Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/Q9HQdM5w8OW5f_OfBoobi5QUTw0.roa
File: Q9HQdM5w8OW5f_OfBoobi5QUTw0.roa (raw, json)
Hash identifier: z5JVthnLN8UN+sm27fH51Xh/oT2XxLt98vXhzNGYoFk=
Subject key identifier: 43:D1:D0:74:CE:70:F0:E5:B9:7F:F3:9F:06:8A:1B:8B:94:14:4F:0D
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 0191E5D6DAD5AADF79B73F99AB0D8049AFA4
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/Q9HQdM5w8OW5f_OfBoobi5QUTw0.roa
Signing time: Thu 12 Sep 2024 10:45:48 +0000
ROA not before: Thu 12 Sep 2024 10:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Sep 2024 07:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:d6:da:d5:aa:df:79:b7:3f:99:ab:0d:80:49:af:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Sep 12 10:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d1d074ce70f0e5b97ff39f068a1b8b94144f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:9e:f0:35:c4:c0:a4:22:4f:f8:78:40:ee:
4e:03:7d:2f:d8:7b:29:fb:0f:28:75:cc:35:26:a1:
08:88:c0:c8:22:76:21:3d:f3:a5:15:bf:f8:29:c9:
1e:43:30:62:8c:0d:60:55:81:41:94:07:bb:59:c7:
10:8b:f2:62:6e:38:4d:85:8e:2d:cc:fb:39:f0:2b:
8d:2d:bf:1e:5b:da:5a:13:24:07:a9:aa:c6:3a:fa:
3a:4c:40:b1:25:7e:45:a2:a9:8b:29:6a:fe:b6:28:
6c:c5:8f:a8:ba:f4:3d:0e:8e:99:8e:38:f7:ca:ee:
7b:0a:c6:c5:31:1e:ab:68:87:18:27:ff:52:b9:27:
05:0d:e1:40:87:a0:9f:ee:b4:d8:36:81:30:3a:4e:
ce:ab:d8:08:87:4d:27:7c:00:31:a0:60:ed:a9:d8:
81:7c:32:c0:5a:65:0e:14:00:ad:5b:9e:b6:dd:74:
a2:51:cf:15:2b:a7:58:06:11:af:d0:4a:7a:8d:9b:
df:12:98:78:ce:15:17:88:37:bf:ac:dc:b4:54:f6:
e1:67:75:d5:3e:d4:1c:3f:2d:70:39:a1:7c:df:bc:
d6:b1:61:08:10:14:41:5c:e9:0d:38:c2:d1:d0:e3:
f8:4a:ae:48:c7:0d:21:21:4b:08:4b:e9:03:22:d8:
0d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D1:D0:74:CE:70:F0:E5:B9:7F:F3:9F:06:8A:1B:8B:94:14:4F:0D
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/Q9HQdM5w8OW5f_OfBoobi5QUTw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
78.143.252.0/23
79.135.102.0/23
194.33.151.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:f8:7b:e3:e7:20:8f:36:a5:86:1c:fa:33:6c:54:12:f9:bd:
6d:14:6b:95:c5:20:29:8f:cb:9a:2b:a6:9c:31:63:39:45:1d:
3e:2f:e7:9f:12:21:a6:74:70:16:74:d9:5f:b4:a0:6e:20:c3:
60:38:b1:d8:59:f0:3c:50:d5:93:0b:68:9d:9b:c1:82:66:0c:
4b:26:8f:50:63:ed:ed:55:84:d6:0c:e7:bb:32:1f:88:15:cc:
35:fe:9a:17:4b:60:ab:7b:b8:06:cd:97:b4:4c:ea:3c:f3:46:
fb:2a:df:5c:07:bf:72:6b:41:e9:a6:d5:c7:72:93:aa:90:d6:
02:37:22:42:dc:06:48:e5:1f:ce:08:dd:51:27:a1:fc:9b:51:
b7:f2:b1:57:07:4c:aa:08:dd:49:fe:13:7b:a2:3d:f5:eb:c3:
56:6a:b4:6a:ac:62:26:a4:f7:64:50:95:4f:3e:3c:7b:10:50:
a0:cb:57:48:23:0b:65:ce:0e:e9:66:0f:bd:21:99:73:f1:ea:
48:f4:43:78:32:90:63:b1:d6:0d:fc:86:29:3d:69:10:0a:a9:
78:43:48:8e:94:e0:13:a9:c1:19:05:13:45:f2:8a:15:e6:38:
1f:b0:b0:47:53:69:72:b4:ea:cc:5f:88:46:e8:84:9d:f9:97:
bc:ed:eb:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHl1trVqt95tz+Zqw2ASa+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwOTEyMTA0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QxZDA3NGNlNzBmMGU1Yjk3ZmYzOWYwNjhhMWI4Yjk0MTQ0ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqae8DXEwKQiT/h4QO5OA30v2Hsp
+w8odcw1JqEIiMDIInYhPfOlFb/4KckeQzBijA1gVYFBlAe7WccQi/JibjhNhY4t
zPs58CuNLb8eW9paEyQHqarGOvo6TECxJX5FoqmLKWr+tihsxY+ouvQ9Do6Zjjj3
yu57CsbFMR6raIcYJ/9SuScFDeFAh6Cf7rTYNoEwOk7Oq9gIh00nfAAxoGDtqdiB
fDLAWmUOFACtW5623XSiUc8VK6dYBhGv0Ep6jZvfEph4zhUXiDe/rNy0VPbhZ3XV
PtQcPy1wOaF837zWsWEIEBRBXOkNOMLR0OP4Sq5Ixw0hIUsIS+kDItgNSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEPR0HTOcPDluX/znwaKG4uUFE8NMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvUTlIUWRNNXc4T1c1Zl9PZkJvb2JpNVFVVHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZCbAwQB
To/8AwQBT4dmAwQAwiGXMA0GCSqGSIb3DQEBCwUAA4IBAQB8+Hvj5yCPNqWGHPoz
bFQS+b1tFGuVxSApj8uaK6acMWM5RR0+L+efEiGmdHAWdNlftKBuIMNgOLHYWfA8
UNWTC2idm8GCZgxLJo9QY+3tVYTWDOe7Mh+IFcw1/poXS2Cre7gGzZe0TOo880b7
Kt9cB79ya0HpptXHcpOqkNYCNyJC3AZI5R/OCN1RJ6H8m1G38rFXB0yqCN1J/hN7
oj3168NWarRqrGImpPdkUJVPPjx7EFCgy1dIIwtlzg7pZg+9IZlz8epI9EN4MpBj
sdYN/IYpPWkQCql4Q0iOlOATqcEZBRNF8ooV5jgfsLBHU2lytOrMX4hG6ISd+Ze8
7etp
-----END CERTIFICATE-----
Generated at Sat Sep 28 09:32:10 2024 by rpki-client on console-fra.rpki-client.org