Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9WQeEU01XLv6ERz0XuvFbxs7FwA.roa
File: 9WQeEU01XLv6ERz0XuvFbxs7FwA.roa (raw, json)
Hash identifier: 9JFh9HUPm4wX4SSsoTxX6mT1DD84tfEZzjI2HtVFHno=
Subject key identifier: F5:64:1E:11:4D:35:5C:BB:FA:11:1C:F4:5E:EB:C5:6F:1B:3B:17:00
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0193B1CA415A5BE5425481688FD88EBE4A2B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9WQeEU01XLv6ERz0XuvFbxs7FwA.roa
Signing time: Tue 10 Dec 2024 18:17:22 +0000
ROA not before: Tue 10 Dec 2024 18:17:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.88.137.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 17:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:ca:41:5a:5b:e5:42:54:81:68:8f:d8:8e:be:4a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 10 18:17:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5641e114d355cbbfa111cf45eebc56f1b3b1700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:61:b7:6f:52:9e:21:5c:01:d8:76:a8:d9:da:
2f:da:ca:a1:b9:f4:37:ae:4a:7a:a2:da:6c:e5:1b:
ed:9f:88:21:6d:ed:4c:0f:2a:ee:5b:6d:57:46:a3:
b2:35:9d:45:26:11:34:2c:58:7a:ed:8b:a1:0e:e1:
9b:58:90:12:df:0f:7b:d4:9a:2e:dc:96:13:17:d9:
13:0f:f4:b8:51:ee:1d:91:79:a6:05:4f:54:04:85:
e8:20:96:78:57:62:60:05:3b:e9:cd:d1:30:c8:38:
e2:9c:b8:a8:e5:db:12:96:4b:55:d7:e3:9d:11:0a:
03:c2:bf:57:94:71:2b:4e:4b:1c:7c:da:8f:f9:69:
26:fa:82:7d:35:51:3f:47:26:10:43:3f:ab:8e:32:
b1:94:57:a7:c1:c0:c8:72:77:23:f4:34:01:7f:91:
9d:a7:d7:56:68:dc:39:62:1e:e8:9c:79:57:d3:92:
da:ee:cc:03:18:7f:fc:7d:b5:da:f5:39:f3:a5:67:
11:fd:ac:bb:f4:22:e0:c7:4a:33:0b:b6:40:c6:aa:
35:ce:63:c1:0e:b6:b6:c6:75:45:cb:df:d6:8f:aa:
96:ed:14:c9:8e:ca:2c:22:84:e8:29:90:6b:32:c8:
84:94:a4:38:00:a6:b2:ab:9e:c7:31:d3:b1:26:00:
c3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:64:1E:11:4D:35:5C:BB:FA:11:1C:F4:5E:EB:C5:6F:1B:3B:17:00
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9WQeEU01XLv6ERz0XuvFbxs7FwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.137.0/24
195.62.24.0/24
195.211.190.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:51:88:a9:35:bf:fd:b6:b0:bd:96:7e:cb:47:4a:fb:5e:f4:
06:f1:af:cd:17:57:be:b2:55:27:63:57:24:9e:e6:23:eb:ef:
2b:94:75:2f:01:e5:bf:1c:4e:c6:1d:2e:2b:6a:6b:a6:bb:a2:
5d:4d:e9:25:f4:00:9a:a1:04:34:00:29:8e:d0:2f:d1:42:2f:
7c:8e:01:7c:3c:8f:d6:8b:00:47:f1:82:04:be:ac:95:6a:e9:
59:82:93:77:5a:13:96:4b:9a:a5:cd:71:b7:43:ce:67:c7:28:
c8:62:2a:1f:d9:09:d8:52:aa:a0:c9:a2:8b:68:8b:0a:e9:ea:
2e:d7:a0:67:09:fb:0c:41:2e:52:ee:88:10:28:5c:8b:86:fc:
d2:27:5e:a6:a3:31:42:e9:b7:63:c0:23:89:65:17:b3:05:f1:
c9:b4:0d:83:1f:b3:64:37:99:d5:7c:04:01:98:2b:47:07:f0:
a1:ec:46:e0:f3:fb:00:cb:b5:61:a0:2f:42:73:11:fa:1c:47:
3d:8e:20:17:89:92:16:80:a8:a7:dd:92:3b:24:f1:56:11:d7:
49:bd:d4:82:47:63:19:ab:60:6e:18:da:d7:ec:b3:85:b9:57:
0b:c7:52:20:08:4b:94:e8:d1:5a:08:bb:82:1c:54:01:0a:95:
cd:2f:5b:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOxykFaW+VCVIFoj9iOvkorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMjEwMTgxNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY0MWUxMTRkMzU1Y2JiZmExMTFjZjQ1ZWViYzU2ZjFiM2IxNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2G3b1KeIVwB2Hao2dov2sqhufQ3
rkp6otps5Rvtn4ghbe1MDyruW21XRqOyNZ1FJhE0LFh67YuhDuGbWJAS3w971Jou
3JYTF9kTD/S4Ue4dkXmmBU9UBIXoIJZ4V2JgBTvpzdEwyDjinLio5dsSlktV1+Od
EQoDwr9XlHErTkscfNqP+Wkm+oJ9NVE/RyYQQz+rjjKxlFenwcDIcncj9DQBf5Gd
p9dWaNw5Yh7onHlX05La7swDGH/8fbXa9TnzpWcR/ay79CLgx0ozC7ZAxqo1zmPB
Dra2xnVFy9/Wj6qW7RTJjsosIoToKZBrMsiElKQ4AKayq57HMdOxJgDDPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPVkHhFNNVy7+hEc9F7rxW8bOxcAMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOVdRZUVVMDFYTHY2RVJ6MFh1dkZieHM3RndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALViJAwQA
wz4YAwQBw9O+MA0GCSqGSIb3DQEBCwUAA4IBAQB6UYipNb/9trC9ln7LR0r7XvQG
8a/NF1e+slUnY1cknuYj6+8rlHUvAeW/HE7GHS4ramumu6JdTekl9ACaoQQ0ACmO
0C/RQi98jgF8PI/WiwBH8YIEvqyVaulZgpN3WhOWS5qlzXG3Q85nxyjIYiof2QnY
UqqgyaKLaIsK6eou16BnCfsMQS5S7ogQKFyLhvzSJ16mozFC6bdjwCOJZRezBfHJ
tA2DH7NkN5nVfAQBmCtHB/Ch7Ebg8/sAy7VhoC9CcxH6HEc9jiAXiZIWgKin3ZI7
JPFWEddJvdSCR2MZq2BuGNrX7LOFuVcLx1IgCEuU6NFaCLuCHFQBCpXNL1uJ
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:21 2025 by rpki-client