Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pN-hnYMgquKQRqIq28cOBYSY7T0.roa
File: pN-hnYMgquKQRqIq28cOBYSY7T0.roa (raw, json)
Hash identifier: MaRmiSXtWbOx15bjOtTf9G7Ve0cLu4Pwxmb1hQWWe4A=
Subject key identifier: A4:DF:A1:9D:83:20:AA:E2:90:46:A2:2A:DB:C7:0E:05:84:98:ED:3D
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01856C780CCC916B40C3CF21B89564FD7F11
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pN-hnYMgquKQRqIq28cOBYSY7T0.roa
Signing time: Sun 01 Jan 2023 08:34:44 +0000
ROA not before: Sun 01 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44446
IP address blocks: 45.143.203.0/24 maxlen: 24
185.156.73.0/24 maxlen: 24
185.193.88.0/24 maxlen: 24
92.63.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Jun 2023 05:40:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0c:cc:91:6b:40:c3:cf:21:b8:95:64:fd:7f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4dfa19d8320aae29046a22adbc70e058498ed3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:8e:03:be:f2:24:4b:d6:79:15:f5:f2:e2:
b2:61:89:e9:17:5a:29:fd:0e:07:92:1a:21:b4:c8:
73:69:b8:e1:d4:e8:aa:1d:d0:ff:29:91:ea:a9:b0:
dd:31:fc:a6:ab:5a:57:fd:68:1d:b1:1e:17:74:63:
41:7b:a7:df:c1:36:32:f2:98:a8:13:89:e8:4b:78:
f7:3a:de:28:2f:70:98:8b:34:2e:29:27:59:b5:2d:
5e:e0:28:cc:90:bb:b1:b5:b2:b7:fe:25:23:78:2e:
de:5e:ca:d0:9e:54:fe:f3:ab:89:4b:99:7d:64:f6:
4d:ec:a7:20:6f:ca:e7:9d:5c:e6:01:ca:25:b0:66:
d5:c3:d4:a9:e3:c4:44:24:0c:3a:ce:fd:74:2b:7c:
26:a1:3f:e7:c4:b1:fe:98:7a:20:fa:5f:4b:6f:fd:
92:9d:c4:cc:1b:33:db:40:52:d6:bb:93:72:10:eb:
99:73:9d:95:cf:f9:00:5b:be:80:bf:4e:57:3c:66:
e3:cb:c4:9f:b9:0e:9d:a7:83:0f:f2:c7:d8:91:cd:
ab:69:c9:6e:d9:91:92:ed:40:4f:62:1d:1e:85:7a:
74:af:1f:e1:46:65:8c:cc:29:b8:f3:c7:49:fa:e2:
81:ab:97:11:7b:69:73:3c:a7:42:12:b2:32:bc:ef:
9d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DF:A1:9D:83:20:AA:E2:90:46:A2:2A:DB:C7:0E:05:84:98:ED:3D
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/pN-hnYMgquKQRqIq28cOBYSY7T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.203.0/24
92.63.197.0/24
185.156.73.0/24
185.193.88.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a2:62:27:d2:46:74:73:2e:20:53:ea:66:75:51:3a:b5:ff:
e2:3a:0e:8d:23:bb:ab:c4:b4:44:c5:50:8f:8d:fc:1d:cd:ea:
7d:3c:ba:9f:d0:17:c0:58:5a:8f:f5:35:88:dd:38:2c:cd:2b:
8f:62:95:81:00:b7:65:fd:b7:56:c8:b7:87:3c:57:d6:f2:a5:
1c:8e:0c:48:03:d9:e9:7e:50:06:30:c6:79:b0:97:8d:20:7a:
ce:2d:0d:65:af:0f:3f:38:40:66:e6:00:b0:21:f3:39:11:08:
c5:2c:97:a7:4f:ce:da:5e:23:48:89:e8:80:79:db:ea:4b:8c:
f8:9e:87:a4:73:90:61:5e:80:9e:1e:6b:f4:37:d5:14:95:39:
ea:e1:e6:1e:28:3a:62:86:2b:a6:b4:fe:46:1a:d8:30:5f:e3:
58:14:f4:41:c2:14:6a:33:bb:65:db:a9:55:f1:38:e2:5a:bc:
0b:c1:98:5c:11:36:40:6e:57:ec:11:56:65:ae:a5:1d:dc:47:
29:56:93:93:08:3d:f5:2c:5f:4a:11:9c:fb:a7:05:bf:22:fb:
2d:64:35:15:7d:f7:ba:16:fc:21:d4:d6:60:fa:26:24:47:24:
14:3a:fd:9e:1e:ce:93:63:a7:48:47:e0:0f:5f:d6:ff:37:b7:
78:c5:18:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVseAzMkWtAw88huJVk/X8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjMwMTAxMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRmYTE5ZDgzMjBhYWUyOTA0NmEyMmFkYmM3MGUwNTg0OThlZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijeOA77yJEvWeRX18uKyYYnpF1op
/Q4HkhohtMhzabjh1OiqHdD/KZHqqbDdMfymq1pX/WgdsR4XdGNBe6ffwTYy8pio
E4noS3j3Ot4oL3CYizQuKSdZtS1e4CjMkLuxtbK3/iUjeC7eXsrQnlT+86uJS5l9
ZPZN7Kcgb8rnnVzmAcolsGbVw9Sp48REJAw6zv10K3wmoT/nxLH+mHog+l9Lb/2S
ncTMGzPbQFLWu5NyEOuZc52Vz/kAW76Av05XPGbjy8SfuQ6dp4MP8sfYkc2raclu
2ZGS7UBPYh0ehXp0rx/hRmWMzCm488dJ+uKBq5cRe2lzPKdCErIyvO+dHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTfoZ2DIKrikEaiKtvHDgWEmO09MB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvcE4taG5ZTWdxdUtRUnFJcTI4Y09CWVNZN1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY/LAwQA
XD/FAwQAuZxJAwQAucFYMA0GCSqGSIb3DQEBCwUAA4IBAQB6omIn0kZ0cy4gU+pm
dVE6tf/iOg6NI7urxLRExVCPjfwdzep9PLqf0BfAWFqP9TWI3TgszSuPYpWBALdl
/bdWyLeHPFfW8qUcjgxIA9npflAGMMZ5sJeNIHrOLQ1lrw8/OEBm5gCwIfM5EQjF
LJenT87aXiNIieiAedvqS4z4noekc5BhXoCeHmv0N9UUlTnq4eYeKDpihiumtP5G
GtgwX+NYFPRBwhRqM7tl26lV8TjiWrwLwZhcETZAblfsEVZlrqUd3EcpVpOTCD31
LF9KEZz7pwW/IvstZDUVffe6Fvwh1NZg+iYkRyQUOv2eHs6TY6dIR+APX9b/N7d4
xRgj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org