Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ejWeUZHbtdipUSJu9hNn2yhdHCA.roa
File: ejWeUZHbtdipUSJu9hNn2yhdHCA.roa (raw, json)
Hash identifier: yqMMrEY5aDN9NFMAn1/4WiMCD4uBtOO4A42XAIf/qts=
Subject key identifier: 7A:35:9E:51:91:DB:B5:D8:A9:51:22:6E:F6:13:67:DB:28:5D:1C:20
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01920A856B2EC25951FF1ECFC471202A5B57
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ejWeUZHbtdipUSJu9hNn2yhdHCA.roa
Signing time: Thu 19 Sep 2024 13:42:48 +0000
ROA not before: Thu 19 Sep 2024 13:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 15:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:85:6b:2e:c2:59:51:ff:1e:cf:c4:71:20:2a:5b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 19 13:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a359e5191dbb5d8a951226ef61367db285d1c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3f:8f:fc:da:65:61:7d:9f:8c:d5:45:6e:f8:
c3:08:57:8d:38:90:ce:60:b0:47:28:8c:3a:5c:59:
f5:65:d5:70:0b:d0:ca:0b:53:e7:e3:2a:be:e5:96:
2f:cc:cc:63:d5:f9:2b:92:91:31:79:77:16:84:ce:
69:dc:b0:d4:e3:7a:dd:f6:ea:48:51:58:0f:b0:79:
e4:b0:ae:7c:de:84:e2:1f:62:22:0d:d1:98:43:a3:
89:ee:fc:99:33:04:03:0f:d8:64:8d:54:45:d3:a3:
66:b0:6a:1c:8d:c9:9c:ed:e9:df:fc:64:fe:0d:e4:
6f:77:27:f0:16:bb:c9:80:82:66:9c:be:ef:d9:51:
a2:8d:9b:cb:ff:40:dd:da:b8:8b:e6:f0:f4:f7:a0:
1b:9a:6b:ad:aa:54:23:05:8a:b2:55:3c:bd:73:93:
72:de:5d:ec:28:31:da:18:8e:3f:03:e6:8b:ce:09:
21:85:e0:fd:c2:99:42:9b:09:e4:36:59:57:51:af:
c5:6d:e2:f0:39:54:d0:b5:4e:d0:2a:c9:45:76:1a:
4c:e7:e6:98:58:dd:b4:1e:c2:44:b4:f6:79:f8:cd:
9e:c3:2b:48:5a:77:b0:30:5e:63:00:37:da:0f:32:
57:66:b0:1f:f8:8a:bc:0f:b2:ea:49:cf:cb:60:a0:
2c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:35:9E:51:91:DB:B5:D8:A9:51:22:6E:F6:13:67:DB:28:5D:1C:20
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ejWeUZHbtdipUSJu9hNn2yhdHCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.13.190.0/24
45.94.170.0/24
91.223.110.0/24
195.211.188.0/24
195.211.190.0/23
Signature Algorithm: sha256WithRSAEncryption
41:a2:e4:df:4b:ce:e8:3e:cb:d4:16:0b:51:53:f5:9d:ab:bb:
5a:f7:de:e4:16:d1:a4:8c:58:ef:25:69:42:5e:9e:ac:f6:eb:
f2:79:cd:90:5a:c5:fa:86:54:b4:2d:60:a8:0f:50:a7:41:03:
e8:ce:dd:ec:6a:84:2d:f4:31:f6:50:00:9e:5c:7f:b1:a2:36:
78:73:76:36:14:28:00:3d:fd:ac:90:af:4f:2e:de:a7:a1:f5:
2e:fe:99:71:62:4c:9e:aa:53:e3:e3:b1:f3:18:08:e8:e0:6a:
5a:98:3f:f7:cb:6c:0b:3f:4d:ef:b5:a0:37:ca:23:87:e6:21:
71:b5:c2:c9:58:f5:0d:22:a6:3d:d6:7d:93:c2:b3:e0:a5:09:
dd:c1:28:c8:28:1f:86:43:78:ac:f0:8f:5a:c9:76:ab:91:44:
10:84:a5:7e:31:01:99:6c:00:a1:1b:1c:17:bf:0c:a1:41:05:
f2:7b:19:70:3f:33:64:34:a6:f9:b1:e4:80:78:df:0a:1f:a4:
48:dc:68:86:bc:e6:ef:8b:40:c3:7d:61:0e:04:31:c7:c9:e8:
99:7a:ee:d2:4b:95:5c:8c:f4:dc:8b:a0:95:ee:b4:d9:9f:9d:
7a:36:f3:77:54:59:a1:73:95:4a:5d:8d:ba:b3:cf:f2:09:70:
c3:c6:d7:d8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIKhWsuwllR/x7PxHEgKltXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTE5MTM0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTM1OWU1MTkxZGJiNWQ4YTk1MTIyNmVmNjEzNjdkYjI4NWQxYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj+P/NplYX2fjNVFbvjDCFeNOJDO
YLBHKIw6XFn1ZdVwC9DKC1Pn4yq+5ZYvzMxj1fkrkpExeXcWhM5p3LDU43rd9upI
UVgPsHnksK583oTiH2IiDdGYQ6OJ7vyZMwQDD9hkjVRF06NmsGocjcmc7enf/GT+
DeRvdyfwFrvJgIJmnL7v2VGijZvL/0Dd2riL5vD096AbmmutqlQjBYqyVTy9c5Ny
3l3sKDHaGI4/A+aLzgkhheD9wplCmwnkNllXUa/FbeLwOVTQtU7QKslFdhpM5+aY
WN20HsJEtPZ5+M2ewytIWnewMF5jADfaDzJXZrAf+Iq8D7LqSc/LYKAspwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHo1nlGR27XYqVEibvYTZ9soXRwgMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZWpXZVVaSGJ0ZGlwVVNKdTloTm4yeWhkSENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBbVUAwQA
LQ2+AwQALV6qAwQAW99uAwQAw9O8AwQBw9O+MA0GCSqGSIb3DQEBCwUAA4IBAQBB
ouTfS87oPsvUFgtRU/Wdq7ta997kFtGkjFjvJWlCXp6s9uvyec2QWsX6hlS0LWCo
D1CnQQPozt3saoQt9DH2UACeXH+xojZ4c3Y2FCgAPf2skK9PLt6nofUu/plxYkye
qlPj47HzGAjo4GpamD/3y2wLP03vtaA3yiOH5iFxtcLJWPUNIqY91n2TwrPgpQnd
wSjIKB+GQ3is8I9ayXarkUQQhKV+MQGZbAChGxwXvwyhQQXyexlwPzNkNKb5seSA
eN8KH6RI3GiGvObvi0DDfWEOBDHHyeiZeu7SS5VcjPTci6CV7rTZn516NvN3VFmh
c5VKXY26s8/yCXDDxtfY
-----END CERTIFICATE-----
Generated at Tue Sep 24 18:51:00 2024 by rpki-client on console-fra.rpki-client.org