Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/fd92cc-4ff4-4957-8898-2faf5383b505/1/nubUB_dvy5U62iVUDBr2DCRYFE4.roa
File: nubUB_dvy5U62iVUDBr2DCRYFE4.roa (raw, json)
Hash identifier: SC5Jni/X26STRF+K/T1P/b+1Vvmm4FnqKju7Jz/PsAg=
Subject key identifier: 9E:E6:D4:07:F7:6F:CB:95:3A:DA:25:54:0C:1A:F6:0C:24:58:14:4E
Certificate issuer: /CN=4bbd04619a2e168ac957522edff022f90bc0a4df
Certificate serial: 01856F797EE9F31F7780902C9426DF700D01
Authority key identifier: 4B:BD:04:61:9A:2E:16:8A:C9:57:52:2E:DF:F0:22:F9:0B:C0:A4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S70EYZouForJV1Iu3_Ai-QvApN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/fd92cc-4ff4-4957-8898-2faf5383b505/1/nubUB_dvy5U62iVUDBr2DCRYFE4.roa
Signing time: Sun 01 Jan 2023 22:35:11 +0000
ROA not before: Sun 01 Jan 2023 22:35:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201547
IP address blocks: 5.45.44.0/22 maxlen: 22
5.45.45.0/24 maxlen: 24
5.45.46.0/24 maxlen: 24
2a0d:1740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:7e:e9:f3:1f:77:80:90:2c:94:26:df:70:0d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bbd04619a2e168ac957522edff022f90bc0a4df
Validity
Not Before: Jan 1 22:35:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ee6d407f76fcb953ada25540c1af60c2458144e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b7:62:b2:29:7d:2b:f5:4b:8b:23:6a:09:4a:
13:e7:6f:3b:d0:d4:7d:a9:51:24:68:35:ea:6b:d5:
25:ae:bc:da:bd:d6:90:03:b9:ec:1c:00:c2:5e:9f:
db:23:c0:80:fe:01:93:66:59:89:e6:3a:6f:b2:ee:
69:6c:76:b8:79:6c:9a:33:a8:29:f3:c6:47:3f:db:
16:83:89:ab:bd:30:5f:c8:3b:e7:ec:ac:64:b5:37:
a8:ba:d4:ed:e2:df:b4:c2:b5:46:f8:8f:53:a2:33:
ae:08:59:cc:bf:5b:c3:0f:c7:99:5e:b7:0e:3e:d6:
3c:7e:14:f3:2d:a5:16:94:33:ee:a3:25:f9:ea:e8:
29:57:52:0a:37:64:5b:64:13:42:c6:fe:f9:e3:99:
0b:e4:b5:bd:f7:85:55:5a:75:f4:71:a8:b5:4c:c9:
c6:1b:ff:00:7d:c1:b2:6f:eb:0e:d6:70:10:3f:e0:
0d:ba:35:61:1d:77:b8:65:a9:48:2b:af:ef:5f:d9:
45:a9:2e:46:08:cf:41:f9:a6:da:fe:e5:35:d0:4b:
6a:03:19:e2:e3:b5:7a:f5:56:ca:37:57:12:2c:9c:
8b:e8:02:10:45:88:6b:8a:55:62:c0:c9:be:7e:91:
89:d5:d6:52:27:89:d8:6e:65:a7:eb:c1:82:f8:3b:
5c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E6:D4:07:F7:6F:CB:95:3A:DA:25:54:0C:1A:F6:0C:24:58:14:4E
X509v3 Authority Key Identifier:
keyid:4B:BD:04:61:9A:2E:16:8A:C9:57:52:2E:DF:F0:22:F9:0B:C0:A4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S70EYZouForJV1Iu3_Ai-QvApN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/fd92cc-4ff4-4957-8898-2faf5383b505/1/nubUB_dvy5U62iVUDBr2DCRYFE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/fd92cc-4ff4-4957-8898-2faf5383b505/1/S70EYZouForJV1Iu3_Ai-QvApN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.44.0/22
IPv6:
2a0d:1740::/32
Signature Algorithm: sha256WithRSAEncryption
49:3b:0a:d2:a3:2a:7a:42:28:d4:b8:71:68:be:bd:73:0d:4d:
58:e4:69:e4:e2:1b:d4:a8:b9:69:ae:82:15:89:93:93:60:cd:
b7:1f:76:27:3c:ea:41:92:bf:75:fb:90:66:c4:c8:a0:a6:ee:
2b:64:78:01:6d:2b:82:e0:24:df:ae:88:42:b4:d6:2a:6e:36:
12:77:19:f2:3f:1c:e8:de:79:a2:7a:a4:c8:e1:d5:7c:79:c5:
ec:41:49:ef:f4:24:ab:c4:8f:68:48:fc:50:67:34:9b:8f:54:
4b:66:27:f6:14:29:e3:33:f3:66:5f:d5:8a:34:8a:9d:99:c3:
1c:f5:de:46:63:4e:30:ff:e9:14:ea:f2:82:7c:64:db:ce:4f:
e8:85:7d:6e:e9:f5:d6:f2:88:77:e7:9f:2e:d6:79:54:cc:2f:
ea:23:93:89:c5:51:1f:97:e9:ad:ce:cb:13:9a:52:76:7e:84:
68:84:3f:02:11:f3:6a:e1:a4:75:cb:14:96:fe:db:9a:bd:24:
63:66:ec:e3:a4:29:e5:53:0d:bf:1c:7d:b6:e8:7a:56:10:f4:
5c:1f:23:93:3b:cd:ab:1b:e9:ba:fd:90:62:3b:c9:30:59:78:
9e:1e:89:36:d7:9c:23:18:7a:07:ab:d3:23:2f:79:c2:09:00:
f2:92:5f:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveX7p8x93gJAslCbfcA0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYmQwNDYxOWEyZTE2OGFjOTU3NTIyZWRmZjAyMmY5MGJj
MGE0ZGYwHhcNMjMwMTAxMjIzNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU2ZDQwN2Y3NmZjYjk1M2FkYTI1NTQwYzFhZjYwYzI0NTgxNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbdisil9K/VLiyNqCUoT52870NR9
qVEkaDXqa9UlrrzavdaQA7nsHADCXp/bI8CA/gGTZlmJ5jpvsu5pbHa4eWyaM6gp
88ZHP9sWg4mrvTBfyDvn7KxktTeoutTt4t+0wrVG+I9TojOuCFnMv1vDD8eZXrcO
PtY8fhTzLaUWlDPuoyX56ugpV1IKN2RbZBNCxv7545kL5LW994VVWnX0cai1TMnG
G/8AfcGyb+sO1nAQP+ANujVhHXe4ZalIK6/vX9lFqS5GCM9B+aba/uU10EtqAxni
47V69VbKN1cSLJyL6AIQRYhrilViwMm+fpGJ1dZSJ4nYbmWn68GC+DtclwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7m1Af3b8uVOtolVAwa9gwkWBROMB8GA1UdIwQY
MBaAFEu9BGGaLhaKyVdSLt/wIvkLwKTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzcwRVlab3VGb3JKVjFJdTNfQWktUXZBcE44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mZDkyY2MtNGZmNC00OTU3LTg4OTgt
MmZhZjUzODNiNTA1LzEvbnViVUJfZHZ5NVU2MmlWVURCcjJEQ1JZRkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mZDkyY2MtNGZmNC00OTU3LTg4OTgtMmZhZjUzODNiNTA1
LzEvUzcwRVlab3VGb3JKVjFJdTNfQWktUXZBcE44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBS0sMA0E
AgACMAcDBQAqDRdAMA0GCSqGSIb3DQEBCwUAA4IBAQBJOwrSoyp6QijUuHFovr1z
DU1Y5Gnk4hvUqLlproIViZOTYM23H3YnPOpBkr91+5BmxMigpu4rZHgBbSuC4CTf
rohCtNYqbjYSdxnyPxzo3nmieqTI4dV8ecXsQUnv9CSrxI9oSPxQZzSbj1RLZif2
FCnjM/NmX9WKNIqdmcMc9d5GY04w/+kU6vKCfGTbzk/ohX1u6fXW8oh3558u1nlU
zC/qI5OJxVEfl+mtzssTmlJ2foRohD8CEfNq4aR1yxSW/tuavSRjZuzjpCnlUw2/
HH226HpWEPRcHyOTO82rG+m6/ZBiO8kwWXieHok215wjGHoHq9MjL3nCCQDykl/1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:03 2024 by rpki-client on console-fra.rpki-client.org