Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/DntoUH8bfWu17bWXn5xIFIAgw8A.roa
File: DntoUH8bfWu17bWXn5xIFIAgw8A.roa (raw, json)
Hash identifier: IQFZtZNySAvOh5x4o/qEVkvJa/7bRqlidfp4IDUDi+s=
Subject key identifier: 0E:7B:68:50:7F:1B:7D:6B:B5:ED:B5:97:9F:9C:48:14:80:20:C3:C0
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01890252A4B411D82E7F597335CF773AB5AF
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/DntoUH8bfWu17bWXn5xIFIAgw8A.roa
Signing time: Wed 28 Jun 2023 14:05:17 +0000
ROA not before: Wed 28 Jun 2023 14:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.143.218.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
45.155.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Jun 2023 12:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:52:a4:b4:11:d8:2e:7f:59:73:35:cf:77:3a:b5:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 28 14:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e7b68507f1b7d6bb5edb5979f9c48148020c3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ee:ce:fb:d6:4a:bc:7c:83:7b:cd:98:11:7b:
c4:f2:42:aa:bc:c1:ca:51:91:de:d2:c8:67:2f:d5:
9b:32:c5:de:cf:b7:89:78:41:d1:1d:53:66:ef:31:
d7:71:57:dd:46:fa:d3:ee:4a:85:99:c3:e7:95:2e:
e7:ca:58:40:bb:fd:27:06:01:40:23:1e:15:ba:66:
a9:9f:15:4a:ac:ca:02:85:d9:18:24:5f:61:49:ce:
1c:68:0a:d1:a1:ab:be:c9:dc:90:e7:df:24:f6:61:
40:49:13:be:97:71:35:32:6b:d6:64:ab:c5:85:44:
21:e3:52:f7:94:80:5a:cc:02:ca:bf:e9:ec:4e:83:
35:65:b0:64:fc:58:97:a8:d7:d0:c8:6a:21:f1:53:
f6:f1:31:37:02:72:37:f5:01:73:c7:11:7f:12:3a:
1d:85:1c:18:1f:35:c4:77:bd:b9:81:ec:fc:bf:51:
55:22:5a:cf:2d:87:ff:2a:a2:e7:6f:f7:1c:9f:35:
27:1c:ef:27:cb:88:da:12:18:ca:b8:dd:3a:3b:56:
8c:c6:b7:da:21:c8:7d:a2:1f:cc:c0:c9:b1:2e:12:
de:94:73:15:ee:10:83:a0:2c:41:c7:67:52:49:77:
d7:53:7a:67:14:ea:ec:12:dc:84:30:e3:a3:3e:30:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7B:68:50:7F:1B:7D:6B:B5:ED:B5:97:9F:9C:48:14:80:20:C3:C0
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/DntoUH8bfWu17bWXn5xIFIAgw8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/23
194.143.218.0/24
194.143.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:0c:f6:e4:d1:14:f7:74:b2:5c:a6:b0:69:aa:64:f5:19:15:
ed:05:2c:6d:61:a3:4c:53:67:91:1d:ff:9a:ce:44:1f:a1:90:
cd:0a:c0:21:3c:30:a0:e7:91:4b:56:f0:e9:9c:53:22:b6:62:
11:c6:ad:48:92:80:e8:f5:0c:bc:b0:ab:0c:ee:c4:73:81:50:
4f:26:f5:41:21:c8:82:9f:76:1e:ed:11:7d:00:08:c3:de:4b:
a0:d1:52:3e:3b:68:1e:d3:56:ca:35:96:af:f2:df:42:0d:51:
cd:7c:80:2f:4f:f9:31:7b:12:ad:52:04:d3:ca:75:30:e3:05:
39:c1:8a:14:54:10:36:4b:7e:4b:80:51:7c:aa:c4:7e:51:3d:
d5:be:cc:08:d2:7f:d2:46:96:42:f0:d8:b5:9d:f8:02:81:59:
bd:f5:13:16:4c:b8:01:3e:a7:48:28:7f:27:63:69:d6:cb:fc:
a7:9b:e1:75:1c:9d:0e:74:24:5f:0e:eb:f9:26:0f:9f:2d:8d:
6a:ee:2a:eb:f4:0d:c6:4d:78:53:2d:6b:cf:bc:3b:de:37:df:
81:6b:26:ab:a2:3e:3e:ce:c3:24:7c:b9:d2:60:1c:7a:9d:25:
46:86:5e:42:3f:45:a5:3c:46:dc:b6:60:bb:cf:c2:5a:f0:ef:
1d:55:37:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkCUqS0Edguf1lzNc93OrWvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNjI4MTQwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTdiNjg1MDdmMWI3ZDZiYjVlZGI1OTc5ZjljNDgxNDgwMjBjM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu7O+9ZKvHyDe82YEXvE8kKqvMHK
UZHe0shnL9WbMsXez7eJeEHRHVNm7zHXcVfdRvrT7kqFmcPnlS7nylhAu/0nBgFA
Ix4VumapnxVKrMoChdkYJF9hSc4caArRoau+ydyQ598k9mFASRO+l3E1MmvWZKvF
hUQh41L3lIBazALKv+nsToM1ZbBk/FiXqNfQyGoh8VP28TE3AnI39QFzxxF/Ejod
hRwYHzXEd725gez8v1FVIlrPLYf/KqLnb/ccnzUnHO8ny4jaEhjKuN06O1aMxrfa
Ich9oh/MwMmxLhLelHMV7hCDoCxBx2dSSXfXU3pnFOrsEtyEMOOjPjCwMQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA57aFB/G31rte21l5+cSBSAIMPAMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvRG50b1VIOGJmV3UxN2JXWG41eElGSUFndzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZvyAwQA
wo/aAwQAwo/fMA0GCSqGSIb3DQEBCwUAA4IBAQCLDPbk0RT3dLJcprBpqmT1GRXt
BSxtYaNMU2eRHf+azkQfoZDNCsAhPDCg55FLVvDpnFMitmIRxq1IkoDo9Qy8sKsM
7sRzgVBPJvVBIciCn3Ye7RF9AAjD3kug0VI+O2ge01bKNZav8t9CDVHNfIAvT/kx
exKtUgTTynUw4wU5wYoUVBA2S35LgFF8qsR+UT3VvswI0n/SRpZC8Ni1nfgCgVm9
9RMWTLgBPqdIKH8nY2nWy/ynm+F1HJ0OdCRfDuv5Jg+fLY1q7irr9A3GTXhTLWvP
vDveN9+Bayaroj4+zsMkfLnSYBx6nSVGhl5CP0WlPEbctmC7z8Ja8O8dVTcV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:40 2024 by rpki-client on console-ams.rpki-client.org