Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/U7kuvM2SP5Ql2qqwJKJ5i8nCZL0.roa
File: U7kuvM2SP5Ql2qqwJKJ5i8nCZL0.roa (raw, json)
Hash identifier: KKNvhmq+uHN9T8vlO7HMI4KW1TlhqRn7Ejh52AJvgXU=
Subject key identifier: 53:B9:2E:BC:CD:92:3F:94:25:DA:AA:B0:24:A2:79:8B:C9:C2:64:BD
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01938D19ABE1649BF28B5C6492E87E93673A
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/U7kuvM2SP5Ql2qqwJKJ5i8nCZL0.roa
Signing time: Tue 03 Dec 2024 15:18:09 +0000
ROA not before: Tue 03 Dec 2024 15:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 45.92.77.0/24 maxlen: 24
77.72.81.0/24 maxlen: 24
146.19.93.0/24 maxlen: 24
188.93.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:19:ab:e1:64:9b:f2:8b:5c:64:92:e8:7e:93:67:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 3 15:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53b92ebccd923f9425daaab024a2798bc9c264bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:17:c3:9c:1b:c7:54:02:9c:cd:b3:09:f8:75:
99:19:0c:37:48:6e:85:2b:63:4a:00:28:06:52:e5:
1c:bb:d9:f3:dd:c0:58:d4:a1:40:e7:11:23:0c:91:
8c:6a:4b:15:dc:80:be:96:b7:d4:ec:ff:60:c6:78:
e5:af:ea:a1:41:41:e7:92:69:b1:af:b5:20:90:b9:
3f:26:f2:bb:d4:29:80:00:04:c8:58:45:23:e3:c8:
79:51:ec:ba:89:74:7d:82:e6:2a:05:f6:2d:04:29:
ff:2f:fb:a3:bf:6d:e5:f0:2f:91:a3:28:d3:48:e7:
b0:67:a7:35:6f:8b:dd:88:e5:67:92:a7:80:94:56:
4f:d0:17:7c:27:14:68:52:dc:00:3d:e5:b4:48:d0:
e2:fb:83:8c:00:63:bd:0e:b4:b4:16:08:49:34:b4:
cc:e5:b9:5d:29:61:51:cc:a7:8a:0d:5a:9c:38:e9:
52:ee:69:37:52:0d:2d:11:2e:25:cf:1a:bb:83:ee:
11:38:57:29:98:08:36:68:d7:0b:c2:0c:40:dc:bd:
69:24:c1:f0:6f:ca:da:36:d7:85:41:a8:57:d5:e3:
bd:31:a7:9c:20:de:2f:7c:e4:19:54:c4:03:2c:4c:
72:51:e5:a5:e1:4d:93:18:72:71:fc:6e:b4:c8:10:
46:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B9:2E:BC:CD:92:3F:94:25:DA:AA:B0:24:A2:79:8B:C9:C2:64:BD
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/U7kuvM2SP5Ql2qqwJKJ5i8nCZL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.77.0/24
77.72.81.0/24
146.19.93.0/24
188.93.138.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:30:77:84:4f:99:ed:e6:02:10:37:0d:87:1e:2b:ba:c1:e5:
df:98:25:d0:73:d9:ca:64:3b:ab:5a:f4:99:08:50:a5:28:e3:
2a:38:49:1a:f6:ae:9b:56:c1:54:70:ea:03:bd:a0:fa:a8:40:
f1:3d:90:5b:61:4e:75:2b:f9:51:12:c2:c5:93:65:6b:03:2f:
ba:da:35:32:d5:8f:2f:02:21:a8:44:53:09:96:bc:7c:21:2c:
1c:b3:83:38:80:c8:8b:89:f1:b0:e4:2d:1b:b2:b0:1b:70:7e:
5e:0e:ce:5a:1b:86:20:ea:59:d2:f6:99:98:72:8c:d5:a4:e7:
27:55:46:7d:1b:dc:0b:83:55:5f:c4:c9:38:2d:91:9d:8d:95:
fa:0c:11:7e:22:f1:cd:e7:94:c5:ae:59:e4:a2:af:f0:d1:6e:
e4:74:28:25:86:a7:f9:17:89:1b:37:48:69:9f:5f:bf:eb:02:
a7:0b:43:02:34:e4:f6:0f:27:08:62:73:fa:d7:56:42:14:1c:
38:2e:00:e0:a9:ab:c6:2d:f6:b3:6e:ec:56:69:64:62:e1:81:
3f:5b:94:cd:db:06:6e:78:67:3f:21:da:e5:0f:17:03:b5:1a:
e3:68:b5:bf:30:75:21:89:56:fc:0d:6b:ad:aa:a1:e1:31:9e:
10:0e:af:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZONGavhZJvyi1xkkuh+k2c6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjAzMTUxODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I5MmViY2NkOTIzZjk0MjVkYWFhYjAyNGEyNzk4YmM5YzI2NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRfDnBvHVAKczbMJ+HWZGQw3SG6F
K2NKACgGUuUcu9nz3cBY1KFA5xEjDJGMaksV3IC+lrfU7P9gxnjlr+qhQUHnkmmx
r7UgkLk/JvK71CmAAATIWEUj48h5Uey6iXR9guYqBfYtBCn/L/ujv23l8C+RoyjT
SOewZ6c1b4vdiOVnkqeAlFZP0Bd8JxRoUtwAPeW0SNDi+4OMAGO9DrS0FghJNLTM
5bldKWFRzKeKDVqcOOlS7mk3Ug0tES4lzxq7g+4ROFcpmAg2aNcLwgxA3L1pJMHw
b8raNteFQahX1eO9MaecIN4vfOQZVMQDLExyUeWl4U2TGHJx/G60yBBGbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFO5LrzNkj+UJdqqsCSieYvJwmS9MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvVTdrdXZNMlNQNVFsMnFxd0pLSjVpOG5DWkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVxNAwQA
TUhRAwQAkhNdAwQAvF2KMA0GCSqGSIb3DQEBCwUAA4IBAQCcMHeET5nt5gIQNw2H
Hiu6weXfmCXQc9nKZDurWvSZCFClKOMqOEka9q6bVsFUcOoDvaD6qEDxPZBbYU51
K/lREsLFk2VrAy+62jUy1Y8vAiGoRFMJlrx8ISwcs4M4gMiLifGw5C0bsrAbcH5e
Ds5aG4Yg6lnS9pmYcozVpOcnVUZ9G9wLg1VfxMk4LZGdjZX6DBF+IvHN55TFrlnk
oq/w0W7kdCglhqf5F4kbN0hpn1+/6wKnC0MCNOT2DycIYnP611ZCFBw4LgDgqavG
LfazbuxWaWRi4YE/W5TN2wZueGc/IdrlDxcDtRrjaLW/MHUhiVb8DWutqqHhMZ4Q
Dq8J
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:41:06 2025 by rpki-client