Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JzO7yuFP2ghl8h8b4KHyQWPuikY.roa
File: JzO7yuFP2ghl8h8b4KHyQWPuikY.roa (raw, json)
Hash identifier: KSPBhCN7GpGoEGwtWTnkBvtRVJYtBtJQXHgVsSNLygk=
Subject key identifier: 27:33:BB:CA:E1:4F:DA:08:65:F2:1F:1B:E0:A1:F2:41:63:EE:8A:46
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018AE0CBB1C7A177CF293C0146058B138F26
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JzO7yuFP2ghl8h8b4KHyQWPuikY.roa
Signing time: Fri 29 Sep 2023 11:56:00 +0000
ROA not before: Fri 29 Sep 2023 11:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.234.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 13:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:cb:b1:c7:a1:77:cf:29:3c:01:46:05:8b:13:8f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 29 11:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2733bbcae14fda0865f21f1be0a1f24163ee8a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:35:d4:1f:b6:73:77:5c:9d:25:36:42:d2:b8:
17:ff:e3:6d:fb:83:71:76:ea:b7:62:7b:00:96:78:
ce:12:34:d0:06:4f:65:a0:69:ce:41:2f:fd:dc:60:
1a:f2:5e:99:99:da:92:8e:4a:26:1d:30:56:75:3e:
45:6e:35:bf:d9:81:a1:84:d6:c3:a8:cd:cb:4a:f1:
5e:46:a2:40:60:a7:5a:1d:d4:c5:89:5d:64:17:cd:
3f:98:15:40:28:7f:89:4f:5d:f6:2e:98:61:92:03:
7f:0e:36:b0:25:d4:93:5b:4a:5f:56:20:4a:df:1a:
4c:5c:ef:fb:34:99:cc:ad:7e:07:63:42:78:18:d2:
d2:a2:96:05:aa:89:d0:a8:8e:ee:5c:fb:82:44:fb:
b8:42:79:46:12:2a:0c:3c:1c:20:6e:30:62:bf:b2:
32:7d:28:fb:f0:4d:ad:b8:43:dd:a5:65:61:eb:5a:
07:9b:39:38:e4:0d:de:e9:b3:6c:c8:2d:4a:ca:5d:
9b:74:5f:36:d5:0f:96:51:fa:32:92:e2:30:08:f4:
12:3d:a9:c2:c7:d9:f5:f9:0c:cc:0a:06:89:96:79:
9a:18:cc:c7:78:66:21:72:72:fa:58:54:33:d1:12:
6a:5e:02:6a:e7:c0:31:94:58:2c:99:e1:68:11:75:
b1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:33:BB:CA:E1:4F:DA:08:65:F2:1F:1B:E0:A1:F2:41:63:EE:8A:46
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/JzO7yuFP2ghl8h8b4KHyQWPuikY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
08:18:38:7f:36:ac:86:b2:ab:2c:9b:30:c2:07:6a:13:4e:e5:
e0:c2:7c:25:aa:79:f6:25:50:eb:ff:f8:40:98:f0:af:87:fa:
70:0a:b3:63:68:8a:f1:de:8b:e6:e5:18:a4:0d:13:95:20:ae:
7d:bc:e3:4e:84:e9:52:af:b0:6d:49:41:68:80:72:5a:34:89:
9a:ab:f6:65:0d:4d:e3:37:0c:a4:ce:4a:dc:d7:f0:37:d0:46:
00:f3:38:cf:f3:01:2f:d6:98:16:a0:c3:23:50:49:96:fd:40:
4e:f2:f4:32:51:fb:89:cd:47:5a:38:9b:5e:66:3c:bb:aa:db:
b6:86:7e:23:23:29:1b:e4:a6:2b:30:15:7b:52:03:3b:8e:48:
fa:d8:8d:3f:1c:37:29:c3:32:9b:e7:da:da:75:ff:27:89:d0:
9e:3a:37:69:f7:ef:66:94:54:8c:6a:f5:93:c4:8c:9c:26:ac:
44:57:35:6e:26:f0:96:a4:70:95:c8:86:82:db:51:81:94:b9:
23:c1:6f:cb:40:14:60:a6:b0:17:cf:4d:f6:34:28:e9:eb:18:
0d:b1:10:a7:1b:a8:23:80:92:49:49:bc:e4:17:61:9a:d5:6a:
76:71:a1:a4:99:c7:a8:f2:d4:c2:75:c5:7e:87:7c:b8:82:ee:
cf:e7:56:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrgy7HHoXfPKTwBRgWLE48mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwOTI5MTE1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzMzYmJjYWUxNGZkYTA4NjVmMjFmMWJlMGExZjI0MTYzZWU4YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzXUH7Zzd1ydJTZC0rgX/+Nt+4Nx
duq3YnsAlnjOEjTQBk9loGnOQS/93GAa8l6ZmdqSjkomHTBWdT5FbjW/2YGhhNbD
qM3LSvFeRqJAYKdaHdTFiV1kF80/mBVAKH+JT132LphhkgN/DjawJdSTW0pfViBK
3xpMXO/7NJnMrX4HY0J4GNLSopYFqonQqI7uXPuCRPu4QnlGEioMPBwgbjBiv7Iy
fSj78E2tuEPdpWVh61oHmzk45A3e6bNsyC1Kyl2bdF821Q+WUfoykuIwCPQSPanC
x9n1+QzMCgaJlnmaGMzHeGYhcnL6WFQz0RJqXgJq58AxlFgsmeFoEXWxLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCczu8rhT9oIZfIfG+Ch8kFj7opGMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvSnpPN3l1RlAyZ2hsOGg4YjRLSHlRV1B1aWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY3qAwQA
Xr7DMA0GCSqGSIb3DQEBCwUAA4IBAQAIGDh/NqyGsqssmzDCB2oTTuXgwnwlqnn2
JVDr//hAmPCvh/pwCrNjaIrx3ovm5RikDROVIK59vONOhOlSr7BtSUFogHJaNIma
q/ZlDU3jNwykzkrc1/A30EYA8zjP8wEv1pgWoMMjUEmW/UBO8vQyUfuJzUdaOJte
Zjy7qtu2hn4jIykb5KYrMBV7UgM7jkj62I0/HDcpwzKb59radf8nidCeOjdp9+9m
lFSMavWTxIycJqxEVzVuJvCWpHCVyIaC21GBlLkjwW/LQBRgprAXz032NCjp6xgN
sRCnG6gjgJJJSbzkF2Ga1Wp2caGkmceo8tTCdcV+h3y4gu7P51aB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org