Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0oo5eiBw57BpPHACr_ddFYe0ijI.roa
File: 0oo5eiBw57BpPHACr_ddFYe0ijI.roa (raw, json)
Hash identifier: sYK+cCZNTKf0qFKwqumXx1l+b/zxXtPPC9Ik+Ni/gW0=
Subject key identifier: D2:8A:39:7A:20:70:E7:B0:69:3C:70:02:AF:F7:5D:15:87:B4:8A:32
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018597DDE3DE53C2B93DE2C1AB3E8695BD1A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0oo5eiBw57BpPHACr_ddFYe0ijI.roa
Signing time: Mon 09 Jan 2023 18:49:39 +0000
ROA not before: Mon 09 Jan 2023 18:49:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 193.218.34.0/24 maxlen: 24
45.141.25.0/24 maxlen: 24
45.83.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 14:43:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:97:dd:e3:de:53:c2:b9:3d:e2:c1:ab:3e:86:95:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 9 18:49:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d28a397a2070e7b0693c7002aff75d1587b48a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:20:ca:59:a3:4b:20:d9:4b:04:65:28:ee:a4:
82:a0:4e:58:3d:5e:53:10:f5:c7:42:8b:3e:ff:c0:
33:42:e1:ec:48:65:d3:b9:93:6a:82:5b:3c:66:aa:
8b:53:8d:76:cb:82:40:74:6c:38:32:b8:7c:36:1d:
6d:d5:30:2b:18:3e:5f:f5:9f:fe:23:32:80:8d:52:
18:40:b5:e4:6d:71:7c:aa:1b:dc:79:d6:b1:ea:67:
85:3a:db:13:34:17:74:61:d7:e8:92:f4:4a:f3:29:
df:dd:62:1f:4d:89:3b:3f:c7:38:52:6d:8f:57:0b:
b4:10:15:2a:99:fa:9d:72:05:71:35:67:57:86:c7:
78:83:ef:9a:c4:0a:98:59:ad:0f:21:3c:04:b9:d3:
4d:64:75:02:e4:85:99:f0:f1:46:83:49:92:d5:d6:
8f:0f:f7:31:53:af:31:e4:a2:57:09:50:70:1c:7d:
d0:ff:4e:cc:d7:4e:87:c8:ef:7d:b0:fd:2b:6c:1e:
21:ac:43:35:be:7d:f4:a1:c4:47:99:c3:3b:63:c1:
b7:66:c7:a2:79:9c:8b:ee:7a:13:17:85:a5:58:95:
84:9c:04:06:bf:57:20:0a:3a:e5:fd:31:4e:01:34:
3f:ae:2e:56:f7:dc:fe:62:76:c1:c6:02:50:f0:dc:
68:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8A:39:7A:20:70:E7:B0:69:3C:70:02:AF:F7:5D:15:87:B4:8A:32
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0oo5eiBw57BpPHACr_ddFYe0ijI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
45.141.25.0/24
193.218.34.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cc:5e:db:76:6e:54:3a:89:3d:a7:a6:58:dc:cd:d4:5e:cd:
2f:91:62:53:af:23:3c:10:6b:d4:1d:e8:64:4e:45:8c:3c:0b:
8f:aa:9d:f5:2c:9e:13:c4:a1:aa:e7:d4:43:b5:63:95:4f:92:
b4:d5:25:31:c7:9a:a5:86:b7:cd:8f:13:e8:50:1f:e1:44:c3:
c1:68:a0:24:9f:1c:53:73:a9:3e:41:1c:b6:d3:50:45:cf:97:
2e:72:63:fa:c3:13:4f:0f:aa:3d:00:13:19:34:24:94:fc:d9:
a0:7f:26:6d:24:9c:1d:91:39:19:41:a1:2d:64:32:39:40:46:
04:a6:59:f7:4e:f6:e0:8f:e0:44:32:ab:c0:3f:a7:75:1e:66:
3c:71:83:05:9c:4f:55:47:3c:c6:ae:7a:8e:a8:8f:76:21:43:
63:ab:d3:a7:39:b8:c3:4f:f5:48:c4:c7:62:e7:5d:86:f5:7c:
a1:62:e7:36:4f:a9:40:02:2f:64:36:96:83:9b:de:53:3d:db:
4a:e8:e5:74:90:d0:c2:d9:29:f7:53:fe:e7:0a:a6:d0:02:a1:
81:18:1b:4b:f6:12:70:eb:1f:3a:51:ab:e7:ea:fa:6c:9c:e0:
a0:be:cd:73:4e:0d:0d:99:15:58:e8:df:40:c7:f1:d9:e9:6e:
30:9c:ea:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWX3ePeU8K5PeLBqz6Glb0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTA5MTg0OTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjhhMzk3YTIwNzBlN2IwNjkzYzcwMDJhZmY3NWQxNTg3YjQ4YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSDKWaNLINlLBGUo7qSCoE5YPV5T
EPXHQos+/8AzQuHsSGXTuZNqgls8ZqqLU412y4JAdGw4Mrh8Nh1t1TArGD5f9Z/+
IzKAjVIYQLXkbXF8qhvcedax6meFOtsTNBd0YdfokvRK8ynf3WIfTYk7P8c4Um2P
Vwu0EBUqmfqdcgVxNWdXhsd4g++axAqYWa0PITwEudNNZHUC5IWZ8PFGg0mS1daP
D/cxU68x5KJXCVBwHH3Q/07M106HyO99sP0rbB4hrEM1vn30ocRHmcM7Y8G3Zsei
eZyL7noTF4WlWJWEnAQGv1cgCjrl/TFOATQ/ri5W99z+YnbBxgJQ8NxoIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNKKOXogcOewaTxwAq/3XRWHtIoyMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMG9vNWVpQnc1N0JwUEhBQ3JfZGRGWWUwaWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVMcAwQA
LY0ZAwQAwdoiMA0GCSqGSIb3DQEBCwUAA4IBAQAkzF7bdm5UOok9p6ZY3M3UXs0v
kWJTryM8EGvUHehkTkWMPAuPqp31LJ4TxKGq59RDtWOVT5K01SUxx5qlhrfNjxPo
UB/hRMPBaKAknxxTc6k+QRy201BFz5cucmP6wxNPD6o9ABMZNCSU/NmgfyZtJJwd
kTkZQaEtZDI5QEYEpln3Tvbgj+BEMqvAP6d1HmY8cYMFnE9VRzzGrnqOqI92IUNj
q9OnObjDT/VIxMdi512G9XyhYuc2T6lAAi9kNpaDm95TPdtK6OV0kNDC2Sn3U/7n
CqbQAqGBGBtL9hJw6x86Uavn6vpsnOCgvs1zTg0NmRVY6N9Ax/HZ6W4wnOqx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org