RW1zq/OhXRhozzZg2kKXvwhalCi6AO/8OzByBm4f4hdZhy3dpZTh8Pjd7cTcn
RHoC1fQjTL993UMafECCPjoxKBsgafUW/8jLzuuTa63G9PD+lGYqtbtQ4BM14X4t
7IfVAbQrRES1NtslZPlzXOg3HvYoTIx1yBV4YM55UbiolKOT2JJ6TWzEOOKOVUIy
cWcEwQC2UYJIYnVxCYvzBMNht9L1UiwqiPnMD3aPtwXGKIQr6Hbe
-----END CERTIFICATE-----
Generated at Wed Oct 16 13:21:10 2024 by rpki-client on console-ams.rpki-client.org