Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa
File: DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa (raw, json)
Hash identifier: A/t5odIpJ3FQ79n+zj943jR+tcO/JepDVNN4YNCxd2c=
Subject key identifier: 0E:C3:B3:17:44:2F:04:1A:8C:27:DF:6E:BB:20:F4:67:CA:D6:C8:2F
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 01856FCB87721F838E4718AB1EC83AF31786
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa
Signing time: Mon 02 Jan 2023 00:04:47 +0000
ROA not before: Mon 02 Jan 2023 00:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.133.136.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Sep 2023 13:59:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:87:72:1f:83:8e:47:18:ab:1e:c8:3a:f3:17:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Jan 2 00:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ec3b317442f041a8c27df6ebb20f467cad6c82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:99:45:f8:71:3a:7e:ab:db:46:a1:55:71:c0:
be:5d:d3:67:a9:79:70:bb:5b:5f:13:f8:a6:fa:d0:
09:a1:e0:3d:cc:77:39:eb:65:f3:91:5b:33:39:07:
9e:a5:04:50:d7:61:10:2b:85:bd:51:75:cc:95:ba:
a8:11:a7:8c:ef:11:11:be:36:88:e2:c4:81:6d:36:
bf:d7:e8:25:22:dd:a8:c6:09:4e:75:76:5a:19:53:
af:7b:72:38:e8:c2:6d:e4:25:6f:c4:83:10:67:53:
10:5b:09:6c:6d:10:f3:67:04:10:40:48:0f:5c:18:
40:e2:50:52:1f:2e:cb:0e:e6:ab:48:32:f1:0c:e4:
78:1b:67:30:a0:c2:6b:62:76:98:48:9a:22:17:56:
be:92:c6:01:58:96:52:fa:fb:a9:35:6c:3f:4e:f6:
1f:bb:23:f5:c1:22:eb:13:34:9e:44:e4:f8:7c:67:
a4:ae:36:a9:d3:82:53:29:55:b1:9f:8f:e2:1a:2c:
fa:a5:70:0c:2a:ed:80:ea:4e:b7:e1:f5:7a:fe:7b:
c6:c4:54:bb:20:b6:1d:8b:d6:b5:c5:a7:00:c0:8d:
bb:1c:aa:14:70:81:89:c1:c9:8b:f7:5d:e0:f9:56:
10:d7:12:1e:83:5a:fa:65:5f:91:d1:74:61:63:07:
b6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C3:B3:17:44:2F:04:1A:8C:27:DF:6E:BB:20:F4:67:CA:D6:C8:2F
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/DsOzF0QvBBqMJ99uuyD0Z8rWyC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
Signature Algorithm: sha256WithRSAEncryption
62:7f:65:e6:82:69:cb:e5:d5:14:11:c8:f1:9b:02:bd:b9:6b:
48:16:81:b9:e6:24:47:0d:ba:99:0a:80:f6:5c:26:bb:49:c4:
6f:f8:2d:29:96:51:1b:01:cf:48:b3:f0:a2:b3:f3:8e:fe:25:
79:8a:49:28:94:9f:d3:e9:d4:e5:46:5f:f5:c3:68:8f:65:fc:
c2:ee:81:70:e6:0c:4f:b5:2b:f9:d6:e9:c8:74:4c:72:ab:bd:
22:93:76:94:fe:c7:24:d2:92:90:2c:3a:13:68:5b:41:e7:ff:
27:85:a5:cd:a7:37:53:26:ae:fd:69:aa:1a:f3:39:f3:d1:e7:
b0:8b:63:d8:ce:37:df:3b:c6:05:6c:2b:2e:cc:0b:a7:a6:bc:
39:58:96:16:74:a7:a9:7f:d5:3c:c0:bc:0d:a3:52:03:42:c2:
72:89:e7:81:b0:90:77:85:46:0a:4c:0c:c1:c0:3b:cd:39:6c:
67:f5:02:99:83:f2:e9:af:30:94:ea:26:2f:17:c2:bd:a6:8e:
6d:17:96:ec:6b:c9:34:ff:af:c6:83:54:bd:3c:03:a0:4e:ab:
0d:85:ee:1f:54:e6:8a:9c:c3:e1:fc:06:ba:e7:eb:c9:d0:cb:
58:f6:5f:64:3c:bb:df:6f:cc:1b:14:c7:52:66:d9:fa:ba:38:
67:75:ec:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4dyH4OORxirHsg68xeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMwMTAyMDAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWMzYjMxNzQ0MmYwNDFhOGMyN2RmNmViYjIwZjQ2N2NhZDZjODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5lF+HE6fqvbRqFVccC+XdNnqXlw
u1tfE/im+tAJoeA9zHc562XzkVszOQeepQRQ12EQK4W9UXXMlbqoEaeM7xERvjaI
4sSBbTa/1+glIt2oxglOdXZaGVOve3I46MJt5CVvxIMQZ1MQWwlsbRDzZwQQQEgP
XBhA4lBSHy7LDuarSDLxDOR4G2cwoMJrYnaYSJoiF1a+ksYBWJZS+vupNWw/TvYf
uyP1wSLrEzSeROT4fGekrjap04JTKVWxn4/iGiz6pXAMKu2A6k634fV6/nvGxFS7
ILYdi9a1xacAwI27HKoUcIGJwcmL913g+VYQ1xIeg1r6ZV+R0XRhYwe2hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA7DsxdELwQajCffbrsg9GfK1sgvMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvRHNPekYwUXZCQnFNSjk5dXV5RDBaOHJXeUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYWIMA0G
CSqGSIb3DQEBCwUAA4IBAQBif2XmgmnL5dUUEcjxmwK9uWtIFoG55iRHDbqZCoD2
XCa7ScRv+C0pllEbAc9Is/Cis/OO/iV5ikkolJ/T6dTlRl/1w2iPZfzC7oFw5gxP
tSv51unIdExyq70ik3aU/sck0pKQLDoTaFtB5/8nhaXNpzdTJq79aaoa8znz0eew
i2PYzjffO8YFbCsuzAunprw5WJYWdKepf9U8wLwNo1IDQsJyieeBsJB3hUYKTAzB
wDvNOWxn9QKZg/LprzCU6iYvF8K9po5tF5bsa8k0/6/Gg1S9PAOgTqsNhe4fVOaK
nMPh/Aa65+vJ0MtY9l9kPLvfb8wbFMdSZtn6ujhndexh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org