Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/AaZI52719ruukyY-W1e5DKixvwU.roa
File: AaZI52719ruukyY-W1e5DKixvwU.roa (raw, json)
Hash identifier: 8lm1IxDynGygbYMWXT3/hbUm+p5ukb1F1HkXN/5Aybs=
Subject key identifier: 01:A6:48:E7:6E:F5:F6:BB:AE:93:26:3E:5B:57:B9:0C:A8:B1:BF:05
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 018DF9AD6A96D0DC5A24B5B105813A9775CA
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/AaZI52719ruukyY-W1e5DKixvwU.roa
Signing time: Fri 01 Mar 2024 11:01:48 +0000
ROA not before: Fri 01 Mar 2024 11:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.95.224.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:ad:6a:96:d0:dc:5a:24:b5:b1:05:81:3a:97:75:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Mar 1 11:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01a648e76ef5f6bbae93263e5b57b90ca8b1bf05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:74:7a:5d:27:fe:2d:5b:e9:09:e6:6c:2a:73:
e2:3b:0f:63:d2:74:3a:e8:1c:7a:a4:21:ef:5c:94:
e0:ab:b0:70:d1:62:df:35:80:a7:a1:78:53:cc:39:
8f:1f:1e:44:23:94:88:6a:12:ca:ec:5e:37:51:ca:
cf:b4:6a:51:5e:21:53:16:3f:a5:3b:6a:f8:81:b0:
7d:13:05:3d:e5:93:15:bb:e5:1e:3f:c1:3e:7d:bf:
9d:ea:cf:5b:b4:31:2c:25:bf:46:e5:a1:a6:a6:4f:
50:dc:a7:95:80:b0:a1:6a:58:ad:01:0c:9b:a6:c4:
15:83:8a:98:b4:13:7b:8e:7b:d0:3e:4e:96:24:02:
ce:ff:55:d5:e2:56:58:a1:a9:5a:88:8a:e8:4b:41:
15:3f:e9:ab:c9:92:9f:0b:db:49:fb:6a:24:d3:8e:
2f:df:0c:77:f5:6c:33:22:6e:d6:42:e2:89:c6:e9:
da:fb:e4:74:f6:d4:66:60:6a:60:2e:e9:81:19:56:
cd:84:d0:41:e7:46:9e:95:68:9f:60:81:a5:34:17:
0b:d5:c1:05:ac:39:00:a5:10:79:47:5d:06:fe:b5:
1b:eb:73:d6:33:fb:d5:ec:1e:8b:e4:87:a7:ef:1e:
85:51:7f:d7:71:57:72:f4:5b:8f:9c:29:d4:45:69:
96:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A6:48:E7:6E:F5:F6:BB:AE:93:26:3E:5B:57:B9:0C:A8:B1:BF:05
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/AaZI52719ruukyY-W1e5DKixvwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.224.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:1d:35:94:27:54:77:15:11:59:85:11:dc:49:2e:e3:10:bf:
47:c9:3e:71:cc:f3:41:29:74:3e:8b:8d:d8:a9:a0:ef:e0:57:
69:5f:0e:50:7f:ff:3c:95:38:8f:13:dd:f4:a4:7c:5c:89:5b:
52:35:03:fe:05:36:1d:9f:78:e7:67:c4:9d:0e:a6:a0:11:34:
33:e6:f6:c2:a6:c4:9c:e8:9f:ca:db:84:1d:c2:1c:f3:21:29:
9c:50:d1:06:67:d9:f8:b7:da:2b:d0:fe:d0:cf:60:1f:66:8f:
f0:ed:c2:d6:1c:8b:b0:84:2e:69:bd:b9:5c:7c:70:91:75:ca:
25:16:5b:c8:f9:c6:c5:e7:d4:30:ba:3b:38:bf:39:eb:92:19:
9a:68:99:9a:50:ad:2a:bd:8c:35:54:99:9e:f0:31:60:9d:7d:
60:3a:13:30:93:fa:47:92:e9:da:de:2d:be:97:d7:bf:1d:48:
53:9d:ad:fb:b9:51:4e:6e:4c:b0:d9:22:52:8b:90:aa:0f:98:
d5:2e:93:db:71:55:de:f2:ac:c7:8d:da:52:27:30:b9:f1:e2:
3c:6f:82:cb:0d:64:a8:69:2f:c6:c3:6a:51:7c:86:30:79:74:
80:76:b1:02:de:b4:f8:98:b0:76:ea:b8:28:fe:e8:7a:90:b5:
9f:15:54:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35rWqW0NxaJLWxBYE6l3XKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwMzAxMTEwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE2NDhlNzZlZjVmNmJiYWU5MzI2M2U1YjU3YjkwY2E4YjFiZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3R6XSf+LVvpCeZsKnPiOw9j0nQ6
6Bx6pCHvXJTgq7Bw0WLfNYCnoXhTzDmPHx5EI5SIahLK7F43UcrPtGpRXiFTFj+l
O2r4gbB9EwU95ZMVu+UeP8E+fb+d6s9btDEsJb9G5aGmpk9Q3KeVgLChalitAQyb
psQVg4qYtBN7jnvQPk6WJALO/1XV4lZYoalaiIroS0EVP+mryZKfC9tJ+2ok044v
3wx39WwzIm7WQuKJxuna++R09tRmYGpgLumBGVbNhNBB50aelWifYIGlNBcL1cEF
rDkApRB5R10G/rUb63PWM/vV7B6L5Ien7x6FUX/XcVdy9FuPnCnURWmWWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGmSOdu9fa7rpMmPltXuQyosb8FMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvQWFaSTUyNzE5cnV1a3lZLVcxZTVES2l4dndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLV/gMA0G
CSqGSIb3DQEBCwUAA4IBAQA7HTWUJ1R3FRFZhRHcSS7jEL9HyT5xzPNBKXQ+i43Y
qaDv4FdpXw5Qf/88lTiPE930pHxciVtSNQP+BTYdn3jnZ8SdDqagETQz5vbCpsSc
6J/K24QdwhzzISmcUNEGZ9n4t9or0P7Qz2AfZo/w7cLWHIuwhC5pvblcfHCRdcol
FlvI+cbF59Qwujs4vznrkhmaaJmaUK0qvYw1VJme8DFgnX1gOhMwk/pHkuna3i2+
l9e/HUhTna37uVFObkyw2SJSi5CqD5jVLpPbcVXe8qzHjdpSJzC58eI8b4LLDWSo
aS/Gw2pRfIYweXSAdrEC3rT4mLB26rgo/uh6kLWfFVQf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org