Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/daqzTczlU_M6HYUnJGdoxfAVm2g.roa
File: daqzTczlU_M6HYUnJGdoxfAVm2g.roa (raw, json)
Hash identifier: b1+5BS1yNnSqUfMmgwGhp+YFtIeaxxK1fegoqkMTsGU=
Subject key identifier: 75:AA:B3:4D:CC:E5:53:F3:3A:1D:85:27:24:67:68:C5:F0:15:9B:68
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 018EA8FAD2DA15A981A202998CCC9938E245
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/daqzTczlU_M6HYUnJGdoxfAVm2g.roa
Signing time: Thu 04 Apr 2024 11:59:54 +0000
ROA not before: Thu 04 Apr 2024 11:59:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.241.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 06:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a8:fa:d2:da:15:a9:81:a2:02:99:8c:cc:99:38:e2:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 4 11:59:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75aab34dcce553f33a1d8527246768c5f0159b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:6e:d8:b6:38:a3:7a:5d:a5:8e:fa:92:e4:
ce:fe:91:f4:c9:4c:83:d4:0f:e8:db:b3:63:09:c9:
b4:28:4e:61:cf:65:b0:f7:a7:4d:9f:c0:9e:e4:4a:
bd:c5:20:58:62:2e:e7:d8:0a:23:7a:eb:4e:8a:f1:
a6:b5:2b:2c:c9:3f:56:0e:53:3a:ba:81:15:5b:b7:
f9:27:0c:d5:7b:68:18:0c:c3:39:61:cb:1d:45:54:
8e:f2:ad:fe:af:e3:62:3c:dc:ff:b4:b2:e2:73:a5:
4d:25:40:5d:69:ac:b6:13:9b:08:00:69:ed:d4:82:
c0:8b:e1:68:e1:20:03:33:f9:be:16:7a:85:f4:8a:
29:44:63:93:8e:db:3d:fa:ea:27:38:dc:51:74:d5:
b8:98:22:1e:37:11:ff:74:83:c7:0d:51:f3:aa:12:
78:39:2d:89:f2:05:ce:e2:3b:b9:f0:51:09:77:81:
04:9c:e0:61:61:7b:55:8e:d6:42:93:8c:9e:fc:a6:
d5:44:21:a7:70:6e:bc:94:d5:89:97:79:ac:33:dc:
de:df:19:1c:68:dd:c8:20:86:cf:63:cc:54:9d:9c:
6a:06:89:36:ed:2c:42:5e:4d:3c:d0:6b:aa:7a:2b:
54:78:55:1e:f6:22:50:5b:41:1e:28:d4:67:d4:e6:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AA:B3:4D:CC:E5:53:F3:3A:1D:85:27:24:67:68:C5:F0:15:9B:68
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/daqzTczlU_M6HYUnJGdoxfAVm2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.241.0/24
194.143.214.0/24
195.114.192.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:90:87:cc:fb:54:5d:31:f3:f2:d2:eb:97:31:01:5c:df:75:
6d:b7:42:de:12:a8:dd:fc:49:ee:82:c3:56:0d:7f:5e:7f:73:
89:80:c2:86:e9:d2:a4:83:62:b4:d8:74:68:9d:55:81:07:54:
2b:0f:89:39:3c:00:03:a3:c5:6b:9f:af:6c:81:f3:1f:b0:99:
a7:d6:86:72:17:8e:86:09:8e:4c:69:8d:b2:da:41:74:5c:c0:
01:5f:e1:2e:b1:be:91:eb:59:f6:30:2c:33:d1:ce:a3:2f:3d:
ad:40:d7:a5:67:d1:1c:d4:01:13:30:34:e4:5e:50:92:95:d5:
39:3a:57:7a:a4:07:7b:cd:91:94:b8:f5:8d:df:39:a8:b0:52:
01:c9:60:f4:77:30:25:59:c6:51:49:49:4a:2b:0f:3a:06:27:
68:e3:18:68:8d:ee:8f:ad:38:1e:a5:b3:5c:1f:d9:45:3a:39:
ce:97:a6:68:c6:48:d3:f0:d5:46:85:b9:65:b1:78:8b:87:5a:
c6:06:1d:be:96:e0:99:71:bc:28:7c:02:ad:81:f3:4f:06:2d:
0e:80:65:df:c3:58:a7:8e:a3:82:1f:97:80:17:80:7e:d4:75:
a8:f8:e0:40:21:e5:5f:dd:fc:b4:70:43:75:79:cc:e7:02:bb:
78:65:f2:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6o+tLaFamBogKZjMyZOOJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNDA0MTE1OTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFhYjM0ZGNjZTU1M2YzM2ExZDg1MjcyNDY3NjhjNWYwMTU5YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskpu2LY4o3pdpY76kuTO/pH0yUyD
1A/o27NjCcm0KE5hz2Ww96dNn8Ce5Eq9xSBYYi7n2AojeutOivGmtSssyT9WDlM6
uoEVW7f5JwzVe2gYDMM5YcsdRVSO8q3+r+NiPNz/tLLic6VNJUBdaay2E5sIAGnt
1ILAi+Fo4SADM/m+FnqF9IopRGOTjts9+uonONxRdNW4mCIeNxH/dIPHDVHzqhJ4
OS2J8gXO4ju58FEJd4EEnOBhYXtVjtZCk4ye/KbVRCGncG68lNWJl3msM9ze3xkc
aN3IIIbPY8xUnZxqBok27SxCXk080GuqeitUeFUe9iJQW0EeKNRn1Oa17wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHWqs03M5VPzOh2FJyRnaMXwFZtoMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZGFxelRjemxVX002SFlVbkpHZG94ZkFWbTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZvxAwQA
wo/WAwQAw3LAMA0GCSqGSIb3DQEBCwUAA4IBAQCekIfM+1RdMfPy0uuXMQFc33Vt
t0LeEqjd/EnugsNWDX9ef3OJgMKG6dKkg2K02HRonVWBB1QrD4k5PAADo8Vrn69s
gfMfsJmn1oZyF46GCY5MaY2y2kF0XMABX+Eusb6R61n2MCwz0c6jLz2tQNelZ9Ec
1AETMDTkXlCSldU5Old6pAd7zZGUuPWN3zmosFIByWD0dzAlWcZRSUlKKw86Bido
4xhoje6PrTgepbNcH9lFOjnOl6ZoxkjT8NVGhbllsXiLh1rGBh2+luCZcbwofAKt
gfNPBi0OgGXfw1injqOCH5eAF4B+1HWo+OBAIeVf3fy0cEN1ecznArt4ZfJ5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:40 2024 by rpki-client on console-ams.rpki-client.org