Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P79OdXZgvzVt2vyumW2sqvauO2M.roa
File: P79OdXZgvzVt2vyumW2sqvauO2M.roa (raw, json)
Hash identifier: 3E3+vxK9GClEWJTC9crC7MB6QADNb0bvEmIQxz5gZ6s=
Subject key identifier: 3F:BF:4E:75:76:60:BF:35:6D:DA:FC:AE:99:6D:AC:AA:F6:AE:3B:63
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019224A90324E6CC79D5F87650A1EEB4B524
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P79OdXZgvzVt2vyumW2sqvauO2M.roa
Signing time: Tue 24 Sep 2024 15:31:48 +0000
ROA not before: Tue 24 Sep 2024 15:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Oct 2024 14:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:a9:03:24:e6:cc:79:d5:f8:76:50:a1:ee:b4:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 24 15:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fbf4e757660bf356ddafcae996dacaaf6ae3b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8b:02:fd:23:a2:d3:cb:d0:d8:b5:b2:22:4e:
f8:d3:3f:c1:1f:60:3b:90:2c:05:9b:69:76:b7:2f:
dd:81:8b:4a:88:9b:22:e2:ad:3b:90:4e:11:fc:88:
52:3f:ae:27:73:41:61:04:dc:ad:d0:ed:2f:59:58:
ab:11:ff:c2:57:58:c7:e4:c5:ac:82:dc:98:7f:a9:
c0:75:0d:7f:82:a0:8e:8d:04:43:7d:a9:c1:8a:75:
a8:22:c7:e0:f2:78:e4:29:76:24:a6:34:53:d3:bc:
7e:85:86:45:9b:53:80:c4:5e:3f:46:b1:72:e0:ee:
09:40:03:fd:ca:04:18:73:1a:26:39:64:ca:73:48:
c8:6b:72:04:f2:24:7e:18:54:85:fa:7a:18:bc:77:
92:62:11:c2:7b:28:d6:2f:2b:ff:d9:86:31:6b:19:
92:d1:57:87:e6:08:90:18:5c:92:11:f3:03:5d:a6:
5e:b3:57:30:c8:0e:a8:7e:9b:5d:ff:e1:82:1f:c8:
1e:47:8c:f5:6f:d4:13:77:64:6a:73:3a:fe:06:fb:
e7:fe:66:2d:a3:66:2e:f0:ba:7d:b4:d4:d7:2f:06:
ce:1b:e8:4f:c0:20:af:ed:01:5c:c0:96:38:24:aa:
5b:ac:7d:0e:c2:a0:83:17:70:79:53:3e:5b:8f:ab:
86:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BF:4E:75:76:60:BF:35:6D:DA:FC:AE:99:6D:AC:AA:F6:AE:3B:63
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P79OdXZgvzVt2vyumW2sqvauO2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.13.190.0/24
45.94.170.0/24
91.223.110.0/24
195.211.188.0/24
195.211.191.0/24
Signature Algorithm: sha256WithRSAEncryption
33:03:fd:a4:92:f7:f7:38:1d:3c:35:7a:f9:26:f7:9b:7e:db:
96:bf:5c:a9:b5:de:c2:e4:f9:54:ef:fd:bc:59:19:84:54:54:
97:8d:4f:bf:70:f5:51:a0:a7:18:0f:e5:d5:53:dc:45:97:24:
df:06:ef:f7:f9:73:7d:27:e4:c9:e8:0b:c8:cb:a7:e8:eb:3c:
03:12:d5:8d:f4:47:41:bc:4f:39:d2:24:74:79:c0:b7:fe:cf:
31:f8:4e:6b:47:0a:0d:1f:73:81:07:2f:53:64:02:03:cd:9b:
ea:a6:fc:83:bd:37:f5:af:04:ae:89:a7:37:69:a8:06:1b:78:
de:1f:83:42:4e:27:ba:b4:78:6c:d5:20:83:47:e3:ad:48:45:
0d:c1:73:48:c2:da:d1:e0:15:11:b2:79:50:83:a6:00:25:f1:
3b:40:17:cb:f8:7a:05:54:9d:d4:b7:6f:82:9d:54:33:b8:65:
e5:33:26:11:c0:e5:3b:b1:98:97:2f:18:c2:13:bb:20:f5:ae:
41:79:e4:77:f1:84:f9:dd:34:88:b7:88:de:74:cc:d9:a8:83:
c2:b9:ff:9a:9b:a6:0a:fd:d8:fc:6a:63:a0:e0:b7:01:b4:5b:
8b:59:be:0b:8d:a7:9c:89:91:5d:91:6c:e4:12:43:69:3b:fa:
d2:8a:37:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIkqQMk5sx51fh2UKHutLUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTI0MTUzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmJmNGU3NTc2NjBiZjM1NmRkYWZjYWU5OTZkYWNhYWY2YWUzYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYsC/SOi08vQ2LWyIk740z/BH2A7
kCwFm2l2ty/dgYtKiJsi4q07kE4R/IhSP64nc0FhBNyt0O0vWVirEf/CV1jH5MWs
gtyYf6nAdQ1/gqCOjQRDfanBinWoIsfg8njkKXYkpjRT07x+hYZFm1OAxF4/RrFy
4O4JQAP9ygQYcxomOWTKc0jIa3IE8iR+GFSF+noYvHeSYhHCeyjWLyv/2YYxaxmS
0VeH5giQGFySEfMDXaZes1cwyA6ofptd/+GCH8geR4z1b9QTd2Rqczr+Bvvn/mYt
o2Yu8Lp9tNTXLwbOG+hPwCCv7QFcwJY4JKpbrH0OwqCDF3B5Uz5bj6uGuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD+/TnV2YL81bdr8rpltrKr2rjtjMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUDc5T2RYWmd2elZ0MnZ5dW1XMnNxdmF1TzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBbVUAwQA
LQ2+AwQALV6qAwQAW99uAwQAw9O8AwQAw9O/MA0GCSqGSIb3DQEBCwUAA4IBAQAz
A/2kkvf3OB08NXr5JvebftuWv1yptd7C5PlU7/28WRmEVFSXjU+/cPVRoKcYD+XV
U9xFlyTfBu/3+XN9J+TJ6AvIy6fo6zwDEtWN9EdBvE850iR0ecC3/s8x+E5rRwoN
H3OBBy9TZAIDzZvqpvyDvTf1rwSuiac3aagGG3jeH4NCTie6tHhs1SCDR+OtSEUN
wXNIwtrR4BURsnlQg6YAJfE7QBfL+HoFVJ3Ut2+CnVQzuGXlMyYRwOU7sZiXLxjC
E7sg9a5BeeR38YT53TSIt4jedMzZqIPCuf+am6YK/dj8amOg4LcBtFuLWb4Ljaec
iZFdkWzkEkNpO/rSijea
-----END CERTIFICATE-----
Generated at Thu Oct 17 17:19:20 2024 by rpki-client on console-fra.rpki-client.org