Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yOj55RrRerEU60wQtFdYZEGiK5I.roa
File: yOj55RrRerEU60wQtFdYZEGiK5I.roa (raw, json)
Hash identifier: +hWB6xs/x7IHpTKOmgPs2aExzS2SSlPBaTr+dvYQW2A=
Subject key identifier: C8:E8:F9:E5:1A:D1:7A:B1:14:EB:4C:10:B4:57:58:64:41:A2:2B:92
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01869D1699882A4D62CE13CCF3B08C457CFA
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yOj55RrRerEU60wQtFdYZEGiK5I.roa
Signing time: Wed 01 Mar 2023 12:12:29 +0000
ROA not before: Wed 01 Mar 2023 12:12:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56382
IP address blocks: 178.251.231.0/24 maxlen: 24
5.1.94.0/24 maxlen: 24
45.155.249.0/24 maxlen: 24
45.155.251.0/24 maxlen: 24
45.155.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:16:99:88:2a:4d:62:ce:13:cc:f3:b0:8c:45:7c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Mar 1 12:12:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8e8f9e51ad17ab114eb4c10b457586441a22b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:94:06:10:16:77:8e:79:34:fd:6a:35:46:d1:
3f:10:0d:10:dc:72:54:bd:90:6d:f1:d4:c8:cf:5d:
e3:96:1f:55:94:d4:38:8d:cf:de:c3:f8:a1:6c:bf:
3e:d4:87:d6:67:29:f9:50:c8:7f:13:64:a2:f3:3d:
01:7b:f2:5c:ca:1e:f1:0b:3b:a1:e3:82:0e:b7:be:
84:0a:90:cb:dd:cb:9d:21:ff:3b:66:4d:85:73:8f:
30:71:01:5f:86:16:57:2b:15:0b:7e:af:5e:ac:fa:
74:c5:6a:3d:2a:3c:b4:ac:0d:e5:34:93:ef:9e:eb:
50:4a:14:ca:ac:1a:b8:24:7a:bb:dc:4d:7c:18:a9:
02:54:d2:3e:7b:90:a7:70:43:ab:27:44:8b:7d:35:
9f:8c:bd:a0:26:fc:98:ff:a4:6d:37:9d:02:0c:fb:
9e:7e:1f:fe:0b:5d:cc:e5:22:9e:d7:96:43:86:7c:
6a:58:e2:84:ea:58:c8:f4:21:08:07:02:0f:93:ab:
b9:fb:ad:02:36:62:b5:23:a7:04:13:e5:4c:22:00:
74:1a:f2:b5:a9:dd:fc:e0:9d:26:43:83:7b:24:2b:
9a:d9:c2:91:51:25:d1:64:d8:e4:0d:4c:2e:87:62:
88:38:88:01:b0:9e:58:6a:87:b8:0f:ec:b5:e0:05:
91:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E8:F9:E5:1A:D1:7A:B1:14:EB:4C:10:B4:57:58:64:41:A2:2B:92
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yOj55RrRerEU60wQtFdYZEGiK5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.94.0/24
45.155.249.0-45.155.251.255
178.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ec:1b:98:ec:72:ef:11:b2:93:65:c3:53:87:b2:6c:6e:a0:
9b:f4:8f:39:ee:00:a5:fe:d0:27:26:f6:00:01:d8:90:ed:c7:
9c:f4:77:ca:c7:6b:7a:86:e3:0d:86:f8:2c:05:f1:20:f3:8c:
41:e9:1a:94:97:d4:89:1a:5f:66:55:dd:12:0c:4e:c0:26:7e:
a5:c2:fd:6d:39:d2:e8:c8:49:0b:79:dd:53:4d:6a:b2:7d:29:
1f:5c:d1:ef:6b:1f:f9:a4:b8:3b:ba:fc:21:ae:08:b1:33:cb:
b9:1b:e4:fe:a3:c2:e1:18:65:a2:31:dc:e7:a3:b0:d8:de:42:
0d:49:16:15:d4:bc:51:78:13:dc:16:16:27:8d:34:d4:ea:32:
ab:6b:bf:e6:2a:00:4a:bf:01:65:f4:02:02:0a:50:14:d1:ce:
ae:02:63:73:47:68:13:84:05:5f:d6:16:cf:ae:28:12:b3:03:
2d:20:46:09:de:2b:42:f5:cb:47:bc:d5:92:8d:9a:3b:1a:86:
bd:a2:a9:de:f6:6d:69:cb:d1:66:89:e6:17:34:c1:5c:25:0b:
f8:4d:01:51:ec:9c:8a:8b:90:92:4e:6f:48:cf:fb:0c:86:65:
ac:b2:c2:27:b2:d4:52:b0:20:bb:d9:43:07:ed:04:29:d0:5c:
86:7f:e6:2f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYadFpmIKk1izhPM87CMRXz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMzAxMTIxMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU4ZjllNTFhZDE3YWIxMTRlYjRjMTBiNDU3NTg2NDQxYTIyYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZQGEBZ3jnk0/Wo1RtE/EA0Q3HJU
vZBt8dTIz13jlh9VlNQ4jc/ew/ihbL8+1IfWZyn5UMh/E2Si8z0Be/Jcyh7xCzuh
44IOt76ECpDL3cudIf87Zk2Fc48wcQFfhhZXKxULfq9erPp0xWo9Kjy0rA3lNJPv
nutQShTKrBq4JHq73E18GKkCVNI+e5CncEOrJ0SLfTWfjL2gJvyY/6RtN50CDPue
fh/+C13M5SKe15ZDhnxqWOKE6ljI9CEIBwIPk6u5+60CNmK1I6cEE+VMIgB0GvK1
qd384J0mQ4N7JCua2cKRUSXRZNjkDUwuh2KIOIgBsJ5Yaoe4D+y14AWRWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMjo+eUa0XqxFOtMELRXWGRBoiuSMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEveU9qNTVSclJlckVVNjB3UXRGZFlaRUdpSzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABQFeMAwD
BAAtm/kDBAItm/gDBACy++cwDQYJKoZIhvcNAQELBQADggEBACXsG5jscu8RspNl
w1OHsmxuoJv0jznuAKX+0Ccm9gAB2JDtx5z0d8rHa3qG4w2G+CwF8SDzjEHpGpSX
1IkaX2ZV3RIMTsAmfqXC/W050ujISQt53VNNarJ9KR9c0e9rH/mkuDu6/CGuCLEz
y7kb5P6jwuEYZaIx3OejsNjeQg1JFhXUvFF4E9wWFieNNNTqMqtrv+YqAEq/AWX0
AgIKUBTRzq4CY3NHaBOEBV/WFs+uKBKzAy0gRgneK0L1y0e81ZKNmjsahr2iqd72
bWnL0WaJ5hc0wVwlC/hNAVHsnIqLkJJOb0jP+wyGZayywiey1FKwILvZQwftBCnQ
XIZ/5i8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org