Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/o-4i1rzjfn483Ip141bTd58HClE.roa
File: o-4i1rzjfn483Ip141bTd58HClE.roa (raw, json)
Hash identifier: Vtav6XDbUJmWuXCGKagmCERZiHqMzE+j6tpqRIPIv1E=
Subject key identifier: A3:EE:22:D6:BC:E3:7E:7E:3C:DC:8A:75:E3:56:D3:77:9F:07:0A:51
Certificate issuer: /CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Certificate serial: 018E9F0D2F3E5503197B0F98B1062EC73F55
Authority key identifier: 6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/o-4i1rzjfn483Ip141bTd58HClE.roa
Signing time: Tue 02 Apr 2024 13:43:45 +0000
ROA not before: Tue 02 Apr 2024 13:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 45.154.204.0/24 maxlen: 24
45.154.205.0/24 maxlen: 24
45.154.207.0/24 maxlen: 24
195.137.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 05:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:0d:2f:3e:55:03:19:7b:0f:98:b1:06:2e:c7:3f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a798f0fe4f4dffdfed2c8e62d235430f49377cd
Validity
Not Before: Apr 2 13:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3ee22d6bce37e7e3cdc8a75e356d3779f070a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:76:42:14:08:d5:f1:61:3c:86:2d:ed:af:
1f:16:02:ed:2a:10:4a:01:8c:ef:2b:23:8b:d6:e2:
3b:7d:14:97:88:e8:93:ab:f6:b2:ef:eb:73:dd:31:
17:c3:51:0b:03:e2:f2:a4:85:5a:3c:6a:92:12:6a:
ca:d5:78:18:e7:21:f4:71:4e:c1:60:cb:96:5b:11:
c8:f6:2a:85:fb:67:d6:b4:ad:f0:53:f8:c3:3d:f0:
84:eb:d0:09:e1:36:d6:ab:1c:92:8b:1e:ca:c2:0d:
93:22:4f:a5:23:f6:c8:40:45:3e:13:50:e8:74:6e:
eb:a8:3b:af:1d:38:f8:df:0c:5e:7b:64:ac:2e:da:
d5:a4:cb:ea:26:87:cb:73:ff:64:b5:ed:14:b4:af:
75:62:30:19:09:c2:30:7e:c1:a2:15:60:c2:94:5d:
85:82:e6:96:e2:98:8b:2f:dd:71:04:fa:81:c5:bf:
09:2a:ac:dd:f1:89:f0:e4:b0:78:71:2f:22:ef:20:
c8:bd:11:08:e5:de:c0:a2:39:6a:40:37:aa:f9:64:
09:40:b4:cb:8d:0b:f5:2c:35:7a:32:36:6c:02:29:
a2:83:9b:b3:4a:bc:ea:16:94:04:ac:0e:7d:29:ae:
6e:57:00:30:09:51:88:33:91:05:8e:2c:67:ba:e5:
db:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EE:22:D6:BC:E3:7E:7E:3C:DC:8A:75:E3:56:D3:77:9F:07:0A:51
X509v3 Authority Key Identifier:
keyid:6A:79:8F:0F:E4:F4:DF:FD:FE:D2:C8:E6:2D:23:54:30:F4:93:77:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anmPD-T03_3-0sjmLSNUMPSTd80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/o-4i1rzjfn483Ip141bTd58HClE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b7825-a0f7-4f5b-9c23-77cf81041083/1/anmPD-T03_3-0sjmLSNUMPSTd80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.204.0/23
45.154.207.0/24
195.137.220.0/24
Signature Algorithm: sha256WithRSAEncryption
37:6d:80:ad:51:76:e9:df:a2:0d:16:b5:ed:cd:fc:4d:87:67:
c4:ea:f7:31:d1:22:67:d4:71:26:51:0b:bb:67:71:82:28:43:
ef:fb:09:48:fa:8c:1d:3a:ca:f5:69:8f:9f:12:2a:d3:88:96:
23:3d:1b:51:f5:95:ec:e3:20:7f:ea:c3:7a:c8:f0:fa:e1:95:
13:7b:ca:90:3d:6b:b1:fd:01:21:9e:a4:d1:ee:26:e5:b1:3c:
c3:1b:5d:24:1e:28:32:43:34:08:1f:72:f4:eb:f5:bd:42:2d:
8d:94:89:45:89:41:bb:9f:c0:58:4e:e2:8b:d7:6c:52:99:87:
07:18:06:cc:45:95:26:1c:83:25:7d:1f:a9:a5:b8:e3:aa:7b:
57:ed:2e:a3:5f:9a:46:1f:96:21:e5:94:fb:77:e3:27:76:70:
46:94:cb:39:c1:62:4f:84:ab:4a:f7:4d:44:5f:f5:e6:8a:e0:
1d:cf:ee:b6:e3:9e:33:13:f5:93:6c:7f:ed:ba:39:10:4d:28:
74:19:83:46:8d:bb:a8:af:5e:74:f0:b6:3c:04:80:86:4c:66:
58:dd:4b:17:5f:e0:3b:e2:19:7d:24:6f:d2:08:9d:d2:03:0d:
0e:a1:ab:e4:dc:39:55:e2:aa:b3:e7:0a:20:df:b2:8b:3d:6a:
b5:a8:61:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6fDS8+VQMZew+YsQYuxz9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNzk4ZjBmZTRmNGRmZmRmZWQyYzhlNjJkMjM1NDMwZjQ5
Mzc3Y2QwHhcNMjQwNDAyMTM0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VlMjJkNmJjZTM3ZTdlM2NkYzhhNzVlMzU2ZDM3NzlmMDcwYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscV2QhQI1fFhPIYt7a8fFgLtKhBK
AYzvKyOL1uI7fRSXiOiTq/ay7+tz3TEXw1ELA+LypIVaPGqSEmrK1XgY5yH0cU7B
YMuWWxHI9iqF+2fWtK3wU/jDPfCE69AJ4TbWqxySix7Kwg2TIk+lI/bIQEU+E1Do
dG7rqDuvHTj43wxee2SsLtrVpMvqJofLc/9kte0UtK91YjAZCcIwfsGiFWDClF2F
guaW4piLL91xBPqBxb8JKqzd8Ynw5LB4cS8i7yDIvREI5d7AojlqQDeq+WQJQLTL
jQv1LDV6MjZsAimig5uzSrzqFpQErA59Ka5uVwAwCVGIM5EFjixnuuXbAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKPuIta8435+PNyKdeNW03efBwpRMB8GA1UdIwQY
MBaAFGp5jw/k9N/9/tLI5i0jVDD0k3fNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMt
NzdjZjgxMDQxMDgzLzEvby00aTFyempmbjQ4M0lwMTQxYlRkNThIQ2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83Yjc4MjUtYTBmNy00ZjViLTljMjMtNzdjZjgxMDQxMDgz
LzEvYW5tUEQtVDAzXzMtMHNqbUxTTlVNUFNUZDgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLZrMAwQA
LZrPAwQAw4ncMA0GCSqGSIb3DQEBCwUAA4IBAQA3bYCtUXbp36INFrXtzfxNh2fE
6vcx0SJn1HEmUQu7Z3GCKEPv+wlI+owdOsr1aY+fEirTiJYjPRtR9ZXs4yB/6sN6
yPD64ZUTe8qQPWux/QEhnqTR7iblsTzDG10kHigyQzQIH3L06/W9Qi2NlIlFiUG7
n8BYTuKL12xSmYcHGAbMRZUmHIMlfR+ppbjjqntX7S6jX5pGH5Yh5ZT7d+MndnBG
lMs5wWJPhKtK901EX/XmiuAdz+62454zE/WTbH/tujkQTSh0GYNGjbuor1508LY8
BICGTGZY3UsXX+A74hl9JG/SCJ3SAw0Ooavk3DlV4qqz5wog37KLPWq1qGHf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:17 2024 by rpki-client on console-ams.rpki-client.org