Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/DxO2ust50ZUMaDIFQXZdqXHWfeE.roa
File: DxO2ust50ZUMaDIFQXZdqXHWfeE.roa (raw, json)
Hash identifier: 8cS5txjFKipxUYqIX5WoNhh6tmLwksmM61erk8dPDcA=
Subject key identifier: 0F:13:B6:BA:CB:79:D1:95:0C:68:32:05:41:76:5D:A9:71:D6:7D:E1
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 018D79689C99660BFAFC93060905E6F84C54
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/DxO2ust50ZUMaDIFQXZdqXHWfeE.roa
Signing time: Mon 05 Feb 2024 13:15:15 +0000
ROA not before: Mon 05 Feb 2024 13:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 45.139.8.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
91.243.119.0/24 maxlen: 24
185.217.39.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 20:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:68:9c:99:66:0b:fa:fc:93:06:09:05:e6:f8:4c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Feb 5 13:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f13b6bacb79d1950c68320541765da971d67de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:06:25:c4:d0:dc:db:bb:0d:bd:e3:9e:e8:
cd:1c:d2:46:ca:3d:5a:cb:60:61:a7:bf:58:34:eb:
0b:e1:c0:aa:b7:ca:79:b8:b8:b7:7e:59:8b:48:2f:
6f:c9:96:31:59:54:8b:67:79:63:64:e4:d3:49:2e:
85:cc:ad:cf:a9:6b:8a:47:87:e9:ab:b6:f4:e6:69:
fe:a2:ba:f3:99:65:cd:11:aa:ca:15:e9:16:b6:4f:
49:c6:d3:b0:b7:04:10:4a:02:39:49:dc:a7:1b:9c:
64:fe:5a:5a:05:a8:a6:fd:80:dc:fc:6c:2c:e9:32:
f4:a0:86:24:9e:7b:e0:8e:b6:25:c3:17:ea:62:4f:
a2:ed:02:7c:82:ed:89:47:83:5a:ff:fa:1e:85:bc:
dc:d0:70:8f:bc:48:b1:91:c2:a0:92:c7:a3:22:7c:
8e:af:46:37:e2:3a:ca:6a:7d:44:ff:8c:14:a6:c5:
b5:ad:3f:b8:ad:b9:f3:3e:5e:5d:39:b5:0b:34:58:
12:b2:37:9a:b2:e6:b1:c8:77:d2:93:2b:7a:11:89:
35:1c:30:f6:a1:eb:d3:c8:8b:f7:d9:64:86:a8:ed:
b4:2d:95:c8:35:df:19:ef:c7:e9:e7:e0:b8:ab:6d:
4b:43:17:7f:fa:b3:01:b3:35:15:ff:72:5d:12:2c:
6d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:B6:BA:CB:79:D1:95:0C:68:32:05:41:76:5D:A9:71:D6:7D:E1
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/DxO2ust50ZUMaDIFQXZdqXHWfeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/23
91.243.119.0/24
185.217.39.0/24
194.180.209.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:f5:e0:fc:71:2e:b4:a9:41:6f:09:98:08:ff:80:4c:43:8d:
8f:58:64:b3:f7:f5:be:7b:16:1f:76:79:42:fa:70:79:a0:d0:
7e:83:96:70:19:2f:5d:40:0e:d1:b7:83:53:8f:ba:ff:ef:99:
68:f2:af:dc:ed:8b:53:49:ee:33:ae:31:4f:99:0c:95:90:7b:
e6:18:02:e9:19:68:5f:8f:ca:bf:30:43:e1:16:e0:3c:3f:58:
99:79:89:6b:bc:e9:0e:b3:7d:48:f4:f7:4a:87:9d:84:a5:fe:
70:2d:c9:8e:67:d0:c4:7b:9a:85:b9:7a:7d:9c:b1:c9:4c:e3:
42:cd:3d:5f:c4:ce:8c:50:44:a4:c2:de:63:9b:1a:61:fa:d6:
50:c7:f7:dd:88:59:e6:30:03:d3:7d:d9:ee:ca:de:b2:1e:c5:
2b:cb:3d:e4:98:3e:f5:bb:0d:27:69:6a:c2:ad:08:97:ed:14:
d3:4b:b9:3e:99:14:1c:bb:27:6d:99:c3:70:d2:cb:28:d8:72:
48:38:13:ab:3f:63:be:f1:ae:41:30:28:a7:23:d7:18:9c:51:
cd:89:f7:ef:88:2d:fe:93:0a:21:24:0e:5d:7d:84:66:e6:5d:
d3:7b:d1:1e:0b:34:f2:92:05:ad:43:05:88:f3:4b:2e:28:3a:
85:e1:e2:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY15aJyZZgv6/JMGCQXm+ExUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjQwMjA1MTMxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjEzYjZiYWNiNzlkMTk1MGM2ODMyMDU0MTc2NWRhOTcxZDY3ZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstIGJcTQ3Nu7Db3jnujNHNJGyj1a
y2Bhp79YNOsL4cCqt8p5uLi3flmLSC9vyZYxWVSLZ3ljZOTTSS6FzK3PqWuKR4fp
q7b05mn+orrzmWXNEarKFekWtk9JxtOwtwQQSgI5SdynG5xk/lpaBaim/YDc/Gws
6TL0oIYknnvgjrYlwxfqYk+i7QJ8gu2JR4Na//oehbzc0HCPvEixkcKgksejInyO
r0Y34jrKan1E/4wUpsW1rT+4rbnzPl5dObULNFgSsjeasuaxyHfSkyt6EYk1HDD2
oevTyIv32WSGqO20LZXINd8Z78fp5+C4q21LQxd/+rMBszUV/3JdEixtTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA8TtrrLedGVDGgyBUF2Xalx1n3hMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvRHhPMnVzdDUwWlVNYURJRlFYWmRxWEhXZmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYsIAwQA
W/N3AwQAudknAwQAwrTRMA0GCSqGSIb3DQEBCwUAA4IBAQCb9eD8cS60qUFvCZgI
/4BMQ42PWGSz9/W+exYfdnlC+nB5oNB+g5ZwGS9dQA7Rt4NTj7r/75lo8q/c7YtT
Se4zrjFPmQyVkHvmGALpGWhfj8q/MEPhFuA8P1iZeYlrvOkOs31I9PdKh52Epf5w
LcmOZ9DEe5qFuXp9nLHJTONCzT1fxM6MUESkwt5jmxph+tZQx/fdiFnmMAPTfdnu
yt6yHsUryz3kmD71uw0naWrCrQiX7RTTS7k+mRQcuydtmcNw0sso2HJIOBOrP2O+
8a5BMCinI9cYnFHNiffviC3+kwohJA5dfYRm5l3Te9EeCzTykgWtQwWI80suKDqF
4eJs
-----END CERTIFICATE-----
Generated at Wed Feb 7 00:25:25 2024 by rpki-client on console-fra.rpki-client.org