Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yJIp62xqWgSVO7cmGtBmgS0LD64.roa
File: yJIp62xqWgSVO7cmGtBmgS0LD64.roa (raw, json)
Hash identifier: aiyUXd1VZydED2YBU4BVjMhrvblhKIxpS3PsI8xMcy8=
Subject key identifier: C8:92:29:EB:6C:6A:5A:04:95:3B:B7:26:1A:D0:66:81:2D:0B:0F:AE
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019121CF62D3233A387F3BF7803000468C2C
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yJIp62xqWgSVO7cmGtBmgS0LD64.roa
Signing time: Mon 05 Aug 2024 09:12:04 +0000
ROA not before: Mon 05 Aug 2024 09:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215826
IP address blocks: 147.45.45.0/24 maxlen: 24
193.233.112.0/23 maxlen: 23
193.233.134.0/24 maxlen: 24
193.233.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Oct 2024 06:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:cf:62:d3:23:3a:38:7f:3b:f7:80:30:00:46:8c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 5 09:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c89229eb6c6a5a04953bb7261ad066812d0b0fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4e:63:72:47:8c:72:16:bb:98:11:f5:f7:fa:
04:14:21:90:19:f4:f6:ff:87:4b:20:7e:be:23:6b:
50:3e:6c:ff:8b:54:e9:83:95:c1:b5:61:90:b6:97:
8e:c4:85:8d:91:e1:80:3e:c5:2a:d6:96:d5:c2:36:
96:bd:09:ef:c0:29:89:b7:da:97:58:f0:eb:8d:02:
ce:99:0c:c7:7d:f5:2c:4d:36:65:76:7b:ab:bb:99:
f3:ea:d7:f6:e7:51:2f:d3:ff:7c:56:0b:34:d0:d0:
f4:a6:a4:ee:5a:5d:8a:6b:d2:14:1d:8b:d0:8d:92:
86:d3:52:f6:10:9e:56:94:36:54:51:04:7d:63:dc:
25:66:a4:1a:66:84:3c:a7:6e:3a:6a:60:25:3f:c6:
9c:6f:1e:e7:00:32:8a:9e:c7:49:e0:e8:d3:cb:75:
dd:8b:8c:40:92:21:0c:de:f7:b4:de:51:e3:84:93:
0d:91:e8:f2:ac:ae:06:0b:24:a8:ff:46:95:f1:03:
7d:ff:d8:3b:6e:05:7b:27:c6:a8:2f:d4:f2:fc:7c:
18:87:2c:17:ec:b3:0a:0e:53:6c:48:96:9a:ee:2b:
c5:99:fb:67:44:50:c2:ec:f7:de:36:b2:3f:fd:44:
95:43:84:07:04:c8:43:b2:44:84:8e:1d:7e:29:09:
5c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:92:29:EB:6C:6A:5A:04:95:3B:B7:26:1A:D0:66:81:2D:0B:0F:AE
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yJIp62xqWgSVO7cmGtBmgS0LD64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.45.0/24
193.233.112.0/23
193.233.134.0/24
193.233.254.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:14:ba:6b:b3:b3:02:80:7a:00:44:6f:79:a1:d4:0c:df:1f:
eb:49:02:72:c4:b7:91:f3:88:65:bf:3e:57:c4:52:3a:a3:73:
30:bd:1b:33:e2:2a:c9:8a:fd:e3:13:31:f9:82:2b:e5:b7:98:
5e:6e:22:18:ec:e5:e0:3d:b6:06:91:71:4a:0e:ed:78:61:61:
ac:43:e6:2f:e2:9f:94:4b:51:6a:35:47:30:50:0f:fa:ae:05:
b1:67:09:4e:ed:98:dd:1c:01:97:ce:d3:10:e0:7e:c2:1c:c5:
3d:a6:dd:fd:07:8c:08:be:64:b6:5c:0a:be:4b:6d:36:0b:81:
1e:28:1b:b2:ed:5a:91:e7:9a:52:3d:c6:4e:e1:d3:05:26:fc:
bc:71:11:8a:8a:f7:2c:97:95:52:5a:a4:c8:dd:23:8c:7b:f0:
e9:f6:a1:16:ff:30:d2:17:62:0d:df:e4:64:b0:fd:63:10:74:
f8:27:c1:44:80:b7:c6:d8:52:05:0d:74:ec:5c:1b:3c:7d:68:
4c:0b:89:bd:ae:54:90:ae:24:4c:09:98:40:2b:d0:e5:ff:1e:
0d:0d:6e:db:ac:7a:3d:7d:53:45:f4:87:b1:1b:e8:24:d5:45:
2d:91:29:ac:4a:7e:cc:25:45:2b:02:ae:07:d2:c6:41:99:7a:
31:23:68:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEhz2LTIzo4fzv3gDAARowsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwODA1MDkxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODkyMjllYjZjNmE1YTA0OTUzYmI3MjYxYWQwNjY4MTJkMGIwZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE5jckeMcha7mBH19/oEFCGQGfT2
/4dLIH6+I2tQPmz/i1Tpg5XBtWGQtpeOxIWNkeGAPsUq1pbVwjaWvQnvwCmJt9qX
WPDrjQLOmQzHffUsTTZldnuru5nz6tf251Ev0/98Vgs00ND0pqTuWl2Ka9IUHYvQ
jZKG01L2EJ5WlDZUUQR9Y9wlZqQaZoQ8p246amAlP8acbx7nADKKnsdJ4OjTy3Xd
i4xAkiEM3ve03lHjhJMNkejyrK4GCySo/0aV8QN9/9g7bgV7J8aoL9Ty/HwYhywX
7LMKDlNsSJaa7ivFmftnRFDC7PfeNrI//USVQ4QHBMhDskSEjh1+KQlcowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMiSKetsaloElTu3JhrQZoEtCw+uMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveUpJcDYyeHFXZ1NWTzdjbUd0Qm1nUzBMRDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAky0tAwQB
welwAwQAwemGAwQAwen+MA0GCSqGSIb3DQEBCwUAA4IBAQA8FLprs7MCgHoARG95
odQM3x/rSQJyxLeR84hlvz5XxFI6o3MwvRsz4irJiv3jEzH5givlt5hebiIY7OXg
PbYGkXFKDu14YWGsQ+Yv4p+US1FqNUcwUA/6rgWxZwlO7ZjdHAGXztMQ4H7CHMU9
pt39B4wIvmS2XAq+S202C4EeKBuy7VqR55pSPcZO4dMFJvy8cRGKivcsl5VSWqTI
3SOMe/Dp9qEW/zDSF2IN3+RksP1jEHT4J8FEgLfG2FIFDXTsXBs8fWhMC4m9rlSQ
riRMCZhAK9Dl/x4NDW7brHo9fVNF9IexG+gk1UUtkSmsSn7MJUUrAq4H0sZBmXox
I2jc
-----END CERTIFICATE-----
Generated at Sun Oct 6 08:32:08 2024 by rpki-client on console-fra.rpki-client.org