Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/Nt1fKtuueUcFvyduNruvB0rsXTM.roa
File: Nt1fKtuueUcFvyduNruvB0rsXTM.roa (raw, json)
Hash identifier: OadIklbcH6DaiU3mJRMVt9RBv1MK3P63QgxLlQBt6Fo=
Subject key identifier: 36:DD:5F:2A:DB:AE:79:47:05:BF:27:6E:36:BB:AF:07:4A:EC:5D:33
Certificate issuer: /CN=bf56ba98c6745a63026d78fc284722399d2eb849
Certificate serial: 018CC801CDA22C0EB3659AEA1C27669D9545
Authority key identifier: BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/Nt1fKtuueUcFvyduNruvB0rsXTM.roa
Signing time: Tue 02 Jan 2024 02:30:10 +0000
ROA not before: Tue 02 Jan 2024 02:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50959
IP address blocks: 45.15.43.0/24 maxlen: 24
2a07:4900::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 04 Oct 2024 13:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:cd:a2:2c:0e:b3:65:9a:ea:1c:27:66:9d:95:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf56ba98c6745a63026d78fc284722399d2eb849
Validity
Not Before: Jan 2 02:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36dd5f2adbae794705bf276e36bbaf074aec5d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9e:1a:0b:c6:89:48:85:43:39:48:65:10:f5:
4c:f6:6c:00:75:21:46:c0:0a:1d:09:82:c8:47:f1:
a7:a9:94:98:53:2b:47:17:e3:8b:d9:da:0d:5d:9a:
3e:6b:2d:70:e8:69:c1:a0:ae:e3:de:dd:e8:79:b9:
69:4e:e6:c6:54:68:30:da:d3:4f:21:21:0a:ac:ce:
a5:a5:16:7f:7d:d5:32:0c:ba:78:ae:90:b2:5a:61:
43:6e:2c:48:31:f5:88:29:8a:e1:42:20:30:fd:fb:
f1:da:b6:53:7c:9d:97:70:99:33:18:ec:ce:80:0c:
cd:53:60:f6:a2:49:01:dc:ad:55:45:ad:b3:52:5b:
96:30:bf:85:27:81:f7:ca:d4:b5:10:56:7f:4a:b3:
ff:e9:30:87:97:15:d1:0b:ad:09:84:96:40:14:af:
ac:21:05:6b:4f:e3:58:6f:c1:5c:9b:a5:f3:c4:d9:
f4:70:5c:5b:c5:be:3d:97:1c:86:00:d2:1e:17:d1:
32:26:fc:fb:db:bf:1d:20:e4:ce:89:a0:34:e0:3e:
aa:28:d9:a2:da:09:0a:76:b4:7d:50:5d:89:f7:46:
a5:a3:9a:72:a7:87:d1:e3:bd:41:14:3b:24:57:11:
ce:10:6e:50:9a:81:44:ed:22:7f:64:3a:bf:48:60:
95:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DD:5F:2A:DB:AE:79:47:05:BF:27:6E:36:BB:AF:07:4A:EC:5D:33
X509v3 Authority Key Identifier:
keyid:BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/Nt1fKtuueUcFvyduNruvB0rsXTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.43.0/24
IPv6:
2a07:4900::/29
Signature Algorithm: sha256WithRSAEncryption
01:14:bc:9a:42:a8:cc:c8:3e:17:4c:27:fb:4f:17:02:01:e7:
6c:73:a5:05:3e:5e:7b:be:a4:00:86:2f:9d:d7:13:73:9b:4d:
e9:39:93:5c:67:21:96:2f:3d:30:2f:11:12:b2:0b:7c:8e:91:
a8:2f:5c:d2:51:75:9e:4e:a9:92:1d:df:f8:45:78:69:a8:fa:
c5:0c:e7:9e:4d:d1:8d:31:8a:32:68:7a:01:b3:15:50:60:6b:
b6:1c:3b:c8:74:8e:ca:b3:7e:3d:15:67:a5:89:49:fd:9d:1b:
2d:0b:f1:5c:7f:31:ec:39:22:4c:da:c5:88:1d:e5:88:cd:27:
17:ad:11:6b:bc:d0:36:f4:53:8f:95:73:0d:11:8e:ce:3e:64:
d2:8d:0f:08:ef:9c:17:17:55:d2:37:d7:2d:fd:4f:ee:b9:09:
72:45:a3:19:d6:2c:2e:84:56:9c:5f:4f:e7:2d:5c:43:35:40:
4b:50:17:77:1d:90:e8:1f:3b:10:f9:2d:d8:ec:1d:03:3b:66:
1d:37:5c:ba:e9:c5:9b:ed:35:15:78:00:f3:2a:d4:a9:63:a3:
2c:5c:d8:e9:5b:db:76:e2:a7:89:ed:e3:e6:08:4c:28:e7:16:
ef:7b:9c:b6:6e:c9:df:92:c6:9a:8b:b9:d4:f5:b6:3b:26:91:
31:86:a8:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAc2iLA6zZZrqHCdmnZVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTZiYTk4YzY3NDVhNjMwMjZkNzhmYzI4NDcyMjM5OWQy
ZWI4NDkwHhcNMjQwMTAyMDIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRkNWYyYWRiYWU3OTQ3MDViZjI3NmUzNmJiYWYwNzRhZWM1ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ4aC8aJSIVDOUhlEPVM9mwAdSFG
wAodCYLIR/GnqZSYUytHF+OL2doNXZo+ay1w6GnBoK7j3t3oeblpTubGVGgw2tNP
ISEKrM6lpRZ/fdUyDLp4rpCyWmFDbixIMfWIKYrhQiAw/fvx2rZTfJ2XcJkzGOzO
gAzNU2D2okkB3K1VRa2zUluWML+FJ4H3ytS1EFZ/SrP/6TCHlxXRC60JhJZAFK+s
IQVrT+NYb8Fcm6XzxNn0cFxbxb49lxyGANIeF9EyJvz7278dIOTOiaA04D6qKNmi
2gkKdrR9UF2J90alo5pyp4fR471BFDskVxHOEG5QmoFE7SJ/ZDq/SGCVJwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbdXyrbrnlHBb8nbja7rwdK7F0zMB8GA1UdIwQY
MBaAFL9WupjGdFpjAm14/ChHIjmdLrhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYt
NTg3ZmM4NGFjZWZlLzEvTnQxZkt0dXVlVWNGdnlkdU5ydXZCMHJzWFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYtNTg3ZmM4NGFjZWZl
LzEvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQ8rMA0E
AgACMAcDBQMqB0kAMA0GCSqGSIb3DQEBCwUAA4IBAQABFLyaQqjMyD4XTCf7TxcC
Aedsc6UFPl57vqQAhi+d1xNzm03pOZNcZyGWLz0wLxESsgt8jpGoL1zSUXWeTqmS
Hd/4RXhpqPrFDOeeTdGNMYoyaHoBsxVQYGu2HDvIdI7Ks349FWeliUn9nRstC/Fc
fzHsOSJM2sWIHeWIzScXrRFrvNA29FOPlXMNEY7OPmTSjQ8I75wXF1XSN9ct/U/u
uQlyRaMZ1iwuhFacX0/nLVxDNUBLUBd3HZDoHzsQ+S3Y7B0DO2YdN1y66cWb7TUV
eADzKtSpY6MsXNjpW9t24qeJ7ePmCEwo5xbve5y2bsnfksaai7nU9bY7JpExhqiQ
-----END CERTIFICATE-----
Generated at Fri Oct 4 17:15:46 2024 by rpki-client on console-fra.rpki-client.org