Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NnJ3u8Vj6s_IHtdUkSsFe4kGqzo.roa
File: NnJ3u8Vj6s_IHtdUkSsFe4kGqzo.roa (raw, json)
Hash identifier: 2PE08/+J5eGgQsACBfRyXBVw6KE1Whymf3V1IxXjKoU=
Subject key identifier: 36:72:77:BB:C5:63:EA:CF:C8:1E:D7:54:91:2B:05:7B:89:06:AB:3A
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018607240AE92B29B68AFF081ECA796BEF69
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NnJ3u8Vj6s_IHtdUkSsFe4kGqzo.roa
Signing time: Tue 31 Jan 2023 09:24:07 +0000
ROA not before: Tue 31 Jan 2023 09:24:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56382
IP address blocks: 178.251.231.0/24 maxlen: 24
45.155.249.0/24 maxlen: 24
45.155.251.0/24 maxlen: 24
45.155.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 12:12:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:24:0a:e9:2b:29:b6:8a:ff:08:1e:ca:79:6b:ef:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 31 09:24:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=367277bbc563eacfc81ed754912b057b8906ab3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f2:71:fc:6e:c5:a2:bf:10:73:2c:50:04:82:
e9:b8:ac:cb:17:91:b4:c1:d0:70:a2:74:86:78:37:
c7:3c:88:11:f0:bb:56:7a:40:2a:fc:4a:0b:6e:77:
9c:cb:8a:b2:e7:ea:dc:11:63:5f:86:7c:3a:45:2c:
79:b9:bb:15:71:f0:82:96:24:84:e7:73:a1:0e:10:
ee:a0:5e:e5:0e:53:a5:68:96:b6:84:c8:a4:df:b4:
d8:d8:be:a7:5b:cb:a2:4c:50:49:9a:2b:fd:62:8d:
28:d1:be:52:77:b4:9d:3b:a1:03:72:33:d6:60:a1:
b3:10:86:8d:5a:e9:cc:87:d9:40:b5:91:7a:86:78:
c5:28:f4:cf:df:91:58:9b:e9:c0:0d:cb:c9:94:ba:
6b:69:3c:d9:b7:09:67:dd:51:73:37:b5:b8:8e:d7:
6f:a4:09:62:5e:a6:25:0b:b9:00:c0:bb:b2:a7:0d:
ce:c4:2b:a1:65:dc:b8:c6:ba:6c:bc:a7:8f:5a:a1:
8c:72:2a:be:05:a4:10:ce:00:a3:84:69:e0:9d:71:
cf:23:0a:10:33:90:5b:1a:7a:d0:97:4e:9a:bd:af:
d6:c9:2d:59:b8:9e:3e:27:85:2e:2e:9b:17:99:f6:
68:c3:4e:fe:f3:aa:fa:8d:53:92:ea:7a:8c:8f:51:
57:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:72:77:BB:C5:63:EA:CF:C8:1E:D7:54:91:2B:05:7B:89:06:AB:3A
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/NnJ3u8Vj6s_IHtdUkSsFe4kGqzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.249.0-45.155.251.255
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
30:2e:e9:31:e4:54:b4:0c:9c:ee:d2:36:76:1d:49:a1:8f:64:
f2:7b:82:30:89:50:3c:a7:bf:22:c5:69:e5:67:18:6d:7c:a2:
f4:b3:1d:68:1c:b1:ec:db:58:e8:c2:ed:67:25:eb:b1:87:ca:
3e:0f:d0:6d:85:f5:96:8b:46:da:c2:00:0e:f3:4f:59:c0:6f:
aa:1b:21:52:e1:a9:9e:ea:93:2e:86:e7:b6:02:35:c9:22:83:
bf:ff:3c:bb:7a:0a:dc:5c:ff:a5:95:2d:31:4f:38:11:17:5b:
67:11:b3:d9:f6:18:4e:80:fa:a3:69:5d:dc:0b:27:11:3b:a1:
c2:fc:0c:f8:bb:c7:50:c0:c1:e0:f3:9c:14:1a:e0:ed:14:6e:
ea:27:1d:6e:94:48:87:ce:66:8b:ad:d8:4c:6f:07:88:f2:bc:
f7:70:10:85:63:22:38:9b:ec:c5:f2:1a:e0:57:80:e8:ea:81:
b9:1f:eb:44:02:00:3d:d5:de:56:8f:37:04:14:b1:fa:bc:ba:
ce:50:c1:87:c6:51:62:fe:bf:6f:1d:ac:4e:d9:af:b6:e9:55:
04:51:cc:04:15:46:02:84:e7:be:cb:61:f5:fc:95:26:a4:29:
41:d7:b2:a2:dc:a8:31:e8:3e:84:c8:50:c5:7d:8c:c0:ab:01:
f9:26:ad:18
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYYHJArpKym2iv8IHsp5a+9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTMxMDkyNDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjcyNzdiYmM1NjNlYWNmYzgxZWQ3NTQ5MTJiMDU3Yjg5MDZhYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPJx/G7For8QcyxQBILpuKzLF5G0
wdBwonSGeDfHPIgR8LtWekAq/EoLbnecy4qy5+rcEWNfhnw6RSx5ubsVcfCCliSE
53OhDhDuoF7lDlOlaJa2hMik37TY2L6nW8uiTFBJmiv9Yo0o0b5Sd7SdO6EDcjPW
YKGzEIaNWunMh9lAtZF6hnjFKPTP35FYm+nADcvJlLpraTzZtwln3VFzN7W4jtdv
pAliXqYlC7kAwLuypw3OxCuhZdy4xrpsvKePWqGMciq+BaQQzgCjhGngnXHPIwoQ
M5BbGnrQl06ava/WyS1ZuJ4+J4UuLpsXmfZow07+86r6jVOS6nqMj1FXlwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDZyd7vFY+rPyB7XVJErBXuJBqs6MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTm5KM3U4Vmo2c19JSHRkVWtTc0ZlNGtHcXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtm/kD
BAItm/gDBACy++cwDQYJKoZIhvcNAQELBQADggEBADAu6THkVLQMnO7SNnYdSaGP
ZPJ7gjCJUDynvyLFaeVnGG18ovSzHWgcsezbWOjC7Wcl67GHyj4P0G2F9ZaLRtrC
AA7zT1nAb6obIVLhqZ7qky6G57YCNckig7//PLt6Ctxc/6WVLTFPOBEXW2cRs9n2
GE6A+qNpXdwLJxE7ocL8DPi7x1DAweDznBQa4O0UbuonHW6USIfOZout2ExvB4jy
vPdwEIVjIjib7MXyGuBXgOjqgbkf60QCAD3V3laPNwQUsfq8us5QwYfGUWL+v28d
rE7Zr7bpVQRRzAQVRgKE577LYfX8lSakKUHXsqLcqDHoPoTIUMV9jMCrAfkmrRg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org