Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zD4OUFxVrWWz4QPX_tmPsOqHRtw.roa
File: zD4OUFxVrWWz4QPX_tmPsOqHRtw.roa (raw, json)
Hash identifier: aYemidJ+1EzI2KQRuvRwJ683s++tloIVr+6IhwnVtHM=
Subject key identifier: CC:3E:0E:50:5C:55:AD:65:B3:E1:03:D7:FE:D9:8F:B0:EA:87:46:DC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E1A0DE208447B9E899BD9E073B1D37F70
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zD4OUFxVrWWz4QPX_tmPsOqHRtw.roa
Signing time: Thu 07 Mar 2024 17:55:01 +0000
ROA not before: Thu 07 Mar 2024 17:55:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210538
IP address blocks: 45.94.170.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Nov 2024 23:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:0d:e2:08:44:7b:9e:89:9b:d9:e0:73:b1:d3:7f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 7 17:55:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc3e0e505c55ad65b3e103d7fed98fb0ea8746dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a2:3f:ac:2f:d3:4a:ae:d2:1c:ed:dd:9d:96:
84:fa:cc:79:d0:89:85:7e:2c:0c:d4:c7:c4:ee:3c:
d8:b8:e9:08:94:51:31:35:19:f1:04:71:60:5e:0e:
fa:7b:d8:fb:6e:82:c3:62:6d:a6:72:98:1b:d9:e6:
06:2e:ea:73:6c:63:9c:63:b6:46:e2:e6:c5:f9:aa:
04:bf:85:b7:b7:2f:6d:ed:a5:e9:e3:c5:49:1b:b3:
65:d5:00:6e:af:10:80:a5:35:a7:df:e4:08:6a:f6:
55:71:7a:6f:6b:48:22:a9:dc:86:1f:a6:35:4d:ee:
78:80:1a:16:1f:d8:de:0b:76:b0:a4:26:97:99:82:
3b:d6:64:9f:0a:bd:34:13:14:87:12:48:78:25:72:
7a:9f:1e:c4:d5:7a:0d:a4:3e:79:bd:51:c4:28:04:
14:81:5c:cf:90:b9:2e:31:b1:d6:94:ac:a3:0f:c1:
ec:81:fa:35:a0:40:eb:96:71:a1:17:5e:7b:4d:cb:
ce:05:65:5b:fc:a4:9e:b2:0c:ce:11:d2:8d:fa:fd:
76:59:e1:20:18:bb:59:70:05:e4:13:12:75:ee:a5:
8f:fd:1b:87:28:d7:85:d0:20:cd:47:08:97:c5:73:
d2:34:c6:15:fc:95:c2:a2:21:9d:21:25:17:13:ee:
6d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:3E:0E:50:5C:55:AD:65:B3:E1:03:D7:FE:D9:8F:B0:EA:87:46:DC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/zD4OUFxVrWWz4QPX_tmPsOqHRtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.170.0/24
193.57.41.0/24
Signature Algorithm: sha256WithRSAEncryption
44:83:2a:5c:b1:b3:63:4c:d2:96:14:49:80:82:fc:ca:50:18:
08:8c:ea:a6:5f:10:f1:b8:74:ac:75:b4:16:63:09:e0:da:3f:
8b:45:d7:0f:a7:d1:bf:8e:25:f3:65:60:fe:62:81:92:d7:38:
81:81:ab:cf:75:b3:78:b9:94:bd:f8:34:38:2a:35:24:93:53:
77:78:a3:77:2d:7f:44:a4:1c:c0:38:1e:69:99:9d:3e:59:4e:
02:68:5f:a0:62:38:d6:f8:aa:6c:a3:a3:6d:42:2b:e2:fc:a4:
4c:ab:79:8f:60:99:a0:66:44:47:cb:7e:6d:b9:38:cb:11:e1:
33:84:c5:e8:99:52:9f:d9:42:7c:15:f2:73:06:df:b5:e7:f1:
68:49:57:11:ae:c9:8a:ed:2a:ed:e9:e0:67:a7:dc:38:c7:e2:
6b:fd:b3:ca:c1:e7:97:3b:71:97:18:2e:21:da:b4:ec:30:f9:
64:81:b6:f6:f1:3b:87:e7:4f:38:04:f2:c1:f5:03:05:f4:16:
72:1e:45:89:5d:3a:bf:6d:66:a9:48:03:2f:6a:91:64:90:b4:
c6:13:c6:4b:52:5d:29:2c:58:30:cc:47:9d:3a:c9:e6:ff:e9:
35:a1:fe:91:ee:6c:e5:6f:6f:f3:30:32:9b:f5:af:30:73:d5:
9a:d0:36:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4aDeIIRHueiZvZ4HOx039wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzA3MTc1NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzNlMGU1MDVjNTVhZDY1YjNlMTAzZDdmZWQ5OGZiMGVhODc0NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6I/rC/TSq7SHO3dnZaE+sx50ImF
fiwM1MfE7jzYuOkIlFExNRnxBHFgXg76e9j7boLDYm2mcpgb2eYGLupzbGOcY7ZG
4ubF+aoEv4W3ty9t7aXp48VJG7Nl1QBurxCApTWn3+QIavZVcXpva0giqdyGH6Y1
Te54gBoWH9jeC3awpCaXmYI71mSfCr00ExSHEkh4JXJ6nx7E1XoNpD55vVHEKAQU
gVzPkLkuMbHWlKyjD8Hsgfo1oEDrlnGhF157TcvOBWVb/KSesgzOEdKN+v12WeEg
GLtZcAXkExJ17qWP/RuHKNeF0CDNRwiXxXPSNMYV/JXCoiGdISUXE+5ttwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMw+DlBcVa1ls+ED1/7Zj7Dqh0bcMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvekQ0T1VGeFZyV1d6NFFQWF90bVBzT3FIUnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV6qAwQA
wTkpMA0GCSqGSIb3DQEBCwUAA4IBAQBEgypcsbNjTNKWFEmAgvzKUBgIjOqmXxDx
uHSsdbQWYwng2j+LRdcPp9G/jiXzZWD+YoGS1ziBgavPdbN4uZS9+DQ4KjUkk1N3
eKN3LX9EpBzAOB5pmZ0+WU4CaF+gYjjW+Kpso6NtQivi/KRMq3mPYJmgZkRHy35t
uTjLEeEzhMXomVKf2UJ8FfJzBt+15/FoSVcRrsmK7Srt6eBnp9w4x+Jr/bPKweeX
O3GXGC4h2rTsMPlkgbb28TuH5084BPLB9QMF9BZyHkWJXTq/bWapSAMvapFkkLTG
E8ZLUl0pLFgwzEedOsnm/+k1of6R7mzlb2/zMDKb9a8wc9Wa0DYF
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:22 2025 by rpki-client