Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa
File: JZFN8sMlhPNLmCk_IsSh_juq20w.roa (raw, json)
Hash identifier: r+7NQqJuO6d6jPkG1YnLp5kONfi3UEAg1jtEodaGn0g=
Subject key identifier: 25:91:4D:F2:C3:25:84:F3:4B:98:29:3F:22:C4:A1:FE:3B:AA:DB:4C
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 018571DE83B8ED3647BC6C84918EA0A91202
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa
Signing time: Mon 02 Jan 2023 09:44:46 +0000
ROA not before: Mon 02 Jan 2023 09:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138968
IP address blocks: 45.81.33.0/24 maxlen: 24
45.81.32.0/23 maxlen: 24
45.150.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 23 Jun 2023 13:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:83:b8:ed:36:47:bc:6c:84:91:8e:a0:a9:12:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jan 2 09:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25914df2c32584f34b98293f22c4a1fe3baadb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b0:bc:bd:5f:8e:73:0e:99:18:f7:aa:e6:cc:
ce:8f:d5:ae:dd:12:9c:f8:3f:c5:90:e6:3a:1e:27:
c9:25:ae:90:a5:95:8d:27:93:55:b1:32:21:ed:30:
e9:60:29:2b:52:79:ca:69:ba:05:11:27:79:7c:8c:
af:7f:b3:85:5a:4c:eb:89:a1:35:97:9f:f3:1c:5a:
01:48:1a:ca:fb:81:b7:8a:76:a9:4b:90:4f:8d:e4:
99:6a:6c:78:18:cc:62:a9:c6:91:5a:7b:73:b6:2b:
fe:53:07:ee:5c:10:a9:e1:4e:b1:03:0b:96:c0:5a:
01:3d:9d:b7:8b:12:56:6f:e1:b2:cb:71:ec:39:89:
19:23:ac:36:12:65:a4:79:8b:dc:b1:fd:ed:c9:52:
71:05:e7:eb:d5:7f:37:f0:fd:91:e2:1a:db:50:54:
d1:5f:2f:e6:e4:98:c8:13:d8:37:5a:46:60:9b:38:
95:e7:68:46:07:78:93:8b:a3:86:02:63:fc:e6:3e:
ae:9c:f9:6f:71:24:39:fe:cc:05:64:6b:29:bb:77:
58:04:82:55:4f:68:77:f5:06:85:fc:1f:b1:95:f6:
7a:97:2f:ac:59:26:f5:41:ba:67:4f:c3:c8:4e:a1:
15:bf:1b:77:6c:47:c8:12:b9:0f:d7:60:11:2d:40:
d1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:91:4D:F2:C3:25:84:F3:4B:98:29:3F:22:C4:A1:FE:3B:AA:DB:4C
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/JZFN8sMlhPNLmCk_IsSh_juq20w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.32.0/23
45.150.236.0/22
Signature Algorithm: sha256WithRSAEncryption
68:5d:02:bf:76:f3:e0:da:ff:08:68:0d:78:cd:7b:e8:ce:d6:
b3:ab:63:06:59:f0:8e:38:ef:97:f3:77:c7:cc:5d:75:00:8d:
90:85:94:be:3e:2a:3f:0c:1c:22:89:14:09:8d:71:e2:ed:c5:
e9:ea:ef:60:85:43:68:93:dc:59:f5:26:3f:df:00:43:b4:f8:
29:87:3b:a9:b4:50:20:3b:05:79:2f:84:0f:19:1b:6e:78:f8:
38:99:e9:31:7a:a9:a2:f7:53:77:fb:dd:bf:6f:2c:ae:22:8b:
40:05:81:f7:65:35:94:93:36:dc:14:52:5f:be:37:70:44:04:
72:ab:32:10:0c:ab:b5:e4:df:ec:36:c8:64:5e:f3:f3:56:9c:
a5:41:3d:6b:06:93:e4:7b:ff:6e:95:cc:fa:dd:3e:06:f1:81:
a7:4c:af:cd:40:91:3e:bc:be:86:36:31:74:75:31:6f:b1:09:
85:6c:26:cf:ee:a4:79:36:57:cf:db:40:d6:c4:d9:bb:5b:3a:
4c:f1:0d:6c:e1:e5:f3:64:98:e2:d8:3d:5e:c2:6b:42:2b:8a:
95:ee:21:38:e8:aa:c6:f3:7b:11:e7:1c:59:53:7f:71:9f:ce:
e4:cb:57:53:42:bc:d2:db:b1:79:1e:b8:df:94:36:18:b2:19:
80:8c:ac:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx3oO47TZHvGyEkY6gqRICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjMwMTAyMDk0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTkxNGRmMmMzMjU4NGYzNGI5ODI5M2YyMmM0YTFmZTNiYWFkYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67C8vV+Ocw6ZGPeq5szOj9Wu3RKc
+D/FkOY6HifJJa6QpZWNJ5NVsTIh7TDpYCkrUnnKaboFESd5fIyvf7OFWkzriaE1
l5/zHFoBSBrK+4G3inapS5BPjeSZamx4GMxiqcaRWntztiv+UwfuXBCp4U6xAwuW
wFoBPZ23ixJWb+Gyy3HsOYkZI6w2EmWkeYvcsf3tyVJxBefr1X838P2R4hrbUFTR
Xy/m5JjIE9g3WkZgmziV52hGB3iTi6OGAmP85j6unPlvcSQ5/swFZGspu3dYBIJV
T2h39QaF/B+xlfZ6ly+sWSb1QbpnT8PITqEVvxt3bEfIErkP12ARLUDRPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCWRTfLDJYTzS5gpPyLEof47qttMMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvSlpGTjhzTWxoUE5MbUNrX0lzU2hfanVxMjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVEgAwQC
LZbsMA0GCSqGSIb3DQEBCwUAA4IBAQBoXQK/dvPg2v8IaA14zXvoztazq2MGWfCO
OO+X83fHzF11AI2QhZS+Pio/DBwiiRQJjXHi7cXp6u9ghUNok9xZ9SY/3wBDtPgp
hzuptFAgOwV5L4QPGRtuePg4mekxeqmi91N3+92/byyuIotABYH3ZTWUkzbcFFJf
vjdwRARyqzIQDKu15N/sNshkXvPzVpylQT1rBpPke/9ulcz63T4G8YGnTK/NQJE+
vL6GNjF0dTFvsQmFbCbP7qR5NlfP20DWxNm7WzpM8Q1s4eXzZJji2D1ewmtCK4qV
7iE46KrG83sR5xxZU39xn87ky1dTQrzS27F5HrjflDYYshmAjKxy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:26 2024 by rpki-client on console-fra.rpki-client.org