Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/r_7Zz9WSE4Wtek9-GzkUQcESwdg.roa
File: r_7Zz9WSE4Wtek9-GzkUQcESwdg.roa (raw, json)
Hash identifier: 3OIPdpuR3hk4vCqnaKIJLWck60r3kOzIu4QYCjRqaz0=
Subject key identifier: AF:FE:D9:CF:D5:92:13:85:AD:7A:4F:7E:1B:39:14:41:C1:12:C1:D8
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018B8F1D7C7AA1EC4117AB51009347759FA9
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/r_7Zz9WSE4Wtek9-GzkUQcESwdg.roa
Signing time: Thu 02 Nov 2023 08:19:16 +0000
ROA not before: Thu 02 Nov 2023 08:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 45.15.17.0/24 maxlen: 24
2a0e:1c80:18::/48 maxlen: 48
2a0e:1c80:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1d:7c:7a:a1:ec:41:17:ab:51:00:93:47:75:9f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Nov 2 08:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=affed9cfd5921385ad7a4f7e1b391441c112c1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b4:3f:c5:89:89:c7:e9:f7:da:91:4d:e4:07:
86:79:30:4e:8f:90:a9:5a:63:de:bd:a8:eb:ec:2d:
70:63:6f:67:85:f8:f7:d4:45:0e:13:c5:93:18:b9:
4f:2f:75:f9:dd:b1:37:b1:16:46:1c:4b:7e:10:6f:
d0:16:17:4b:be:f5:d0:5f:2a:f8:b8:13:f0:a2:09:
31:96:4c:db:e9:75:d8:cf:6e:84:37:42:c1:0b:85:
2a:63:72:14:6a:67:d2:4b:1b:43:c5:1b:fc:17:3f:
be:f2:b5:52:0c:47:34:ae:72:03:95:d0:70:8c:cb:
b4:c5:29:55:ee:34:7b:93:dd:03:02:b6:18:80:f1:
79:b3:03:61:2d:60:8d:27:1d:89:33:68:e9:07:8e:
d6:88:ae:5e:d4:d9:ef:9a:d0:34:26:ff:43:df:b6:
10:fb:1a:9c:bc:c3:42:92:14:30:f8:8a:ea:42:94:
d4:bb:ba:1d:65:a7:3d:58:9d:01:06:a5:58:49:df:
b9:6d:9c:39:94:bd:9b:ab:ac:5a:30:f7:f9:7c:fe:
96:fb:46:86:01:6a:9d:48:24:c0:42:ea:25:ba:61:
00:e7:12:a8:de:26:16:c8:88:bd:b2:eb:66:a1:d5:
33:48:98:7c:da:34:e1:df:4e:26:d6:82:27:85:a4:
59:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FE:D9:CF:D5:92:13:85:AD:7A:4F:7E:1B:39:14:41:C1:12:C1:D8
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/r_7Zz9WSE4Wtek9-GzkUQcESwdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.17.0/24
IPv6:
2a0e:1c80:16::/48
2a0e:1c80:18::/48
Signature Algorithm: sha256WithRSAEncryption
09:d8:ac:7e:29:d7:dc:8a:52:a6:38:3c:23:65:1f:b2:2a:a8:
91:cc:9a:cb:42:ab:32:a1:02:f0:15:78:d2:88:df:cc:39:46:
23:d5:10:58:11:4f:70:d8:77:a8:91:99:b9:e5:6e:ec:9d:4f:
8d:1d:7b:bc:80:df:3a:15:7b:26:e5:45:10:4b:d8:d1:d1:5f:
d7:49:eb:5b:ec:5c:2f:09:33:b2:79:ef:a5:f6:ed:8b:3f:f4:
22:60:46:03:e7:01:45:d2:24:6b:c8:0a:0f:6d:b3:66:9f:7a:
8b:93:80:c9:2b:83:b8:5d:2e:8f:6f:05:ed:46:e0:2e:59:e1:
d2:ff:51:6f:c8:d9:aa:ef:44:f9:cd:3b:9c:86:c0:b5:ac:c3:
ef:6b:88:f0:ee:fd:93:fb:6e:da:91:b0:42:23:54:9e:59:44:
1e:da:66:fd:95:9a:7e:bb:f5:6b:70:ba:36:f4:69:29:64:e3:
21:13:ef:c2:1a:a7:e7:fd:bf:26:54:f8:08:86:53:48:2c:7c:
dc:f1:b3:d8:db:db:d8:8d:b6:4a:54:8f:dc:c5:19:dc:6b:b1:
b4:34:1b:7f:3f:96:62:42:12:4e:b0:1c:1c:d9:d5:f8:d5:c3:
38:8f:36:ac:18:61:3b:60:19:8f:c0:67:09:67:d4:e5:22:af:
75:65:fe:d8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuPHXx6oexBF6tRAJNHdZ+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjMxMTAyMDgxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmZlZDljZmQ1OTIxMzg1YWQ3YTRmN2UxYjM5MTQ0MWMxMTJjMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLQ/xYmJx+n32pFN5AeGeTBOj5Cp
WmPevajr7C1wY29nhfj31EUOE8WTGLlPL3X53bE3sRZGHEt+EG/QFhdLvvXQXyr4
uBPwogkxlkzb6XXYz26EN0LBC4UqY3IUamfSSxtDxRv8Fz++8rVSDEc0rnIDldBw
jMu0xSlV7jR7k90DArYYgPF5swNhLWCNJx2JM2jpB47WiK5e1NnvmtA0Jv9D37YQ
+xqcvMNCkhQw+IrqQpTUu7odZac9WJ0BBqVYSd+5bZw5lL2bq6xaMPf5fP6W+0aG
AWqdSCTAQuolumEA5xKo3iYWyIi9sutmodUzSJh82jTh304m1oInhaRZSQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK/+2c/VkhOFrXpPfhs5FEHBEsHYMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvcl83Wno5V1NFNFd0ZWs5LUd6a1VRY0VTd2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALQ8RMBgE
AgACMBIDBwAqDhyAABYDBwAqDhyAABgwDQYJKoZIhvcNAQELBQADggEBAAnYrH4p
19yKUqY4PCNlH7IqqJHMmstCqzKhAvAVeNKI38w5RiPVEFgRT3DYd6iRmbnlbuyd
T40de7yA3zoVeyblRRBL2NHRX9dJ61vsXC8JM7J576X27Ys/9CJgRgPnAUXSJGvI
Cg9ts2afeouTgMkrg7hdLo9vBe1G4C5Z4dL/UW/I2arvRPnNO5yGwLWsw+9riPDu
/ZP7btqRsEIjVJ5ZRB7aZv2Vmn679Wtwujb0aSlk4yET78Iap+f9vyZU+AiGU0gs
fNzxs9jb29iNtkpUj9zFGdxrsbQ0G38/lmJCEk6wHBzZ1fjVwziPNqwYYTtgGY/A
Zwln1OUir3Vl/tg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:01 2024 by rpki-client on console-ams.rpki-client.org