Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rm7pK-U26PB9N4InJC4N7Zsf9p0.roa
File: rm7pK-U26PB9N4InJC4N7Zsf9p0.roa (raw, json)
Hash identifier: 9Z9prXJgX7FftLdzSxtkB5NIIFy5u0EbJsi9C2tP9og=
Subject key identifier: AE:6E:E9:2B:E5:36:E8:F0:7D:37:82:27:24:2E:0D:ED:9B:1F:F6:9D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0192954F41166B9497E50CA78334DFB48154
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rm7pK-U26PB9N4InJC4N7Zsf9p0.roa
Signing time: Wed 16 Oct 2024 12:30:51 +0000
ROA not before: Wed 16 Oct 2024 12:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
46.249.110.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.231.172.0/22 maxlen: 24
188.209.156.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
193.36.72.0/24 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 09:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:4f:41:16:6b:94:97:e5:0c:a7:83:34:df:b4:81:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 16 12:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae6ee92be536e8f07d378227242e0ded9b1ff69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:09:b7:72:04:81:86:91:73:47:e6:d3:73:
60:93:c4:bb:3b:a5:31:31:ba:e8:7d:6a:a8:a6:6d:
05:c5:a8:25:58:c4:9c:bb:09:94:a8:f3:dd:02:3e:
11:14:89:da:72:0b:0f:7a:9f:22:1a:1d:5d:ba:21:
ae:07:06:94:b0:33:e8:2e:a0:91:10:b7:74:32:7f:
17:a6:d8:c2:37:d8:a1:a8:97:a2:b7:58:b4:89:4a:
78:e0:13:9b:a9:a5:b7:cd:57:cb:27:6a:9e:ce:fe:
5a:ae:f6:c1:b5:db:cc:18:46:46:a8:19:7d:5b:6c:
a1:63:63:a3:b9:3f:b8:7e:3a:ef:d9:02:57:db:04:
f3:82:b2:c4:d4:04:c7:30:5a:3c:30:92:91:65:d8:
f7:cf:25:dc:e9:14:34:c1:33:ed:45:df:bb:0a:60:
4a:ef:15:fc:2d:e9:f7:78:70:22:83:c0:e3:68:90:
9b:e7:ad:72:4d:ff:b1:9a:56:42:9e:48:9e:ed:a5:
ae:05:82:dd:d0:87:e2:cf:aa:f3:1b:2a:b4:02:2e:
29:94:4b:0c:8e:ea:5f:06:1e:0b:05:3a:71:0a:ac:
c5:3b:8c:54:f8:20:d4:cf:e8:8a:0a:95:e6:7e:ad:
ed:8c:a2:e0:f6:ca:e3:aa:34:5d:98:93:5c:f0:5c:
ea:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6E:E9:2B:E5:36:E8:F0:7D:37:82:27:24:2E:0D:ED:9B:1F:F6:9D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rm7pK-U26PB9N4InJC4N7Zsf9p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
46.249.110.0/24
82.115.9.0/24
82.115.28.0/23
89.251.10.0/24
91.132.57.0/24
159.255.32.0/21
185.231.172.0/22
188.209.156.0/22
188.253.8.0/21
193.36.72.0/24
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
56:c4:7a:8d:4b:74:b2:ef:e8:9b:ac:3b:b9:7c:01:a4:7d:b7:
ad:7c:07:95:33:df:8e:0f:4e:68:07:c7:f3:45:5b:5d:15:fd:
e9:95:44:5c:79:68:fc:fb:ce:73:88:47:6b:19:94:5e:23:c5:
a0:29:ac:ea:57:b5:e0:c2:3b:83:90:47:11:18:0d:b8:b4:db:
b2:6b:ce:a4:81:0a:00:dc:8b:fa:cf:fa:06:e2:af:9a:60:9f:
62:3f:1e:1e:cb:94:5e:a0:b1:41:e4:3f:85:61:bb:c1:08:ab:
1a:1d:5f:ba:13:bf:80:63:48:0f:fe:58:e9:18:56:f9:c4:67:
35:3d:bb:ec:93:4c:d5:6d:20:99:aa:09:72:d4:e2:2c:c5:47:
27:e5:e0:4a:0c:46:74:cb:69:6b:05:68:41:ce:61:70:ca:b5:
db:77:d4:91:5c:2d:7c:7e:33:65:96:eb:ca:24:0a:8d:23:33:
a2:3a:19:9d:23:40:9e:97:ab:b5:a3:85:5a:fc:07:d0:ef:14:
4f:d0:52:0a:9c:b4:2e:12:c9:d9:0b:83:59:52:90:5e:0b:56:
15:7f:7f:ca:6b:c2:fe:a0:f4:4c:35:f3:67:41:c8:6a:84:af:
8d:5d:33:20:0f:44:9e:85:0d:7b:34:83:87:be:4d:ee:a3:39:
11:46:d5:8c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZKVT0EWa5SX5QyngzTftIFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMDE2MTIzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTZlZTkyYmU1MzZlOGYwN2QzNzgyMjcyNDJlMGRlZDliMWZmNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZsJt3IEgYaRc0fm03Ngk8S7O6Ux
MbrofWqopm0FxaglWMScuwmUqPPdAj4RFInacgsPep8iGh1duiGuBwaUsDPoLqCR
ELd0Mn8XptjCN9ihqJeit1i0iUp44BObqaW3zVfLJ2qezv5arvbBtdvMGEZGqBl9
W2yhY2OjuT+4fjrv2QJX2wTzgrLE1ATHMFo8MJKRZdj3zyXc6RQ0wTPtRd+7CmBK
7xX8Len3eHAig8DjaJCb561yTf+xmlZCnkie7aWuBYLd0Ifiz6rzGyq0Ai4plEsM
jupfBh4LBTpxCqzFO4xU+CDUz+iKCpXmfq3tjKLg9srjqjRdmJNc8Fzq6QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFK5u6SvlNujwfTeCJyQuDe2bH/adMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcm03cEstVTI2UEI5TjRJbkpDNE43WnNmOXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBLYsGAwQA
LvluAwQAUnMJAwQBUnMcAwQAWfsKAwQAW4Q5AwQDn/8gAwQCueesAwQCvNGcAwQD
vP0IAwQAwSRIAwQByoVaAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQBWxHqNS3Sy
7+ibrDu5fAGkfbetfAeVM9+OD05oB8fzRVtdFf3plURceWj8+85ziEdrGZReI8Wg
KazqV7XgwjuDkEcRGA24tNuya86kgQoA3Iv6z/oG4q+aYJ9iPx4ey5ReoLFB5D+F
YbvBCKsaHV+6E7+AY0gP/ljpGFb5xGc1Pbvsk0zVbSCZqgly1OIsxUcn5eBKDEZ0
y2lrBWhBzmFwyrXbd9SRXC18fjNlluvKJAqNIzOiOhmdI0Cel6u1o4Va/AfQ7xRP
0FIKnLQuEsnZC4NZUpBeC1YVf3/Ka8L+oPRMNfNnQchqhK+NXTMgD0SehQ17NIOH
vk3uozkRRtWM
-----END CERTIFICATE-----
Generated at Tue Oct 22 13:48:37 2024 by rpki-client on console-ams.rpki-client.org