Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/HsEe8lvYjzeTEWbG5b8K1EqcVU4.roa
File: HsEe8lvYjzeTEWbG5b8K1EqcVU4.roa (raw, json)
Hash identifier: d6n0MzwoHYlAdsFNddUx1f1ehw0nQJ3LeIeW454BYQA=
Subject key identifier: 1E:C1:1E:F2:5B:D8:8F:37:93:11:66:C6:E5:BF:0A:D4:4A:9C:55:4E
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 018CC8DE9D8B8B5E8293D0FFA1E4ADBF3904
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/HsEe8lvYjzeTEWbG5b8K1EqcVU4.roa
Signing time: Tue 02 Jan 2024 06:31:21 +0000
ROA not before: Tue 02 Jan 2024 06:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 45.67.156.0/24 maxlen: 24
45.67.159.0/24 maxlen: 24
45.67.158.0/24 maxlen: 24
2a09:7ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 May 2024 14:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:9d:8b:8b:5e:82:93:d0:ff:a1:e4:ad:bf:39:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Jan 2 06:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ec11ef25bd88f37931166c6e5bf0ad44a9c554e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4b:e8:2f:9d:73:ec:26:1b:d6:27:a8:97:9f:
5b:2b:b1:63:b8:22:ea:2f:ec:15:e7:0b:3b:8c:4c:
92:88:f2:db:3f:8e:08:92:84:11:10:f0:b0:23:fc:
2e:44:c5:c7:11:e5:5d:0d:c8:9b:dc:bf:1c:91:90:
5b:fd:31:0e:64:f3:26:3f:b3:49:d8:ba:ae:07:48:
48:6d:c2:86:86:d6:f4:05:f1:4c:3a:33:be:c2:46:
81:21:3d:76:21:65:c2:40:e0:34:7f:00:64:10:45:
50:2d:97:ff:f8:ce:91:a2:52:54:1e:77:4e:02:85:
a2:e0:49:6f:46:1d:80:96:ce:b8:a6:7e:07:02:73:
aa:4b:1c:a5:41:70:a7:f2:d2:40:a8:3e:8e:8f:fc:
63:b7:6f:f4:c1:03:cb:78:cd:47:b3:6d:17:2e:c5:
2f:0e:9a:f7:61:05:df:a2:c6:f9:5c:8f:7b:59:e0:
61:4f:e0:e4:6c:31:f6:77:b2:e5:7b:36:b9:3d:20:
e0:34:92:3d:2b:04:81:76:28:9d:cd:8a:cb:08:04:
bd:a9:16:1e:45:4e:7d:0c:d5:b6:32:81:eb:36:81:
0e:23:cc:28:c9:2f:3b:6d:55:16:2e:29:9b:7f:7d:
4a:e7:c5:a4:5a:74:45:21:2e:4c:a1:07:49:39:fb:
8d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C1:1E:F2:5B:D8:8F:37:93:11:66:C6:E5:BF:0A:D4:4A:9C:55:4E
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/HsEe8lvYjzeTEWbG5b8K1EqcVU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.156.0/24
45.67.158.0/23
IPv6:
2a09:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
53:5f:d2:1f:4c:3c:1a:26:d1:a5:82:e0:04:0b:b2:6c:3c:19:
99:8c:66:1a:43:8a:0e:7b:fb:64:97:53:a2:44:85:b5:bc:5e:
ce:f3:38:6b:bf:cc:b5:d4:a8:f5:6d:52:10:ff:0d:18:86:44:
ff:c5:46:d5:e7:af:14:3e:0c:48:8c:df:82:cb:05:ef:2c:0e:
9d:b5:e8:69:0f:8b:fd:03:75:4f:20:ca:e9:8a:cc:c7:64:da:
fd:97:97:36:d6:9c:ca:01:7b:bb:cc:53:5c:d4:72:10:59:c8:
0a:5c:4f:04:da:d2:50:25:3f:5b:1b:99:67:63:58:5e:0e:b6:
3b:0f:04:e8:1d:04:d9:54:2b:27:62:e2:d1:f1:d6:3d:f4:00:
3b:e7:81:75:b3:19:c2:54:3d:d1:84:69:5c:83:14:61:fb:1f:
bf:ac:27:43:a4:1c:b7:9a:fb:da:34:40:3c:ba:68:09:b6:b6:
bf:9f:ed:ab:a0:15:c8:7b:ed:53:46:ad:4f:84:94:95:00:2e:
37:e0:5d:70:ee:c8:76:37:4a:10:41:bd:30:c5:b1:58:0b:1a:
0e:cb:48:6d:0f:e1:94:3e:cf:f0:48:05:d1:1c:be:44:e3:d3:
70:50:8a:5a:95:d9:1a:5e:25:fb:bf:21:75:71:a2:ae:e2:fc:
1d:06:9d:21
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3p2Li16Ck9D/oeStvzkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjQwMTAyMDYzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWMxMWVmMjViZDg4ZjM3OTMxMTY2YzZlNWJmMGFkNDRhOWM1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkvoL51z7CYb1ieol59bK7FjuCLq
L+wV5ws7jEySiPLbP44IkoQREPCwI/wuRMXHEeVdDcib3L8ckZBb/TEOZPMmP7NJ
2LquB0hIbcKGhtb0BfFMOjO+wkaBIT12IWXCQOA0fwBkEEVQLZf/+M6RolJUHndO
AoWi4ElvRh2Als64pn4HAnOqSxylQXCn8tJAqD6Oj/xjt2/0wQPLeM1Hs20XLsUv
Dpr3YQXfosb5XI97WeBhT+DkbDH2d7Lleza5PSDgNJI9KwSBdiidzYrLCAS9qRYe
RU59DNW2MoHrNoEOI8woyS87bVUWLimbf31K58WkWnRFIS5MoQdJOfuNcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB7BHvJb2I83kxFmxuW/CtRKnFVOMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvSHNFZThsdllqemVURVdiRzViOEsxRXFjVlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUOcAwQB
LUOeMA0EAgACMAcDBQAqCXrAMA0GCSqGSIb3DQEBCwUAA4IBAQBTX9IfTDwaJtGl
guAEC7JsPBmZjGYaQ4oOe/tkl1OiRIW1vF7O8zhrv8y11Kj1bVIQ/w0YhkT/xUbV
568UPgxIjN+CywXvLA6dtehpD4v9A3VPIMrpiszHZNr9l5c21pzKAXu7zFNc1HIQ
WcgKXE8E2tJQJT9bG5lnY1heDrY7DwToHQTZVCsnYuLR8dY99AA754F1sxnCVD3R
hGlcgxRh+x+/rCdDpBy3mvvaNEA8umgJtra/n+2roBXIe+1TRq1PhJSVAC434F1w
7sh2N0oQQb0wxbFYCxoOy0htD+GUPs/wSAXRHL5E49NwUIpaldkaXiX7vyF1caKu
4vwdBp0h
-----END CERTIFICATE-----
Generated at Wed May 8 17:33:11 2024 by rpki-client on console-fra.rpki-client.org