Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/elH4WDN35O4Ttoo9q38TPQai83A.roa
File: elH4WDN35O4Ttoo9q38TPQai83A.roa (raw, json)
Hash identifier: 80VlyKmxkykXjFZ1D5EP2sSPso6gthRoIrxjnFn0Od8=
Subject key identifier: 7A:51:F8:58:33:77:E4:EE:13:B6:8A:3D:AB:7F:13:3D:06:A2:F3:70
Certificate issuer: /CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Certificate serial: 0191B1C8F48DA55B5030C741B3983E7007EC
Authority key identifier: BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/elH4WDN35O4Ttoo9q38TPQai83A.roa
Signing time: Mon 02 Sep 2024 08:10:22 +0000
ROA not before: Mon 02 Sep 2024 08:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 84.38.48.0/23 maxlen: 23
84.38.50.0/24 maxlen: 24
84.38.52.0/23 maxlen: 23
84.38.56.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b1:c8:f4:8d:a5:5b:50:30:c7:41:b3:98:3e:70:07:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde2db8498ee8f7b3ab5caae83829596620702c1
Validity
Not Before: Sep 2 08:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a51f8583377e4ee13b68a3dab7f133d06a2f370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:02:41:a9:33:10:88:ad:50:03:c7:34:58:e9:
b3:8f:00:1a:be:3b:3e:5b:c4:46:8b:85:fb:67:0b:
23:60:94:ef:9c:74:09:06:d6:95:86:f3:ed:2c:d2:
43:80:50:e8:c3:b1:e3:ee:a7:5c:fa:97:2f:a7:b7:
54:b7:a2:95:e6:5e:73:74:5d:17:8f:1a:a6:04:5e:
53:58:fd:3f:00:d0:08:20:72:da:b6:9f:df:1e:d6:
06:b4:2e:b1:7e:24:8d:e6:8c:32:ec:8c:6e:4d:31:
0e:42:bb:a3:c3:c9:ea:29:3e:b3:32:74:45:1f:75:
c0:15:8d:48:9d:c2:6e:36:82:67:ed:92:4c:89:1e:
78:1d:5e:68:95:8e:dc:1c:f6:43:3c:10:07:6c:e9:
f9:3f:3f:8f:68:fe:4e:c5:f9:85:7b:48:0e:1b:c3:
c0:23:9a:57:9a:4e:20:3a:e2:e7:ea:11:8c:52:7f:
ef:7f:73:a2:a5:1d:04:f4:83:2a:5c:4a:38:1a:ec:
d7:42:63:eb:31:dc:84:c9:84:fc:1f:06:cc:07:61:
45:5a:12:30:72:89:26:20:55:bf:88:7d:eb:84:a0:
93:0a:7b:e9:db:13:d0:34:27:b1:2f:64:d8:e6:d8:
58:b2:2e:a0:c8:e3:29:70:16:d9:f1:eb:db:0b:e7:
15:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:51:F8:58:33:77:E4:EE:13:B6:8A:3D:AB:7F:13:3D:06:A2:F3:70
X509v3 Authority Key Identifier:
keyid:BD:E2:DB:84:98:EE:8F:7B:3A:B5:CA:AE:83:82:95:96:62:07:02:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veLbhJjuj3s6tcqug4KVlmIHAsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/elH4WDN35O4Ttoo9q38TPQai83A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b19bd8-e1d8-4388-a3b6-12255e3612ec/1/veLbhJjuj3s6tcqug4KVlmIHAsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.48.0-84.38.50.255
84.38.52.0/23
84.38.56.0/23
Signature Algorithm: sha256WithRSAEncryption
32:5e:01:f7:a0:29:79:ae:df:64:ef:56:5b:01:bf:4c:51:dd:
05:72:05:94:82:5e:1f:91:8c:2f:82:21:c8:d5:2b:7a:29:3c:
cf:09:70:bc:4e:c9:19:c8:2b:99:47:3f:74:9b:f2:74:02:09:
05:7f:a8:cc:9e:e7:b7:54:55:88:31:a9:96:6a:20:47:2b:d4:
bc:66:4a:a1:67:8e:19:8b:28:99:44:c0:c8:40:de:d3:3b:53:
13:94:f0:e0:e3:9f:44:7d:c6:e5:77:f2:72:52:da:97:06:6d:
26:5b:ae:45:6c:ec:05:7f:31:13:7e:fb:54:da:63:73:d8:c7:
a9:2a:7f:8d:35:7c:c4:1f:2f:77:0d:5f:82:ca:b5:6a:11:2d:
87:57:73:a2:82:b0:8c:23:5b:25:ca:04:9d:47:5f:5f:88:6b:
33:06:9c:b4:91:bd:29:31:27:e2:14:9f:80:48:b2:d7:83:b5:
69:74:22:ea:c3:e5:6b:0f:f9:98:28:f3:0c:47:5c:e3:7f:c9:
56:31:5f:55:db:df:7c:d8:66:48:9d:84:b2:c6:13:e7:72:89:
b7:18:71:8c:86:46:d3:ba:2d:2e:2a:1d:5b:58:94:50:a1:4c:
a6:f6:d7:33:75:e5:65:2c:84:ec:9d:ba:b8:41:87:fc:dd:4f:
32:f8:c3:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZGxyPSNpVtQMMdBs5g+cAfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTJkYjg0OThlZThmN2IzYWI1Y2FhZTgzODI5NTk2NjIw
NzAyYzEwHhcNMjQwOTAyMDgxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTUxZjg1ODMzNzdlNGVlMTNiNjhhM2RhYjdmMTMzZDA2YTJmMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgJBqTMQiK1QA8c0WOmzjwAavjs+
W8RGi4X7ZwsjYJTvnHQJBtaVhvPtLNJDgFDow7Hj7qdc+pcvp7dUt6KV5l5zdF0X
jxqmBF5TWP0/ANAIIHLatp/fHtYGtC6xfiSN5owy7IxuTTEOQrujw8nqKT6zMnRF
H3XAFY1IncJuNoJn7ZJMiR54HV5olY7cHPZDPBAHbOn5Pz+PaP5OxfmFe0gOG8PA
I5pXmk4gOuLn6hGMUn/vf3OipR0E9IMqXEo4GuzXQmPrMdyEyYT8HwbMB2FFWhIw
cokmIFW/iH3rhKCTCnvp2xPQNCexL2TY5thYsi6gyOMpcBbZ8evbC+cVpQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHpR+Fgzd+TuE7aKPat/Ez0GovNwMB8GA1UdIwQY
MBaAFL3i24SY7o97OrXKroOClZZiBwLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYt
MTIyNTVlMzYxMmVjLzEvZWxINFdETjM1TzRUdG9vOXEzOFRQUWFpODNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMTliZDgtZTFkOC00Mzg4LWEzYjYtMTIyNTVlMzYxMmVj
LzEvdmVMYmhKanVqM3M2dGNxdWc0S1ZsbUlIQXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARUJjAD
BABUJjIDBAFUJjQDBAFUJjgwDQYJKoZIhvcNAQELBQADggEBADJeAfegKXmu32Tv
VlsBv0xR3QVyBZSCXh+RjC+CIcjVK3opPM8JcLxOyRnIK5lHP3Sb8nQCCQV/qMye
57dUVYgxqZZqIEcr1LxmSqFnjhmLKJlEwMhA3tM7UxOU8ODjn0R9xuV38nJS2pcG
bSZbrkVs7AV/MRN++1TaY3PYx6kqf401fMQfL3cNX4LKtWoRLYdXc6KCsIwjWyXK
BJ1HX1+IazMGnLSRvSkxJ+IUn4BIsteDtWl0IurD5WsP+Zgo8wxHXON/yVYxX1Xb
33zYZkidhLLGE+dyibcYcYyGRtO6LS4qHVtYlFChTKb21zN15WUshOydurhBh/zd
TzL4wyQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:39 2025 by rpki-client