Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/sm72WFltACiF66blGYKbBwCmvOI.roa
File: sm72WFltACiF66blGYKbBwCmvOI.roa (raw, json)
Hash identifier: MRb9Ty+CR20/waZyvekZ3+6bexL3WrvyoEjQ0rduKPo=
Subject key identifier: B2:6E:F6:58:59:6D:00:28:85:EB:A6:E5:19:82:9B:07:00:A6:BC:E2
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0190D92D8C2F76070EA678F069A0E273B2E9
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/sm72WFltACiF66blGYKbBwCmvOI.roa
Signing time: Mon 22 Jul 2024 06:42:39 +0000
ROA not before: Mon 22 Jul 2024 06:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.214.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:2d:8c:2f:76:07:0e:a6:78:f0:69:a0:e2:73:b2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jul 22 06:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b26ef658596d002885eba6e519829b0700a6bce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5a:c2:31:cb:81:e1:96:9b:b8:d0:a0:be:8c:
bd:f3:05:c6:d9:18:e3:00:3c:fa:9a:eb:72:c1:81:
be:8f:80:99:7d:79:e5:1d:c0:a7:e4:23:f4:db:e7:
54:5b:c9:d3:46:37:ab:ed:56:a0:4e:90:c3:f7:87:
8e:2b:0a:a2:81:ad:2f:04:da:94:ee:77:9a:65:8c:
4a:6d:8e:94:15:e4:5e:5d:a2:84:5a:ef:d6:28:aa:
fe:3d:de:69:e8:78:0f:c3:95:4f:9d:43:90:9f:ac:
39:02:25:17:35:7a:c1:83:f6:46:ee:4b:f9:ec:49:
bc:23:63:60:fb:d7:2e:63:45:7f:95:35:69:ec:18:
91:ca:a6:ea:30:7f:e7:e8:f7:0a:0c:3d:8c:18:df:
80:67:d1:45:44:4f:7a:b7:07:44:73:1e:f7:8a:5d:
76:01:b4:6f:99:8f:3c:de:d1:23:7d:81:dd:9d:31:
0f:b7:83:c7:29:36:87:dc:ac:27:21:a9:0a:c3:44:
dc:34:be:09:e5:5a:5f:32:dd:c0:9d:33:f3:de:b2:
31:1f:0c:e9:1c:6f:58:89:ad:a0:41:b4:f3:2e:b4:
8a:99:70:8d:5e:0f:02:fb:67:75:22:18:6b:08:f5:
1c:67:09:46:3e:a9:d8:12:b9:be:70:ab:08:0f:73:
6b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:6E:F6:58:59:6D:00:28:85:EB:A6:E5:19:82:9B:07:00:A6:BC:E2
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/sm72WFltACiF66blGYKbBwCmvOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.241.0-45.155.242.255
194.143.214.0/24
195.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f7:86:e5:2f:34:5f:15:1f:20:b3:93:88:2e:8a:79:bd:2f:
15:9c:3d:95:69:88:1c:ab:62:f8:19:f9:7a:a4:c0:d4:0f:05:
20:0d:21:90:ea:af:1b:78:af:55:5b:bc:45:d5:fb:8e:b3:99:
16:8c:6d:92:3d:fa:57:46:ea:7c:d8:44:5f:9f:38:86:3e:28:
f3:82:72:e4:3c:60:2d:0c:bd:25:ed:d3:45:6e:bc:25:10:9d:
00:74:bc:b8:40:da:f8:4f:38:15:43:1b:57:b3:7c:d8:ed:d6:
6c:21:be:91:6a:2f:05:28:4d:76:09:12:0d:e1:3d:ce:59:a7:
4c:06:c1:11:95:f1:4d:e7:23:4c:d5:83:be:a1:45:a4:a3:0a:
8c:6e:39:c1:fc:d8:0e:88:af:2d:71:a7:fb:eb:16:a1:1b:2e:
51:fe:3b:fd:7a:ef:9b:cc:44:19:86:ec:32:1f:34:49:99:a5:
9d:6b:00:a4:12:19:2d:e6:a0:8c:dd:f5:5b:3b:84:a8:80:a7:
a1:cd:b7:97:09:1b:c9:86:2c:e3:53:9f:f6:27:02:03:54:dc:
39:31:fc:3a:6d:1c:30:63:46:1c:c6:19:40:32:ca:e0:19:13:
f3:a3:28:40:87:63:75:cd:c9:1d:00:5f:3d:da:47:08:e5:d6:
f2:57:fc:4f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZDZLYwvdgcOpnjwaaDic7LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQwNzIyMDY0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjZlZjY1ODU5NmQwMDI4ODVlYmE2ZTUxOTgyOWIwNzAwYTZiY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFrCMcuB4ZabuNCgvoy98wXG2Rjj
ADz6mutywYG+j4CZfXnlHcCn5CP02+dUW8nTRjer7VagTpDD94eOKwqiga0vBNqU
7neaZYxKbY6UFeReXaKEWu/WKKr+Pd5p6HgPw5VPnUOQn6w5AiUXNXrBg/ZG7kv5
7Em8I2Ng+9cuY0V/lTVp7BiRyqbqMH/n6PcKDD2MGN+AZ9FFRE96twdEcx73il12
AbRvmY883tEjfYHdnTEPt4PHKTaH3KwnIakKw0TcNL4J5VpfMt3AnTPz3rIxHwzp
HG9Yia2gQbTzLrSKmXCNXg8C+2d1IhhrCPUcZwlGPqnYErm+cKsID3NraQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLJu9lhZbQAoheum5RmCmwcAprziMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvc203MldGbHRBQ2lGNjZibEdZS2JCd0Ntdk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtm/ED
BAAtm/IDBADCj9YDBADDcsMwDQYJKoZIhvcNAQELBQADggEBAGT3huUvNF8VHyCz
k4guinm9LxWcPZVpiByrYvgZ+XqkwNQPBSANIZDqrxt4r1VbvEXV+46zmRaMbZI9
+ldG6nzYRF+fOIY+KPOCcuQ8YC0MvSXt00VuvCUQnQB0vLhA2vhPOBVDG1ezfNjt
1mwhvpFqLwUoTXYJEg3hPc5Zp0wGwRGV8U3nI0zVg76hRaSjCoxuOcH82A6Iry1x
p/vrFqEbLlH+O/1675vMRBmG7DIfNEmZpZ1rAKQSGS3moIzd9Vs7hKiAp6HNt5cJ
G8mGLONTn/YnAgNU3Dkx/DptHDBjRhzGGUAyyuAZE/OjKECHY3XNyR0AXz3aRwjl
1vJX/E8=
-----END CERTIFICATE-----
Generated at Mon Aug 5 09:21:43 2024 by rpki-client on console-fra.rpki-client.org