Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_O4L3SQMO5VGyDCPSNPN3pAmvu8.roa
File: _O4L3SQMO5VGyDCPSNPN3pAmvu8.roa (raw, json)
Hash identifier: PLlMeWy0NqEnwuubf4+pDo1Zog+A4K4LkvuIDMwcoKk=
Subject key identifier: FC:EE:0B:DD:24:0C:3B:95:46:C8:30:8F:48:D3:CD:DE:90:26:BE:EF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192DE87E993052BE586F2FDB2C58DD9C96B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_O4L3SQMO5VGyDCPSNPN3pAmvu8.roa
Signing time: Wed 30 Oct 2024 17:45:01 +0000
ROA not before: Wed 30 Oct 2024 17:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Nov 2024 07:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:de:87:e9:93:05:2b:e5:86:f2:fd:b2:c5:8d:d9:c9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 30 17:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcee0bdd240c3b9546c8308f48d3cdde9026beef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b5:60:fd:42:ff:72:4c:a9:99:5b:2c:7f:e2:
25:41:25:34:1d:a3:31:3f:64:0c:5b:ca:84:d8:0d:
00:ac:48:6c:35:3f:4a:b1:e2:65:ec:fa:8d:c6:de:
3e:51:e8:fb:e7:23:d9:f3:c0:4e:5a:5e:5e:60:b2:
a4:7d:6b:4d:db:bf:f0:a7:fb:f1:1f:9e:a6:8a:64:
40:60:99:f3:f6:f7:22:1e:b3:ed:4b:32:a0:bd:d7:
8b:ed:56:d4:3e:45:a5:65:36:f7:2a:67:5b:11:0d:
e4:8a:72:83:c1:31:57:3f:35:89:2c:ce:18:b6:67:
45:e2:8e:cf:93:77:5d:b8:db:b3:a7:2a:c8:70:aa:
3d:16:bf:69:17:af:28:c4:75:bd:76:fa:f7:0d:fa:
f7:d0:79:4a:92:60:33:68:c3:44:60:ff:a4:b7:92:
1e:e2:91:7e:cf:bc:43:f0:bc:3d:3e:36:95:69:c0:
cc:cf:87:40:7f:00:8a:f1:28:34:74:17:26:54:da:
12:48:af:c2:cb:f1:22:5d:21:0b:67:cd:79:68:05:
33:10:b7:d9:fe:09:4f:4c:33:a1:b3:24:1e:84:31:
08:0c:67:71:cf:d6:59:8e:73:57:53:2b:b4:07:21:
27:43:42:da:69:60:22:33:53:d9:28:6c:75:fc:41:
52:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EE:0B:DD:24:0C:3B:95:46:C8:30:8F:48:D3:CD:DE:90:26:BE:EF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_O4L3SQMO5VGyDCPSNPN3pAmvu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:57:2d:e7:29:59:55:67:8e:a0:a7:ba:81:49:d5:8b:44:09:
0c:26:86:e4:fc:9d:6f:5f:8c:91:f7:ac:56:00:fa:3d:c1:bf:
3f:05:9e:79:0b:a4:28:43:ff:a5:cc:7d:b8:07:2f:bb:ae:fe:
cb:3f:00:fd:92:28:47:05:a5:34:b9:78:14:86:9b:1a:f5:c5:
93:8e:8f:0f:e7:f5:cb:54:17:bc:b3:8c:4a:a1:45:b6:6f:d2:
ec:4f:0d:8b:f0:b1:50:32:1d:1c:af:a9:8e:16:e6:7d:d9:20:
02:f9:97:0a:53:4b:8c:43:30:3c:d6:b9:bc:60:06:61:76:56:
52:70:26:a3:06:a3:cb:92:66:7f:5c:23:6b:b5:4a:47:15:10:
3d:56:05:dd:e2:b9:02:6b:ee:02:f5:c3:6b:b6:a0:d2:f9:f9:
69:7d:a3:c5:2f:13:40:57:ed:76:9e:ee:2f:05:50:c7:c1:87:
45:a8:e8:b2:7e:21:8a:9d:2a:df:ed:30:60:1c:16:19:4a:76:
72:99:ed:cc:14:b3:50:c8:45:24:71:38:03:c3:da:ee:3f:1a:
28:09:94:2f:0d:4d:5e:45:98:78:43:5c:fe:a0:c7:b5:97:73:
5b:92:35:52:2f:8b:08:6d:ea:af:c0:10:44:90:1d:29:9a:49:
d0:c0:62:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLeh+mTBSvlhvL9ssWN2clrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDMwMTc0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VlMGJkZDI0MGMzYjk1NDZjODMwOGY0OGQzY2RkZTkwMjZiZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7Vg/UL/ckypmVssf+IlQSU0HaMx
P2QMW8qE2A0ArEhsNT9KseJl7PqNxt4+Uej75yPZ88BOWl5eYLKkfWtN27/wp/vx
H56mimRAYJnz9vciHrPtSzKgvdeL7VbUPkWlZTb3KmdbEQ3kinKDwTFXPzWJLM4Y
tmdF4o7Pk3dduNuzpyrIcKo9Fr9pF68oxHW9dvr3Dfr30HlKkmAzaMNEYP+kt5Ie
4pF+z7xD8Lw9PjaVacDMz4dAfwCK8Sg0dBcmVNoSSK/Cy/EiXSELZ815aAUzELfZ
/glPTDOhsyQehDEIDGdxz9ZZjnNXUyu0ByEnQ0LaaWAiM1PZKGx1/EFSXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPzuC90kDDuVRsgwj0jTzd6QJr7vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX080TDNTUU1PNVZHeURDUFNOUE4zcEFtdnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVRYAwQA
LVn0AwQALVvBMA0GCSqGSIb3DQEBCwUAA4IBAQAMVy3nKVlVZ46gp7qBSdWLRAkM
Jobk/J1vX4yR96xWAPo9wb8/BZ55C6QoQ/+lzH24By+7rv7LPwD9kihHBaU0uXgU
hpsa9cWTjo8P5/XLVBe8s4xKoUW2b9LsTw2L8LFQMh0cr6mOFuZ92SAC+ZcKU0uM
QzA81rm8YAZhdlZScCajBqPLkmZ/XCNrtUpHFRA9VgXd4rkCa+4C9cNrtqDS+flp
faPFLxNAV+12nu4vBVDHwYdFqOiyfiGKnSrf7TBgHBYZSnZyme3MFLNQyEUkcTgD
w9ruPxooCZQvDU1eRZh4Q1z+oMe1l3NbkjVSL4sIbeqvwBBEkB0pmknQwGJ0
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:58 2025 by rpki-client