Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/4UVv7-4I7Iw6LLS5XUgYxeCJU8M.roa
File: 4UVv7-4I7Iw6LLS5XUgYxeCJU8M.roa (raw, json)
Hash identifier: y8zpRYfiaLZA4UUJADdsKx7NTRx+0uGmm/FZZ3f6qe4=
Subject key identifier: E1:45:6F:EF:EE:08:EC:8C:3A:2C:B4:B9:5D:48:18:C5:E0:89:53:C3
Certificate issuer: /CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Certificate serial: 0188D91D0D7B3E7B0140159C9AD69C0B300D
Authority key identifier: 84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/4UVv7-4I7Iw6LLS5XUgYxeCJU8M.roa
Signing time: Tue 20 Jun 2023 14:02:19 +0000
ROA not before: Tue 20 Jun 2023 14:02:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199800
IP address blocks: 185.45.140.0/23 maxlen: 23
185.45.142.0/24 maxlen: 24
2a01:8020::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:1d:0d:7b:3e:7b:01:40:15:9c:9a:d6:9c:0b:30:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=843be8639f4039993c1f6e7879f4729e47dc37ae
Validity
Not Before: Jun 20 14:02:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1456fefee08ec8c3a2cb4b95d4818c5e08953c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:43:70:f0:aa:25:18:0d:cf:26:4e:95:8e:
f4:9c:8b:19:09:a6:64:5f:a2:19:72:7a:92:98:7b:
12:b9:8f:d2:51:12:a0:00:9a:f0:3d:87:fe:11:c1:
94:d6:52:c5:c4:c7:8c:ba:9a:20:80:d2:98:64:f7:
25:b2:1e:7e:f8:70:9d:6b:01:b2:ca:b1:73:ee:c1:
23:d3:8a:89:3a:7b:28:79:29:a4:ab:43:24:28:16:
5c:c7:83:27:ef:db:55:95:d0:aa:90:0d:b8:2d:47:
1b:37:0f:02:28:da:40:3d:b5:0b:2e:1e:0f:08:8c:
ce:5a:bd:5d:3c:db:1a:6a:2e:e0:6b:54:9f:e4:8f:
7f:8b:a0:7a:12:86:6c:b7:06:21:c0:16:80:5d:f1:
1a:0a:93:32:a1:4c:cb:31:6a:e5:98:35:fa:97:f6:
66:0e:a5:05:e6:5a:ab:0d:ad:0c:ea:7c:b1:77:a0:
11:ca:06:7d:c7:cf:58:e5:22:87:d8:98:51:c9:2a:
c0:5d:f6:4b:5b:48:b4:3e:8e:17:74:d6:5d:9b:1a:
16:a6:e4:a3:25:f5:60:40:d8:12:49:59:d6:b0:56:
a0:0c:ca:40:d0:84:70:91:d9:db:d3:85:8c:81:0f:
36:24:82:e0:88:78:8e:81:c5:3a:d0:9b:14:0c:4e:
e7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:45:6F:EF:EE:08:EC:8C:3A:2C:B4:B9:5D:48:18:C5:E0:89:53:C3
X509v3 Authority Key Identifier:
keyid:84:3B:E8:63:9F:40:39:99:3C:1F:6E:78:79:F4:72:9E:47:DC:37:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hDvoY59AOZk8H254efRynkfcN64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/4UVv7-4I7Iw6LLS5XUgYxeCJU8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9e1a77-7c17-4481-877c-7788748f67cb/1/hDvoY59AOZk8H254efRynkfcN64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.140.0-185.45.142.255
IPv6:
2a01:8020::/32
Signature Algorithm: sha256WithRSAEncryption
53:2a:a3:9e:23:67:1c:e6:ba:7f:48:ab:4e:06:f3:ea:ce:98:
34:0c:c7:3b:7d:82:4f:eb:a6:f2:e2:c7:33:3f:72:cf:1d:21:
4d:79:e5:77:a7:ff:5c:70:d9:bb:52:c3:e5:be:70:18:f2:3b:
a8:b9:91:f4:95:43:0c:7d:b7:da:cb:3c:d6:3a:62:e3:6b:f2:
03:9e:97:56:93:80:ee:d6:85:ec:48:e6:01:e8:31:36:4f:bd:
bf:f3:b8:a5:9e:f9:03:7e:06:01:b1:bf:7b:74:76:40:1e:5f:
4c:0d:de:63:eb:0d:aa:ec:e6:b3:d5:ae:8c:c8:c3:68:6a:19:
1e:3e:43:14:28:21:4d:15:22:6c:8a:fd:57:32:c8:97:c1:bc:
3d:b0:fc:ea:e5:c9:bf:45:77:d1:13:50:b3:f2:30:f8:0b:72:
40:8f:90:df:99:2f:e3:93:60:fb:db:fb:36:55:d7:dc:9a:70:
12:1e:a6:d1:0c:d0:c0:94:da:ec:9f:9e:48:7a:d1:b5:e9:2a:
ab:44:f0:b2:57:a7:86:a6:6d:e6:7b:e4:02:7c:07:e6:a8:14:
12:b9:ea:67:29:ec:f9:d4:5c:45:4c:95:82:8a:51:f4:97:60:
49:3d:09:62:32:97:51:d3:ad:fa:8c:c8:ea:42:a0:5c:5b:b6:
20:76:96:8f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjZHQ17PnsBQBWcmtacCzANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0M2JlODYzOWY0MDM5OTkzYzFmNmU3ODc5ZjQ3MjllNDdk
YzM3YWUwHhcNMjMwNjIwMTQwMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ1NmZlZmVlMDhlYzhjM2EyY2I0Yjk1ZDQ4MThjNWUwODk1M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZFDcPCqJRgNzyZOlY70nIsZCaZk
X6IZcnqSmHsSuY/SURKgAJrwPYf+EcGU1lLFxMeMupoggNKYZPclsh5++HCdawGy
yrFz7sEj04qJOnsoeSmkq0MkKBZcx4Mn79tVldCqkA24LUcbNw8CKNpAPbULLh4P
CIzOWr1dPNsaai7ga1Sf5I9/i6B6EoZstwYhwBaAXfEaCpMyoUzLMWrlmDX6l/Zm
DqUF5lqrDa0M6nyxd6ARygZ9x89Y5SKH2JhRySrAXfZLW0i0Po4XdNZdmxoWpuSj
JfVgQNgSSVnWsFagDMpA0IRwkdnb04WMgQ82JILgiHiOgcU60JsUDE7niwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOFFb+/uCOyMOiy0uV1IGMXgiVPDMB8GA1UdIwQY
MBaAFIQ76GOfQDmZPB9ueHn0cp5H3DeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2Mt
Nzc4ODc0OGY2N2NiLzEvNFVWdjctNEk3SXc2TExTNVhVZ1l4ZUNKVThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZTFhNzctN2MxNy00NDgxLTg3N2MtNzc4ODc0OGY2N2Ni
LzEvaER2b1k1OUFPWms4SDI1NGVmUnlua2ZjTjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5LYwD
BAC5LY4wDQQCAAIwBwMFACoBgCAwDQYJKoZIhvcNAQELBQADggEBAFMqo54jZxzm
un9Iq04G8+rOmDQMxzt9gk/rpvLixzM/cs8dIU155Xen/1xw2btSw+W+cBjyO6i5
kfSVQwx9t9rLPNY6YuNr8gOel1aTgO7WhexI5gHoMTZPvb/zuKWe+QN+BgGxv3t0
dkAeX0wN3mPrDars5rPVrozIw2hqGR4+QxQoIU0VImyK/VcyyJfBvD2w/Orlyb9F
d9ETULPyMPgLckCPkN+ZL+OTYPvb+zZV19yacBIeptEM0MCU2uyfnkh60bXpKqtE
8LJXp4ambeZ75AJ8B+aoFBK56mcp7PnUXEVMlYKKUfSXYEk9CWIyl1HTrfqMyOpC
oFxbtiB2lo8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:37 2024 by rpki-client on console-fra.rpki-client.org