Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/z3eK_lOHDtFhScM7bgW4fD3tEkE.roa
File: z3eK_lOHDtFhScM7bgW4fD3tEkE.roa (raw, json)
Hash identifier: dPxYtTsWGqA3XDW/JKUAYrpVOQEu+q1VpZ/jSSjA39U=
Subject key identifier: CF:77:8A:FE:53:87:0E:D1:61:49:C3:3B:6E:05:B8:7C:3D:ED:12:41
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 0189D42D81A83B1CD6C0D3C1946EEB167187
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/z3eK_lOHDtFhScM7bgW4fD3tEkE.roa
Signing time: Tue 08 Aug 2023 08:04:59 +0000
ROA not before: Tue 08 Aug 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.141.54.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Aug 2023 12:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:2d:81:a8:3b:1c:d6:c0:d3:c1:94:6e:eb:16:71:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Aug 8 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf778afe53870ed16149c33b6e05b87c3ded1241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:6e:68:75:12:9b:d1:6d:6e:6a:6a:46:02:
61:36:29:98:ff:25:1f:54:73:24:6f:f9:d2:cb:b9:
5f:37:f2:a4:d5:ed:51:3f:26:08:49:dd:71:ce:08:
cd:1c:59:6a:24:4f:30:7f:95:7a:15:8a:ce:16:2c:
b2:4f:5e:70:33:20:c0:da:bb:e9:21:47:26:f6:cb:
00:f6:9e:43:90:e2:e1:52:ab:2b:20:dc:32:07:b1:
a5:29:b5:c0:51:0c:38:fe:d3:33:85:98:00:08:ed:
33:07:e5:e2:cb:4c:79:28:f1:7a:56:4f:1a:eb:51:
9e:e1:12:c5:c4:1f:0e:36:39:64:08:fa:90:35:99:
d1:84:96:ce:51:4e:e9:35:5c:0f:ca:70:8a:f0:07:
dd:91:55:4f:a5:11:38:ea:3a:d9:53:5c:af:14:ad:
2c:e7:a3:3c:52:c3:99:82:d0:c1:8a:2c:33:a1:05:
05:37:66:1b:7b:e7:00:1b:24:51:dd:8c:97:2f:34:
1f:f6:27:db:f1:72:93:2d:90:85:fb:ee:db:10:1e:
5f:b1:60:57:71:71:62:dd:cd:0f:05:1d:ff:d2:8f:
05:de:66:f4:9c:dd:85:47:31:38:c3:70:af:88:33:
2e:c5:75:e3:de:2e:55:c3:ec:e6:be:19:e1:e9:c9:
b3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:77:8A:FE:53:87:0E:D1:61:49:C3:3B:6E:05:B8:7C:3D:ED:12:41
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/z3eK_lOHDtFhScM7bgW4fD3tEkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
13:b1:a6:2f:28:1d:9e:e4:bf:e2:97:8a:d9:61:6d:64:9e:29:
56:2d:d3:1e:41:de:2b:66:0d:30:80:5c:5d:98:4f:7c:6d:43:
54:53:4d:89:8b:60:8d:95:14:46:0f:d3:a4:83:0e:44:da:08:
95:55:02:9b:3e:9b:7a:7a:72:eb:c1:75:fe:24:c6:1c:e5:88:
3e:a4:5a:b6:92:57:d7:a0:10:8d:aa:29:9e:a6:a3:f7:c3:96:
5e:40:be:19:8d:a1:5a:5b:83:50:db:33:f7:82:c3:37:d0:ca:
b0:4a:d6:3c:4c:03:e7:3e:89:d7:f3:3a:33:eb:99:4f:95:fe:
9e:47:5a:6e:6f:72:27:02:b1:ed:b9:cf:93:47:be:3a:d6:cc:
d8:f3:50:7c:7e:c3:58:a7:a5:b1:3c:84:10:b6:1a:85:8c:03:
c0:d8:87:6a:18:f8:57:0b:be:9a:ab:f8:84:57:92:2d:df:20:
6b:70:07:55:75:16:29:21:ef:90:d3:17:67:d3:81:3f:69:0b:
53:be:f6:a5:f7:87:57:65:fd:e8:54:ec:7a:c2:ff:34:af:b4:
40:ee:82:3d:b0:3c:c3:78:6c:f8:29:4d:4a:61:c8:72:39:56:
75:4e:8b:79:3f:3d:f9:cf:ea:0b:aa:0c:3d:28:ff:9d:15:2a:
87:68:62:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnULYGoOxzWwNPBlG7rFnGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwODA4MDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc3OGFmZTUzODcwZWQxNjE0OWMzM2I2ZTA1Yjg3YzNkZWQxMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/huaHUSm9FtbmpqRgJhNimY/yUf
VHMkb/nSy7lfN/Kk1e1RPyYISd1xzgjNHFlqJE8wf5V6FYrOFiyyT15wMyDA2rvp
IUcm9ssA9p5DkOLhUqsrINwyB7GlKbXAUQw4/tMzhZgACO0zB+Xiy0x5KPF6Vk8a
61Ge4RLFxB8ONjlkCPqQNZnRhJbOUU7pNVwPynCK8AfdkVVPpRE46jrZU1yvFK0s
56M8UsOZgtDBiiwzoQUFN2Ybe+cAGyRR3YyXLzQf9ifb8XKTLZCF++7bEB5fsWBX
cXFi3c0PBR3/0o8F3mb0nN2FRzE4w3CviDMuxXXj3i5Vw+zmvhnh6cmzaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM93iv5Thw7RYUnDO24FuHw97RJBMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvejNlS19sT0hEdEZoU2NNN2JnVzRmRDN0RWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLY00AwQB
uUnwMA0EAgACMAcDBQAqBUdAMA0GCSqGSIb3DQEBCwUAA4IBAQATsaYvKB2e5L/i
l4rZYW1knilWLdMeQd4rZg0wgFxdmE98bUNUU02Ji2CNlRRGD9Okgw5E2giVVQKb
Ppt6enLrwXX+JMYc5Yg+pFq2klfXoBCNqimepqP3w5ZeQL4ZjaFaW4NQ2zP3gsM3
0MqwStY8TAPnPonX8zoz65lPlf6eR1pub3InArHtuc+TR7461szY81B8fsNYp6Wx
PIQQthqFjAPA2IdqGPhXC76aq/iEV5It3yBrcAdVdRYpIe+Q0xdn04E/aQtTvval
94dXZf3oVOx6wv80r7RA7oI9sDzDeGz4KU1KYchyOVZ1Tot5Pz35z+oLqgw9KP+d
FSqHaGKh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:20 2024 by rpki-client on console-ams.rpki-client.org