Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/oWQoyLYbzlrTfXpb3I2Mhn_HT7s.roa
File: oWQoyLYbzlrTfXpb3I2Mhn_HT7s.roa (raw, json)
Hash identifier: rhvBtTU1AapvsLr/agsHIthnoN4VOtL4rz6NOEEBIyc=
Subject key identifier: A1:64:28:C8:B6:1B:CE:5A:D3:7D:7A:5B:DC:8D:8C:86:7F:C7:4F:BB
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 018A45F2575A8F70B1546E9B0E51D00A7415
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/oWQoyLYbzlrTfXpb3I2Mhn_HT7s.roa
Signing time: Wed 30 Aug 2023 10:17:04 +0000
ROA not before: Wed 30 Aug 2023 10:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 262287
IP address blocks: 45.11.233.0/24 maxlen: 24
185.15.178.0/23 maxlen: 23
185.15.177.0/24 maxlen: 24
185.15.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:45:f2:57:5a:8f:70:b1:54:6e:9b:0e:51:d0:0a:74:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Aug 30 10:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a16428c8b61bce5ad37d7a5bdc8d8c867fc74fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:91:81:f5:1d:f4:16:eb:f4:32:bc:ce:04:
d6:c6:0e:05:92:70:ce:ef:46:86:d3:8d:91:3d:6e:
5b:8f:bb:b5:cc:80:1a:0e:81:56:45:78:87:18:3c:
f3:01:29:d3:1c:05:4e:27:a3:e1:e8:58:b9:26:32:
b9:61:b3:81:14:75:44:07:1e:0a:0f:b6:96:65:0b:
b8:5f:e0:7d:62:5d:6f:87:da:34:5e:1a:4e:ca:41:
04:f5:ea:f2:3b:9e:63:ef:95:31:1a:06:a3:f6:e8:
f5:95:52:40:f2:19:16:77:e8:af:31:93:bd:18:33:
25:93:9f:65:b2:84:da:f6:6e:6d:6a:81:e1:59:e8:
0c:e6:0e:0b:e5:6c:54:1c:b4:a8:10:74:d7:f1:28:
90:85:b6:c4:b7:51:23:1f:03:b1:73:66:ed:dc:01:
48:17:f6:ca:0c:97:1f:c0:d8:9a:3c:1b:33:81:6c:
db:d9:58:01:e0:3e:28:c0:53:a3:bf:d0:be:8b:0b:
1f:4c:2c:03:74:76:42:c1:e8:01:84:72:ba:98:89:
cb:8d:29:b2:cb:f0:68:9e:e9:0f:a0:ad:d2:be:65:
76:74:10:e9:37:4e:cc:3c:f9:d9:29:85:bb:f4:b1:
fc:30:b2:a5:20:fa:d3:84:bc:40:6c:86:69:9b:f1:
cb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:64:28:C8:B6:1B:CE:5A:D3:7D:7A:5B:DC:8D:8C:86:7F:C7:4F:BB
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/oWQoyLYbzlrTfXpb3I2Mhn_HT7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.233.0/24
185.15.176.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:74:0f:13:34:82:9d:7e:cd:ed:09:c4:c2:82:cf:22:de:71:
95:e6:d8:69:be:82:cc:1d:25:d3:4b:7e:ae:dd:6d:b6:17:b8:
0c:56:d9:2c:ce:1d:27:0c:f1:51:a2:af:92:69:74:ae:e0:5b:
e1:ea:2a:d5:64:8c:08:ed:12:c3:e6:3c:2f:b0:53:35:a8:ab:
be:62:f5:bd:88:12:51:a8:9b:88:ff:16:42:2e:7a:b2:2a:ba:
37:a7:f5:a4:61:61:c6:36:4c:61:8a:e3:7e:7c:1d:20:b4:96:
5b:e6:b0:98:30:19:b7:2c:5e:75:96:2e:12:98:3a:6b:e2:74:
a9:69:2a:2d:64:75:3b:6d:40:33:79:41:74:e0:ee:cc:ae:28:
7a:e3:a9:c0:fa:13:6c:ab:39:32:2a:da:50:75:8e:1c:4d:33:
c2:2c:72:d2:18:84:f7:a3:07:10:4e:db:ae:36:29:49:45:7f:
36:92:75:4f:35:dd:ed:bd:55:df:c0:ae:40:6f:d6:32:76:64:
64:01:f2:98:a9:d0:0b:b8:2a:ac:c1:b4:0e:fa:9a:36:f5:97:
68:b6:f1:d1:53:71:4c:b5:df:1b:ea:52:04:d5:e0:40:9e:4e:
9c:57:1b:df:32:25:cd:cd:66:1f:87:f4:b2:22:f9:b1:1e:ec:
68:5f:b9:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpF8ldaj3CxVG6bDlHQCnQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwODMwMTAxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY0MjhjOGI2MWJjZTVhZDM3ZDdhNWJkYzhkOGM4NjdmYzc0ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeeRgfUd9Bbr9DK8zgTWxg4FknDO
70aG042RPW5bj7u1zIAaDoFWRXiHGDzzASnTHAVOJ6Ph6Fi5JjK5YbOBFHVEBx4K
D7aWZQu4X+B9Yl1vh9o0XhpOykEE9eryO55j75UxGgaj9uj1lVJA8hkWd+ivMZO9
GDMlk59lsoTa9m5taoHhWegM5g4L5WxUHLSoEHTX8SiQhbbEt1EjHwOxc2bt3AFI
F/bKDJcfwNiaPBszgWzb2VgB4D4owFOjv9C+iwsfTCwDdHZCwegBhHK6mInLjSmy
y/BonukPoK3SvmV2dBDpN07MPPnZKYW79LH8MLKlIPrThLxAbIZpm/HLvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKFkKMi2G85a0316W9yNjIZ/x0+7MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvb1dRb3lMWWJ6bHJUZlhwYjNJMk1obl9IVDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQvpAwQC
uQ+wMA0GCSqGSIb3DQEBCwUAA4IBAQCtdA8TNIKdfs3tCcTCgs8i3nGV5thpvoLM
HSXTS36u3W22F7gMVtkszh0nDPFRoq+SaXSu4Fvh6irVZIwI7RLD5jwvsFM1qKu+
YvW9iBJRqJuI/xZCLnqyKro3p/WkYWHGNkxhiuN+fB0gtJZb5rCYMBm3LF51li4S
mDpr4nSpaSotZHU7bUAzeUF04O7Mrih646nA+hNsqzkyKtpQdY4cTTPCLHLSGIT3
owcQTtuuNilJRX82knVPNd3tvVXfwK5Ab9YydmRkAfKYqdALuCqswbQO+po29Zdo
tvHRU3FMtd8b6lIE1eBAnk6cVxvfMiXNzWYfh/SyIvmxHuxoX7nw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org