Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3s_bztYEhWAUEie2Bx2Vq6SIhws.roa
File: 3s_bztYEhWAUEie2Bx2Vq6SIhws.roa (raw, json)
Hash identifier: fA/lg1pHEBnv5kGj70XhojfAAaweilTm+mdOn+GgZQY=
Subject key identifier: DE:CF:DB:CE:D6:04:85:60:14:12:27:B6:07:1D:95:AB:A4:88:87:0B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0191BC07F181664AB4B1E4BA2E01582AA844
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3s_bztYEhWAUEie2Bx2Vq6SIhws.roa
Signing time: Wed 04 Sep 2024 07:55:22 +0000
ROA not before: Wed 04 Sep 2024 07:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Sep 2024 08:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:07:f1:81:66:4a:b4:b1:e4:ba:2e:01:58:2a:a8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 4 07:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=decfdbced6048560141227b6071d95aba488870b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:87:f2:a5:70:af:6a:10:eb:34:59:58:b0:
a9:b1:8d:a6:11:7f:d9:84:28:31:49:e2:91:28:43:
e6:af:d2:7c:6a:8b:8c:8b:a5:3d:33:95:0d:f0:99:
ca:2d:09:a9:ef:b1:2b:84:68:94:e2:59:a5:e3:ec:
67:40:0c:09:50:d6:6e:51:91:48:31:06:74:8d:56:
19:b0:44:84:eb:db:f0:4f:45:5d:17:c8:36:18:73:
d0:3f:22:2e:07:61:26:e3:ec:0a:15:70:33:8d:0e:
b5:cb:c8:e0:8f:a6:16:a5:00:86:d8:f9:e5:92:1b:
21:9a:a0:e5:b8:11:09:4c:b8:32:d7:07:c2:a7:3b:
92:51:fd:bb:2a:0e:d4:6c:8c:4d:88:2b:7c:59:35:
fd:8c:a3:9f:e3:6b:79:9c:c7:ee:ab:7c:11:e4:e9:
92:67:59:e4:94:66:69:dc:a4:02:26:76:a1:e4:e2:
09:c1:e3:81:1a:80:3a:39:0c:f9:7d:32:25:f3:e7:
85:07:58:25:76:8e:48:08:75:ac:6f:f6:b3:e0:8a:
14:d9:79:c1:30:9b:71:4e:1e:13:bf:25:a6:f8:d5:
16:58:36:25:d5:ac:c3:c9:6c:dc:49:5c:61:7b:c3:
7b:84:80:68:d0:d1:9b:8c:ce:67:01:d9:58:30:40:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CF:DB:CE:D6:04:85:60:14:12:27:B6:07:1D:95:AB:A4:88:87:0B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3s_bztYEhWAUEie2Bx2Vq6SIhws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d8:a3:a7:b7:a5:11:fb:72:07:e0:e6:08:66:67:c3:01:5d:
e5:d1:ce:46:9c:a0:75:c4:2f:c5:58:c2:f8:1a:c1:3e:8f:73:
db:aa:b4:7c:3c:d0:27:a2:43:35:35:e4:9f:1c:ee:6d:c0:9c:
00:f5:65:54:2c:4f:fb:c2:b5:d6:b7:6e:80:60:52:12:de:0f:
1b:f2:77:d8:e0:1b:06:b4:e6:a2:df:22:2d:36:4a:3e:85:bc:
0a:f2:6b:98:36:e5:5d:0d:37:73:d7:2f:80:5c:df:7d:cc:05:
d4:b7:20:50:bc:e5:f2:c9:aa:61:64:d0:99:8a:12:20:96:ac:
ab:45:3d:af:e0:83:61:9c:4b:65:dc:8e:31:50:f7:bc:ef:e8:
e0:21:c7:c8:9f:f7:b3:fd:01:02:03:af:47:9b:0a:cd:3e:6d:
1a:bd:4c:7f:b8:65:9d:0f:c9:04:62:ce:6d:bd:92:d7:b8:78:
e6:5f:94:83:f9:46:19:d5:44:89:e4:d7:89:66:a9:d6:5a:77:
b6:71:08:8e:58:70:ae:34:12:ba:51:8c:ec:12:ce:32:71:52:
bd:fb:7b:10:46:ca:fd:f1:f7:f7:2c:de:cc:a1:50:f6:55:9b:
3c:0c:dd:4f:8d:bc:0f:ba:4f:19:ce:37:dd:a9:84:24:e4:f4:
fc:fe:be:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG8B/GBZkq0seS6LgFYKqhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTA0MDc1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWNmZGJjZWQ2MDQ4NTYwMTQxMjI3YjYwNzFkOTVhYmE0ODg4NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD6H8qVwr2oQ6zRZWLCpsY2mEX/Z
hCgxSeKRKEPmr9J8aouMi6U9M5UN8JnKLQmp77ErhGiU4lml4+xnQAwJUNZuUZFI
MQZ0jVYZsESE69vwT0VdF8g2GHPQPyIuB2Em4+wKFXAzjQ61y8jgj6YWpQCG2Pnl
khshmqDluBEJTLgy1wfCpzuSUf27Kg7UbIxNiCt8WTX9jKOf42t5nMfuq3wR5OmS
Z1nklGZp3KQCJnah5OIJweOBGoA6OQz5fTIl8+eFB1gldo5ICHWsb/az4IoU2XnB
MJtxTh4TvyWm+NUWWDYl1azDyWzcSVxhe8N7hIBo0NGbjM5nAdlYMED2bwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN7P287WBIVgFBIntgcdlaukiIcLMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvM3NfYnp0WUVoV0FVRWllMkJ4MlZxNlNJaHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQBT2KOnt6UR+3IH4OYIZmfDAV3l
0c5GnKB1xC/FWML4GsE+j3PbqrR8PNAnokM1NeSfHO5twJwA9WVULE/7wrXWt26A
YFIS3g8b8nfY4BsGtOai3yItNko+hbwK8muYNuVdDTdz1y+AXN99zAXUtyBQvOXy
yaphZNCZihIglqyrRT2v4INhnEtl3I4xUPe87+jgIcfIn/ez/QECA69HmwrNPm0a
vUx/uGWdD8kEYs5tvZLXuHjmX5SD+UYZ1USJ5NeJZqnWWne2cQiOWHCuNBK6UYzs
Es4ycVK9+3sQRsr98ff3LN7MoVD2VZs8DN1PjbwPuk8ZzjfdqYQk5PT8/r63
-----END CERTIFICATE-----
Generated at Sat Sep 14 10:28:51 2024 by rpki-client on console-ams.rpki-client.org