Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/p4wtb9NLoHu1iFCXYd7nNvEG4W4.roa
File: p4wtb9NLoHu1iFCXYd7nNvEG4W4.roa (raw, json)
Hash identifier: 4E6Nt8udvI5gj1eQnVlRbBCLa8enlsP7LS+zHxNPAuc=
Subject key identifier: A7:8C:2D:6F:D3:4B:A0:7B:B5:88:50:97:61:DE:E7:36:F1:06:E1:6E
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018CC56E6AE4D8812DC9653EC2019EA018DE
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/p4wtb9NLoHu1iFCXYd7nNvEG4W4.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56798
IP address blocks: 45.86.36.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
2a10:d440:2::/48 maxlen: 48
2a10:d440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 14:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:6a:e4:d8:81:2d:c9:65:3e:c2:01:9e:a0:18:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a78c2d6fd34ba07bb588509761dee736f106e16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b8:e4:39:aa:47:89:74:07:1b:5f:34:97:c5:
42:04:04:97:6d:2c:79:14:ee:fa:9b:ab:3a:f7:c8:
ae:ef:61:c4:33:f8:2d:8f:87:cf:ab:01:ee:95:f0:
e3:7b:70:c2:5b:eb:5e:d7:e9:3a:5d:ca:cb:dd:cb:
b1:a9:55:bc:3a:7c:69:d8:d4:17:f7:23:a7:55:42:
37:f0:f2:02:85:f4:b7:78:6b:f5:c8:3e:1a:7c:81:
54:61:d7:42:86:34:7c:28:12:8c:45:8b:a9:d7:ec:
68:00:39:df:2d:d4:a0:68:34:f3:a8:4e:1b:1a:5f:
24:6d:8d:9b:d0:d2:37:b7:26:54:45:b5:c9:86:c0:
ab:fe:5e:e6:a3:f4:8a:d8:bb:b3:e3:ed:53:f3:a8:
38:9f:8e:0c:75:b0:d1:ce:b3:6d:dc:4a:59:3b:f1:
54:da:b4:23:5b:f9:54:a8:33:ee:1f:8a:de:ce:be:
98:62:35:f5:44:2f:fc:83:dc:1c:74:82:60:63:1a:
6f:0e:63:fb:5d:a7:7c:d2:76:74:4d:46:39:73:77:
fb:6a:71:8f:5a:01:bb:b7:e8:ff:62:7f:12:6b:81:
21:ef:9c:6c:58:3e:1b:8d:7b:f6:5e:52:43:ac:89:
f2:83:bf:48:c3:14:f6:0a:0f:3d:53:5e:65:82:cb:
f4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8C:2D:6F:D3:4B:A0:7B:B5:88:50:97:61:DE:E7:36:F1:06:E1:6E
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/p4wtb9NLoHu1iFCXYd7nNvEG4W4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.36.0/24
193.17.33.0/24
IPv6:
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:53:4c:65:6e:69:2f:b8:f2:bd:f3:8a:27:c7:af:12:6a:a9:
47:c2:f7:6c:5c:48:c9:d0:d2:38:42:a8:51:62:50:3b:6a:d0:
35:dd:31:6c:8d:ae:ef:55:1c:f6:8e:a5:61:10:b6:fa:54:9e:
e9:a3:d7:93:4d:a0:88:b7:41:c7:77:d6:35:60:35:ad:a0:18:
cf:63:8a:b5:23:2f:48:f8:50:3d:18:ec:e2:00:4e:82:23:1a:
de:af:74:f6:be:e9:a7:dd:ee:15:be:20:c5:00:7f:7e:84:8a:
27:c2:6e:32:64:aa:27:98:07:53:ba:bc:c7:dc:63:2a:64:d0:
8f:de:e4:61:02:c6:0c:4c:1f:f4:b3:d9:f6:3f:0a:1b:82:22:
50:c8:9b:e0:fc:10:ff:69:3f:58:d2:b4:e2:db:5a:13:0d:fb:
bd:50:34:b2:90:3f:93:47:74:53:5f:9f:0b:27:7d:67:24:78:
04:41:be:be:66:19:ca:de:68:fc:7d:8b:39:51:d8:34:a3:54:
bc:c9:9f:c4:5e:0b:54:b4:84:b9:7d:90:74:42:19:fb:9b:a8:
6f:b6:6d:89:f1:39:9e:68:76:b3:d4:7b:c7:0f:21:00:17:6d:
51:32:80:0c:06:bc:b2:7a:57:a0:28:29:85:68:c6:10:3b:5c:
7c:0d:4a:0d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzFbmrk2IEtyWU+wgGeoBjeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhjMmQ2ZmQzNGJhMDdiYjU4ODUwOTc2MWRlZTczNmYxMDZlMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrjkOapHiXQHG180l8VCBASXbSx5
FO76m6s698iu72HEM/gtj4fPqwHulfDje3DCW+te1+k6XcrL3cuxqVW8Onxp2NQX
9yOnVUI38PIChfS3eGv1yD4afIFUYddChjR8KBKMRYup1+xoADnfLdSgaDTzqE4b
Gl8kbY2b0NI3tyZURbXJhsCr/l7mo/SK2Luz4+1T86g4n44MdbDRzrNt3EpZO/FU
2rQjW/lUqDPuH4rezr6YYjX1RC/8g9wcdIJgYxpvDmP7Xad80nZ0TUY5c3f7anGP
WgG7t+j/Yn8Sa4Eh75xsWD4bjXv2XlJDrInyg79IwxT2Cg89U15lgsv0fwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKeMLW/TS6B7tYhQl2He5zbxBuFuMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvcDR3dGI5TkxvSHUxaUZDWFlkN25OdkVHNFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQALVYkAwQA
wREhMBoEAgACMBQwEgMHACoQ1EAAAQMHACoQ1EAAAjANBgkqhkiG9w0BAQsFAAOC
AQEAMlNMZW5pL7jyvfOKJ8evEmqpR8L3bFxIydDSOEKoUWJQO2rQNd0xbI2u71Uc
9o6lYRC2+lSe6aPXk02giLdBx3fWNWA1raAYz2OKtSMvSPhQPRjs4gBOgiMa3q90
9r7pp93uFb4gxQB/foSKJ8JuMmSqJ5gHU7q8x9xjKmTQj97kYQLGDEwf9LPZ9j8K
G4IiUMib4PwQ/2k/WNK04ttaEw37vVA0spA/k0d0U1+fCyd9ZyR4BEG+vmYZyt5o
/H2LOVHYNKNUvMmfxF4LVLSEuX2QdEIZ+5uob7ZtifE5nmh2s9R7xw8hABdtUTKA
DAa8snpXoCgphWjGEDtcfA1KDQ==
-----END CERTIFICATE-----
Generated at Mon Mar 25 20:54:59 2024 by rpki-client on console.sobornost.net