Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RoxQdEkUGdU5KFSpqkIqnNwZtEM.roa
File: RoxQdEkUGdU5KFSpqkIqnNwZtEM.roa (raw, json)
Hash identifier: ALDbdzxfZqTfYYzXFd8zMZgN3RsXQb1p6U9xBgQanYs=
Subject key identifier: 46:8C:50:74:49:14:19:D5:39:28:54:A9:AA:42:2A:9C:DC:19:B4:43
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0191F4583BB6337C43A099444D5C06E2E701
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RoxQdEkUGdU5KFSpqkIqnNwZtEM.roa
Signing time: Sun 15 Sep 2024 06:21:48 +0000
ROA not before: Sun 15 Sep 2024 06:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 84.55.0.0/24 maxlen: 24
84.55.1.0/24 maxlen: 24
84.55.2.0/24 maxlen: 24
84.55.3.0/24 maxlen: 24
84.55.4.0/24 maxlen: 24
84.55.5.0/24 maxlen: 24
84.55.6.0/24 maxlen: 24
84.55.7.0/24 maxlen: 24
84.55.17.0/24 maxlen: 24
84.55.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:58:3b:b6:33:7c:43:a0:99:44:4d:5c:06:e2:e7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Sep 15 06:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=468c5074491419d5392854a9aa422a9cdc19b443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1b:b2:fd:b2:6a:06:79:14:09:da:dc:83:b0:
f1:f7:33:59:13:88:5a:b8:01:b6:30:a4:87:78:cb:
8a:fa:6c:96:9e:8c:7f:e7:84:ac:8b:be:2e:13:e9:
41:90:71:08:8f:a9:bd:f9:f7:45:b5:d7:4c:e7:c1:
e0:aa:72:7d:bf:29:a0:02:d7:dd:bd:57:55:f9:ce:
4c:d3:cb:7f:89:94:23:b5:5a:ee:4e:29:08:45:8d:
c4:17:3d:93:2e:5b:d0:18:cc:27:78:cd:f7:1f:9b:
2a:f9:4d:14:66:59:be:93:b4:97:8e:e7:06:78:7a:
5d:21:b7:10:9c:51:dd:5e:c0:41:70:e2:58:83:02:
ee:90:10:90:97:99:c8:03:20:a2:31:97:38:df:4a:
9f:1d:e4:4f:a0:98:d2:54:88:7d:d1:ea:3a:b6:51:
f3:05:8f:fb:c0:d5:3f:3f:fa:9d:fd:52:f0:f9:8f:
2b:79:07:37:b2:41:ef:dd:a6:43:08:23:5a:15:35:
2d:d4:8e:e9:ce:78:02:b8:07:9e:d2:90:0e:1d:ed:
f2:56:52:f8:e1:e7:8a:21:d6:31:b3:90:45:38:5a:
40:2f:a1:ef:37:09:36:49:8c:d0:a9:f9:b0:0b:d8:
6f:b4:1a:19:ec:2e:57:fa:a9:90:ef:00:eb:3f:d3:
dd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:8C:50:74:49:14:19:D5:39:28:54:A9:AA:42:2A:9C:DC:19:B4:43
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/RoxQdEkUGdU5KFSpqkIqnNwZtEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.0.0/21
84.55.17.0/24
84.55.22.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ce:7d:36:8d:f1:19:91:1c:3f:9d:d9:5a:c1:e7:dc:cd:c6:
e0:96:e0:f7:ce:47:c4:93:32:a3:08:98:72:d8:4c:1c:3d:9d:
25:4d:67:3c:7f:06:8a:e3:4a:3e:70:c6:7a:9b:61:5d:c2:1f:
62:72:16:6e:d6:22:38:07:3c:ae:78:53:70:90:6c:d0:f7:0f:
7d:65:fc:0b:6a:70:82:e7:44:79:fe:a6:7e:14:a7:00:07:a8:
84:e2:83:ec:e1:db:ba:9b:46:f0:66:cd:3b:ca:6a:a1:f4:45:
6e:b2:fe:8d:8e:9b:b1:ed:1d:8f:a4:42:f1:b2:23:06:0c:f2:
4f:d3:1b:02:c2:8e:de:73:e9:16:3c:4e:77:21:1b:8c:f9:f1:
8b:09:de:ea:76:b0:87:35:8b:9a:c9:e5:75:87:de:eb:d2:3f:
1d:79:fd:98:89:e9:d7:d7:77:77:47:35:56:7d:45:6a:79:f8:
20:96:2e:08:35:fc:29:ec:b3:8e:22:fb:e1:b9:2d:68:a2:67:
7c:89:37:3d:9d:59:61:bd:31:a4:ea:d6:14:fd:55:e7:8e:fc:
5c:96:70:52:33:22:0d:69:f7:df:03:ff:42:a4:b5:ea:32:30:
e4:31:57:66:bc:9a:63:ea:0e:0e:7a:63:31:98:95:a3:44:ef:
83:05:37:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZH0WDu2M3xDoJlETVwG4ucBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwOTE1MDYyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjhjNTA3NDQ5MTQxOWQ1MzkyODU0YTlhYTQyMmE5Y2RjMTliNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBuy/bJqBnkUCdrcg7Dx9zNZE4ha
uAG2MKSHeMuK+myWnox/54Ssi74uE+lBkHEIj6m9+fdFtddM58HgqnJ9vymgAtfd
vVdV+c5M08t/iZQjtVruTikIRY3EFz2TLlvQGMwneM33H5sq+U0UZlm+k7SXjucG
eHpdIbcQnFHdXsBBcOJYgwLukBCQl5nIAyCiMZc430qfHeRPoJjSVIh90eo6tlHz
BY/7wNU/P/qd/VLw+Y8reQc3skHv3aZDCCNaFTUt1I7pzngCuAee0pAOHe3yVlL4
4eeKIdYxs5BFOFpAL6HvNwk2SYzQqfmwC9hvtBoZ7C5X+qmQ7wDrP9PdCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEaMUHRJFBnVOShUqapCKpzcGbRDMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvUm94UWRFa1VHZFU1S0ZTcHFrSXFuTndadEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDVDcAAwQA
VDcRAwQAVDcWMA0GCSqGSIb3DQEBCwUAA4IBAQBazn02jfEZkRw/ndlawefczcbg
luD3zkfEkzKjCJhy2EwcPZ0lTWc8fwaK40o+cMZ6m2Fdwh9ichZu1iI4BzyueFNw
kGzQ9w99ZfwLanCC50R5/qZ+FKcAB6iE4oPs4du6m0bwZs07ymqh9EVusv6Njpux
7R2PpELxsiMGDPJP0xsCwo7ec+kWPE53IRuM+fGLCd7qdrCHNYuayeV1h97r0j8d
ef2YienX13d3RzVWfUVqefggli4INfwp7LOOIvvhuS1oomd8iTc9nVlhvTGk6tYU
/VXnjvxclnBSMyINafffA/9CpLXqMjDkMVdmvJpj6g4OemMxmJWjRO+DBTcZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:55 2025 by rpki-client