Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H9AcfYg8Wf9ct2MriTjyJylFXIE.roa
File: H9AcfYg8Wf9ct2MriTjyJylFXIE.roa (raw, json)
Hash identifier: 3fWWbNEpuKbKpAoQDA8Az9OVO86xvf+7AgxA3344jh8=
Subject key identifier: 1F:D0:1C:7D:88:3C:59:FF:5C:B7:63:2B:89:38:F2:27:29:45:5C:81
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191B7037492EF234C7DE705882AE63F402F
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H9AcfYg8Wf9ct2MriTjyJylFXIE.roa
Signing time: Tue 03 Sep 2024 08:32:22 +0000
ROA not before: Tue 03 Sep 2024 08:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25467
IP address blocks: 45.153.126.0/24 maxlen: 24
46.183.184.0/24 maxlen: 24
46.183.185.0/24 maxlen: 24
92.243.65.0/24 maxlen: 24
2a03:f80:385::/48 maxlen: 48
2a03:f80:389::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:03:74:92:ef:23:4c:7d:e7:05:88:2a:e6:3f:40:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 3 08:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fd01c7d883c59ff5cb7632b8938f22729455c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a6:ea:35:0a:bf:db:0c:d2:d4:fc:0b:aa:a4:
fb:20:b2:10:e5:a5:bd:31:f1:e1:1d:e1:4f:34:6b:
c8:7a:0a:25:07:f8:12:0f:7a:b2:49:7f:f9:15:f2:
ee:24:dd:d0:cf:b2:8c:dd:0c:0d:ff:31:20:44:16:
76:16:cc:c8:a6:15:67:89:b2:a1:83:e5:df:d4:af:
de:23:7c:43:85:3b:64:cd:97:8c:a8:67:83:d3:d6:
2f:89:ff:0c:da:2d:66:15:7b:9e:12:28:e6:96:9f:
dc:73:01:5a:27:80:40:b7:94:2e:d4:d8:2b:58:1e:
13:7f:52:f0:0c:db:b8:7c:8b:d2:ba:02:5e:f5:b2:
f5:90:68:b5:ec:9a:11:26:89:9e:b6:04:c4:49:e2:
5a:91:5c:38:aa:fb:93:25:73:ac:a9:5e:5e:27:d4:
d8:52:68:7d:9b:f0:42:ee:7b:54:e4:c7:ec:1a:7e:
b6:d5:d6:59:9a:f1:f9:85:92:da:51:e0:41:50:09:
e1:ec:29:dd:36:92:c6:56:4e:6f:04:bb:cc:0b:85:
09:1b:a9:44:1f:89:d8:91:71:6d:47:58:d4:b6:59:
2a:77:a0:85:d5:13:43:e6:b2:81:27:7a:01:7b:10:
38:c0:c8:22:34:c4:ef:e5:e6:20:b5:ec:d2:68:18:
f4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D0:1C:7D:88:3C:59:FF:5C:B7:63:2B:89:38:F2:27:29:45:5C:81
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/H9AcfYg8Wf9ct2MriTjyJylFXIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.126.0/24
46.183.184.0/23
92.243.65.0/24
IPv6:
2a03:f80:385::/48
2a03:f80:389::/48
Signature Algorithm: sha256WithRSAEncryption
6d:20:1c:b7:79:f9:de:26:0a:ba:ad:8d:52:8c:e8:72:69:0e:
3d:f6:64:e8:8a:f0:84:ce:d9:e3:56:bb:cd:a8:11:cf:c0:d8:
16:08:8a:34:5d:cf:d2:b2:1c:83:b9:18:9c:4b:76:35:55:0b:
6c:10:85:46:06:86:c2:44:6d:b9:82:2a:dd:ae:8e:1e:96:5a:
cb:90:30:62:98:fd:0d:a2:69:1d:ef:4b:5b:b6:0a:6c:bc:10:
ca:42:0a:ca:d5:4f:a4:46:1e:d1:11:6a:95:46:2b:d3:a8:85:
52:91:45:c6:1a:b7:7e:30:9a:c7:01:ad:d0:40:70:c1:52:05:
fe:5e:4d:a6:d8:f8:c8:f7:e2:bd:20:bf:a0:62:e2:d5:12:16:
e7:82:65:ea:62:55:80:41:4e:89:12:f8:91:8e:23:da:96:3a:
32:3d:a0:c5:fb:78:ff:63:7d:73:63:70:fc:02:75:b9:f1:8f:
b4:47:0e:c7:e5:24:1d:3b:9f:7f:cd:ee:0c:ff:f0:9d:fd:a5:
dc:94:a3:22:02:0d:15:c0:3e:26:c4:6b:6c:2b:53:0a:62:81:
e2:69:e3:db:2c:e0:d7:55:f9:38:97:30:51:34:c3:55:87:1e:
57:db:ce:85:f2:a7:1c:86:37:f5:47:f5:19:ee:2b:11:2d:b0:
7f:bd:fa:62
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZG3A3SS7yNMfecFiCrmP0AvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTAzMDgzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQwMWM3ZDg4M2M1OWZmNWNiNzYzMmI4OTM4ZjIyNzI5NDU1YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzabqNQq/2wzS1PwLqqT7ILIQ5aW9
MfHhHeFPNGvIegolB/gSD3qySX/5FfLuJN3Qz7KM3QwN/zEgRBZ2FszIphVnibKh
g+Xf1K/eI3xDhTtkzZeMqGeD09Yvif8M2i1mFXueEijmlp/ccwFaJ4BAt5Qu1Ngr
WB4Tf1LwDNu4fIvSugJe9bL1kGi17JoRJometgTESeJakVw4qvuTJXOsqV5eJ9TY
Umh9m/BC7ntU5MfsGn621dZZmvH5hZLaUeBBUAnh7CndNpLGVk5vBLvMC4UJG6lE
H4nYkXFtR1jUtlkqd6CF1RND5rKBJ3oBexA4wMgiNMTv5eYgtezSaBj0OQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFB/QHH2IPFn/XLdjK4k48icpRVyBMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSDlBY2ZZZzhXZjljdDJNcmlUanlKeWxGWElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALZl+AwQB
Lre4AwQAXPNBMBgEAgACMBIDBwAqAw+AA4UDBwAqAw+AA4kwDQYJKoZIhvcNAQEL
BQADggEBAG0gHLd5+d4mCrqtjVKM6HJpDj32ZOiK8ITO2eNWu82oEc/A2BYIijRd
z9KyHIO5GJxLdjVVC2wQhUYGhsJEbbmCKt2ujh6WWsuQMGKY/Q2iaR3vS1u2Cmy8
EMpCCsrVT6RGHtERapVGK9OohVKRRcYat34wmscBrdBAcMFSBf5eTabY+Mj34r0g
v6Bi4tUSFueCZepiVYBBTokS+JGOI9qWOjI9oMX7eP9jfXNjcPwCdbnxj7RHDsfl
JB07n3/N7gz/8J39pdyUoyICDRXAPibEa2wrUwpigeJp49ss4NdV+TiXMFE0w1WH
HlfbzoXypxyGN/VH9RnuKxEtsH+9+mI=
-----END CERTIFICATE-----
Generated at Tue Oct 29 11:58:33 2024 by rpki-client on console-ams.rpki-client.org