Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/fVcgsSneQ87C4i0IV7IkoCr35P4.roa
File: fVcgsSneQ87C4i0IV7IkoCr35P4.roa (raw, json)
Hash identifier: QQfBBhuGFrexsSPsqg/kHQJEI0GOdVBtK/r8Cy0LzGc=
Subject key identifier: 7D:57:20:B1:29:DE:43:CE:C2:E2:2D:08:57:B2:24:A0:2A:F7:E4:FE
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01916016A5C5189C6A6190944A7F00757947
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/fVcgsSneQ87C4i0IV7IkoCr35P4.roa
Signing time: Sat 17 Aug 2024 11:26:22 +0000
ROA not before: Sat 17 Aug 2024 11:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 45.88.0.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 13:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:60:16:a5:c5:18:9c:6a:61:90:94:4a:7f:00:75:79:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Aug 17 11:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d5720b129de43cec2e22d0857b224a02af7e4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:59:df:7b:8e:d7:d3:0c:4d:e3:9d:58:89:
14:95:37:d9:c2:34:1b:1f:28:fb:99:30:fe:c5:7a:
94:30:08:3a:1a:74:a2:4f:ec:1d:4e:35:ab:0e:23:
31:fc:b7:4a:a9:16:51:e2:dd:2a:d9:dc:fc:a3:e0:
c5:eb:ff:55:d4:6d:67:10:b2:49:e1:18:ba:3a:36:
98:a5:1f:4e:f6:a9:43:43:d4:04:c3:25:64:72:23:
20:6d:74:3c:1d:9f:eb:4f:91:24:82:b9:a6:c4:38:
3d:9b:25:cd:04:bd:f6:01:d2:9c:c0:c0:ec:52:3f:
34:4a:12:f9:f8:a2:a3:df:e2:05:23:2e:e1:db:d3:
89:02:c1:45:74:43:c9:4c:dc:6f:f0:ab:81:e1:8e:
52:69:d3:91:9a:50:f5:7b:70:9b:99:33:c1:b9:4b:
be:d0:22:24:cc:15:b1:70:f5:25:17:79:b9:91:d9:
12:3d:a7:9b:64:18:82:db:69:25:15:d2:83:48:33:
0f:ed:c6:59:0a:f3:c6:18:05:03:1e:08:e3:76:82:
d7:3c:4f:b3:4e:b0:0c:de:6c:fa:2d:b6:87:e5:8e:
44:bb:f1:8e:a8:9c:2c:64:13:c3:c8:7e:39:14:8f:
db:51:fb:fd:4c:66:ac:1a:33:72:f6:f8:24:2f:49:
d4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:57:20:B1:29:DE:43:CE:C2:E2:2D:08:57:B2:24:A0:2A:F7:E4:FE
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/fVcgsSneQ87C4i0IV7IkoCr35P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.0.0/24
45.148.145.0-45.148.146.255
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
20:f8:08:92:53:91:28:63:a9:05:80:0c:f5:0e:fc:6c:ec:45:
1b:50:5f:28:47:db:50:f0:d9:2b:58:6a:48:70:b4:06:8f:0a:
e1:3a:d7:5d:c4:02:4c:ec:60:6c:9e:ba:c7:7c:01:07:33:64:
15:e1:9a:2a:96:a7:53:36:ac:ea:13:fe:4a:d7:78:c2:17:15:
34:00:0f:85:7d:4b:82:d7:91:36:5e:ff:fe:44:51:52:55:35:
0a:9f:76:c0:24:f6:b1:40:2b:00:ba:66:cb:35:5e:2b:34:11:
3f:d5:da:87:30:7f:22:cc:97:53:9e:7a:91:bf:12:e0:0b:c2:
0a:b0:14:4d:cc:2d:bc:b8:90:d1:56:df:66:3f:91:7b:ff:db:
b7:28:ef:1c:6e:ec:99:af:d1:ee:87:80:89:94:b2:31:25:63:
73:f3:ff:65:06:9f:b6:7c:b6:75:b6:04:e5:0e:b5:f6:ef:8e:
5f:4d:28:d9:f0:6c:71:09:1d:87:ad:b4:c8:ce:89:b0:5a:10:
13:4e:3f:62:81:cc:c1:60:3f:37:e3:cb:79:51:47:6c:89:fb:
d0:1c:74:0b:76:d2:89:1a:b8:2a:03:ab:f2:47:bf:ee:76:2a:
85:8a:05:20:21:24:0b:f3:22:11:86:0f:46:09:63:eb:53:60:
be:a9:28:62
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFgFqXFGJxqYZCUSn8AdXlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwODE3MTEyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDU3MjBiMTI5ZGU0M2NlYzJlMjJkMDg1N2IyMjRhMDJhZjdlNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm1Z33uO19MMTeOdWIkUlTfZwjQb
Hyj7mTD+xXqUMAg6GnSiT+wdTjWrDiMx/LdKqRZR4t0q2dz8o+DF6/9V1G1nELJJ
4Ri6OjaYpR9O9qlDQ9QEwyVkciMgbXQ8HZ/rT5EkgrmmxDg9myXNBL32AdKcwMDs
Uj80ShL5+KKj3+IFIy7h29OJAsFFdEPJTNxv8KuB4Y5SadORmlD1e3CbmTPBuUu+
0CIkzBWxcPUlF3m5kdkSPaebZBiC22klFdKDSDMP7cZZCvPGGAUDHgjjdoLXPE+z
TrAM3mz6LbaH5Y5Eu/GOqJwsZBPDyH45FI/bUfv9TGasGjNy9vgkL0nUSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH1XILEp3kPOwuItCFeyJKAq9+T+MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvZlZjZ3NTbmVRODdDNGkwSVY3SWtvQ3IzNVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVgAMAwD
BAAtlJEDBAAtlJIDBAG52YgwDQYJKoZIhvcNAQELBQADggEBACD4CJJTkShjqQWA
DPUO/GzsRRtQXyhH21Dw2StYakhwtAaPCuE6113EAkzsYGyeusd8AQczZBXhmiqW
p1M2rOoT/krXeMIXFTQAD4V9S4LXkTZe//5EUVJVNQqfdsAk9rFAKwC6Zss1Xis0
ET/V2ocwfyLMl1OeepG/EuALwgqwFE3MLby4kNFW32Y/kXv/27co7xxu7Jmv0e6H
gImUsjElY3Pz/2UGn7Z8tnW2BOUOtfbvjl9NKNnwbHEJHYettMjOibBaEBNOP2KB
zMFgPzfjy3lRR2yJ+9AcdAt20okauCoDq/JHv+52KoWKBSAhJAvzIhGGD0YJY+tT
YL6pKGI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:10 2025 by rpki-client