Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/4STXgQ5Wp9Urj1zLXP7pm3gvmUU.roa
File: 4STXgQ5Wp9Urj1zLXP7pm3gvmUU.roa (raw, json)
Hash identifier: G5M8bq47hT1kvaJv02uU77Lx0pvhOJLAK6x5YpLSkOQ=
Subject key identifier: E1:24:D7:81:0E:56:A7:D5:2B:8F:5C:CB:5C:FE:E9:9B:78:2F:99:45
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018A4A6282771A37BD3CF3B6457BC27DF894
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/4STXgQ5Wp9Urj1zLXP7pm3gvmUU.roa
Signing time: Thu 31 Aug 2023 06:58:04 +0000
ROA not before: Thu 31 Aug 2023 06:58:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
31.193.240.0/22 maxlen: 24
45.84.114.0/23 maxlen: 24
31.193.244.0/22 maxlen: 24
185.74.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 13:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:62:82:77:1a:37:bd:3c:f3:b6:45:7b:c2:7d:f8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Aug 31 06:58:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e124d7810e56a7d52b8f5ccb5cfee99b782f9945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:c8:be:39:46:bc:31:d8:2f:81:32:de:50:
80:0c:f8:69:03:f5:30:c5:0f:e1:05:8a:ad:c0:74:
4c:ab:ab:47:10:d5:dd:00:6f:27:73:14:d3:6a:89:
73:f7:a4:b0:b7:bb:fd:66:c0:1c:74:32:21:02:16:
80:dd:b2:c9:30:6d:04:46:7b:59:2d:61:7b:2e:b6:
c0:0a:db:fb:b4:99:84:4c:20:3f:d8:ed:aa:f3:4f:
ae:9d:35:8f:b1:15:78:61:3b:16:b9:89:7c:26:58:
1c:de:89:64:1e:ca:a1:a4:f2:dd:ba:47:ad:5d:15:
70:c6:ec:7f:35:13:12:f8:f0:3a:8b:2c:de:51:05:
0b:4e:b7:b2:a2:db:65:02:30:db:f5:a3:c9:97:0b:
97:84:50:82:4f:e1:6b:50:00:dd:c3:8a:f8:f0:85:
51:c6:43:ef:f5:6b:c2:18:f8:77:80:cd:cc:7f:98:
46:16:7f:ee:3e:6e:66:b2:b0:08:2b:ed:26:b5:d5:
65:ae:e7:40:1a:b6:35:11:82:2a:4e:7e:19:20:58:
39:a3:d2:e0:7e:61:c8:79:f8:97:b1:bf:b6:93:12:
98:3d:c0:e1:57:4e:1d:1e:95:5a:62:4b:a5:d1:77:
a2:52:6d:5e:87:aa:b4:c9:6f:e5:fd:6b:06:1d:f4:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:24:D7:81:0E:56:A7:D5:2B:8F:5C:CB:5C:FE:E9:9B:78:2F:99:45
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/4STXgQ5Wp9Urj1zLXP7pm3gvmUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
45.84.112.0/22
185.74.54.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:bc:34:97:50:78:06:ba:b0:d0:84:29:55:18:7d:81:54:db:
69:3a:d2:23:24:f7:98:b5:00:b1:ca:6c:61:4b:da:4c:f9:59:
49:b5:51:e4:50:5c:d0:d3:e3:dc:ff:25:ba:8b:3f:74:a5:2b:
b2:78:bd:d9:2d:94:30:ea:c2:b2:d0:22:d9:4c:11:08:3e:64:
5c:46:9d:77:b7:6e:93:10:77:97:6e:fa:44:fe:64:1f:4d:4a:
17:27:d4:c5:bc:67:80:bc:b8:8f:6f:6f:4a:e9:c2:a7:63:4f:
75:ba:91:0a:1e:3e:db:ba:72:23:77:3c:a7:48:ee:52:21:7f:
6f:de:11:8a:3c:ef:6d:98:91:f7:7a:d3:4d:76:44:ed:a8:04:
ef:02:f8:ee:e6:bc:b7:44:6e:ba:13:ea:b8:33:55:00:3a:90:
da:f3:ac:4f:c2:1f:d3:3b:c1:1e:92:88:56:6f:0b:36:8c:32:
9b:f8:81:50:05:3d:8e:94:d2:05:df:ea:08:04:ac:c4:67:c4:
ad:bc:09:46:6c:05:00:4c:ce:e2:7c:27:f3:fb:9a:f3:23:09:
ac:ee:a7:6c:2a:8a:30:66:63:af:7e:f7:c6:39:9e:5c:dd:92:
d2:94:94:5f:1c:aa:4b:77:f9:bf:49:4e:ef:05:17:47:a5:4a:
58:1a:40:47
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpKYoJ3Gje9PPO2RXvCffiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjMwODMxMDY1ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTI0ZDc4MTBlNTZhN2Q1MmI4ZjVjY2I1Y2ZlZTk5Yjc4MmY5OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqDIvjlGvDHYL4Ey3lCADPhpA/Uw
xQ/hBYqtwHRMq6tHENXdAG8ncxTTaolz96Swt7v9ZsAcdDIhAhaA3bLJMG0ERntZ
LWF7LrbACtv7tJmETCA/2O2q80+unTWPsRV4YTsWuYl8Jlgc3olkHsqhpPLduket
XRVwxux/NRMS+PA6iyzeUQULTreyottlAjDb9aPJlwuXhFCCT+FrUADdw4r48IVR
xkPv9WvCGPh3gM3Mf5hGFn/uPm5msrAIK+0mtdVlrudAGrY1EYIqTn4ZIFg5o9Lg
fmHIefiXsb+2kxKYPcDhV04dHpVaYkul0XeiUm1eh6q0yW/l/WsGHfSnqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOEk14EOVqfVK49cy1z+6Zt4L5lFMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvNFNUWGdRNVdwOVVyajF6TFhQN3BtM2d2bVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH8HwAwQC
LVRwAwQBuUo2MA0GCSqGSIb3DQEBCwUAA4IBAQBrvDSXUHgGurDQhClVGH2BVNtp
OtIjJPeYtQCxymxhS9pM+VlJtVHkUFzQ0+Pc/yW6iz90pSuyeL3ZLZQw6sKy0CLZ
TBEIPmRcRp13t26TEHeXbvpE/mQfTUoXJ9TFvGeAvLiPb29K6cKnY091upEKHj7b
unIjdzynSO5SIX9v3hGKPO9tmJH3etNNdkTtqATvAvju5ry3RG66E+q4M1UAOpDa
86xPwh/TO8EekohWbws2jDKb+IFQBT2OlNIF3+oIBKzEZ8StvAlGbAUATM7ifCfz
+5rzIwms7qdsKoowZmOvfvfGOZ5c3ZLSlJRfHKpLd/m/SU7vBRdHpUpYGkBH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org