Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DAD5H_Tf4MZF5U_NjdToS8w6h0I.roa
File: DAD5H_Tf4MZF5U_NjdToS8w6h0I.roa (raw, json)
Hash identifier: 6iUyLFNguaNp5s02mgTyC1jthTdBMv+b/e7LRFEZtk8=
Subject key identifier: 0C:00:F9:1F:F4:DF:E0:C6:45:E5:4F:CD:8D:D4:E8:4B:CC:3A:87:42
Certificate issuer: /CN=48559018adff16eadf5551b2cb74d8f6860cd044
Certificate serial: 01887793FBADB40C9420964262A9E812E467
Authority key identifier: 48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DAD5H_Tf4MZF5U_NjdToS8w6h0I.roa
Signing time: Thu 01 Jun 2023 15:29:26 +0000
ROA not before: Thu 01 Jun 2023 15:29:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 91.202.188.0/22 maxlen: 24
45.10.4.0/22 maxlen: 24
45.141.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:93:fb:ad:b4:0c:94:20:96:42:62:a9:e8:12:e4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48559018adff16eadf5551b2cb74d8f6860cd044
Validity
Not Before: Jun 1 15:29:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c00f91ff4dfe0c645e54fcd8dd4e84bcc3a8742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8e:26:ca:ad:24:42:73:05:17:11:e6:5b:d0:
1a:06:ec:e8:59:2c:00:f7:94:73:7d:22:2e:c4:1d:
eb:e1:d1:d0:54:86:12:c7:88:92:b1:48:a8:04:5b:
85:22:26:30:31:cb:a2:2f:e0:ef:49:a2:e7:8f:dc:
b8:3f:f1:8a:8d:36:79:87:b7:47:ad:67:16:e1:c2:
8e:7d:ca:bc:5d:13:69:f2:98:8f:c4:77:cd:ca:3c:
b4:ba:c5:74:a3:cb:c8:b6:fe:04:50:11:a4:8c:ab:
f8:2d:21:d8:b4:16:2d:fd:a5:43:84:58:b5:39:c6:
ef:72:8e:8d:a3:6b:76:fd:8d:28:08:02:00:7a:70:
cc:a0:b6:c9:46:34:c8:ce:12:b2:a8:64:bd:93:2f:
11:5f:6f:bd:fc:23:8f:71:44:4e:62:ee:e3:f0:3a:
c9:64:1c:b6:78:b6:60:bd:6c:84:34:31:07:d6:a7:
dd:0c:8b:bd:1c:fa:42:c5:d8:17:5d:02:b3:f0:2c:
48:9f:e7:22:60:8d:bc:5f:fe:8a:10:05:22:a8:a3:
b8:d8:c2:3d:4d:bd:96:cf:4c:ba:d8:d4:c4:0f:31:
48:94:ef:f9:39:8b:be:fe:a0:e8:46:72:f1:30:bd:
d4:13:3c:26:f2:0a:5c:38:de:91:27:9e:fd:d4:55:
e7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:00:F9:1F:F4:DF:E0:C6:45:E5:4F:CD:8D:D4:E8:4B:CC:3A:87:42
X509v3 Authority Key Identifier:
keyid:48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DAD5H_Tf4MZF5U_NjdToS8w6h0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.4.0/22
45.141.64.0/22
91.202.188.0/22
Signature Algorithm: sha256WithRSAEncryption
14:cf:a2:fc:66:51:90:75:0b:9d:2c:5e:b4:8e:93:0d:92:d8:
e1:0e:be:eb:2d:3f:f9:c2:9b:fe:36:54:61:2a:62:d5:27:4c:
8b:78:83:35:bd:a2:5f:4a:44:75:12:35:cf:fb:e5:b0:08:0e:
c5:80:37:7b:4e:4a:6f:66:60:55:53:dd:14:3e:24:fe:1c:35:
5f:82:8f:a0:fd:5e:d0:79:d2:60:1c:51:15:a5:93:7b:da:86:
a4:8f:69:74:5d:44:47:8d:0c:10:a5:77:95:65:b8:2b:8a:54:
68:57:12:f0:b4:74:aa:06:5f:c7:a6:4c:e9:9d:fc:a7:3f:2e:
cf:2e:3a:20:b4:78:eb:1e:8d:12:be:63:5a:e1:06:e1:ba:3e:
ea:8b:b6:6c:d9:8c:9a:94:04:a7:d0:06:1f:f9:4d:b2:1c:c7:
6a:fb:6b:ff:ad:81:08:1e:79:7a:5d:24:c4:f2:b8:47:77:95:
dd:bb:46:d2:78:2b:7e:77:de:f2:8e:29:fd:0d:e9:60:f5:6b:
ef:29:08:e7:9c:32:e3:41:5f:78:a8:23:a5:36:aa:b0:ac:73:
2f:fb:0f:ed:aa:14:83:5b:a9:20:7b:c9:dc:9f:bd:e6:80:4c:
35:b0:53:1e:52:6a:53:82:48:d4:e8:10:59:91:29:a4:8b:68:
ae:39:c8:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh3k/uttAyUIJZCYqnoEuRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTU5MDE4YWRmZjE2ZWFkZjU1NTFiMmNiNzRkOGY2ODYw
Y2QwNDQwHhcNMjMwNjAxMTUyOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAwZjkxZmY0ZGZlMGM2NDVlNTRmY2Q4ZGQ0ZTg0YmNjM2E4NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8o4myq0kQnMFFxHmW9AaBuzoWSwA
95RzfSIuxB3r4dHQVIYSx4iSsUioBFuFIiYwMcuiL+DvSaLnj9y4P/GKjTZ5h7dH
rWcW4cKOfcq8XRNp8piPxHfNyjy0usV0o8vItv4EUBGkjKv4LSHYtBYt/aVDhFi1
Ocbvco6No2t2/Y0oCAIAenDMoLbJRjTIzhKyqGS9ky8RX2+9/COPcUROYu7j8DrJ
ZBy2eLZgvWyENDEH1qfdDIu9HPpCxdgXXQKz8CxIn+ciYI28X/6KEAUiqKO42MI9
Tb2Wz0y62NTEDzFIlO/5OYu+/qDoRnLxML3UEzwm8gpcON6RJ5791FXnywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAwA+R/03+DGReVPzY3U6EvMOodCMB8GA1UdIwQY
MBaAFEhVkBit/xbq31VRsst02PaGDNBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2Et
YWI0NWU2MDA3MWUyLzEvREFENUhfVGY0TVpGNVVfTmpkVG9TOHc2aDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2EtYWI0NWU2MDA3MWUy
LzEvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQoEAwQC
LY1AAwQCW8q8MA0GCSqGSIb3DQEBCwUAA4IBAQAUz6L8ZlGQdQudLF60jpMNktjh
Dr7rLT/5wpv+NlRhKmLVJ0yLeIM1vaJfSkR1EjXP++WwCA7FgDd7TkpvZmBVU90U
PiT+HDVfgo+g/V7QedJgHFEVpZN72oakj2l0XURHjQwQpXeVZbgrilRoVxLwtHSq
Bl/HpkzpnfynPy7PLjogtHjrHo0SvmNa4Qbhuj7qi7Zs2YyalASn0AYf+U2yHMdq
+2v/rYEIHnl6XSTE8rhHd5Xdu0bSeCt+d97yjin9Delg9WvvKQjnnDLjQV94qCOl
NqqwrHMv+w/tqhSDW6kge8ncn73mgEw1sFMeUmpTgkjU6BBZkSmki2iuOcg7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:14 2024 by rpki-client on console-ams.rpki-client.org