Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/yiM5cIXeAZ0a2QUfSqeU3nI0YUQ.roa
File: yiM5cIXeAZ0a2QUfSqeU3nI0YUQ.roa (raw, json)
Hash identifier: HsxOhGyukNhSwmQOKdwYXSsBfve2IDCXFJZNzbM9pxA=
Subject key identifier: CA:23:39:70:85:DE:01:9D:1A:D9:05:1F:4A:A7:94:DE:72:34:61:44
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 0190A16B7C9440BD33A30979B4385476449A
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/yiM5cIXeAZ0a2QUfSqeU3nI0YUQ.roa
Signing time: Thu 11 Jul 2024 10:51:34 +0000
ROA not before: Thu 11 Jul 2024 10:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a02:340::/32 maxlen: 32
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 04 Oct 2024 08:11:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a1:6b:7c:94:40:bd:33:a3:09:79:b4:38:54:76:44:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Jul 11 10:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca23397085de019d1ad9051f4aa794de72346144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:44:78:1f:c9:b4:11:19:5b:58:a7:35:b2:
30:2c:ba:4a:21:2a:4c:37:ae:e8:2f:a7:59:30:b1:
cd:0a:fa:be:77:6a:23:fe:2f:24:f8:4b:66:52:2b:
22:be:ea:cd:52:e5:6e:b1:d6:15:43:40:82:af:b4:
80:9e:7c:27:25:95:40:41:98:e4:9c:b1:c3:87:24:
34:67:85:9a:65:1e:13:76:d3:4a:1a:13:05:93:23:
ce:a1:46:d2:b2:16:76:02:13:21:ff:1c:b2:55:5c:
bf:bf:19:49:c8:f2:57:0c:35:55:6c:89:2a:28:11:
a1:c0:60:7b:ae:bb:38:90:2d:9d:92:8e:dd:34:6f:
5f:db:03:38:9d:d9:a6:43:56:dc:22:95:e7:45:d5:
03:29:4f:45:0e:7f:37:5d:5e:51:f5:45:3c:a2:97:
cb:f3:45:37:15:6f:be:b1:db:3d:9f:a3:d8:38:f4:
6b:f7:12:3e:a3:3b:0f:53:36:2a:18:5d:82:40:6f:
89:bb:19:58:c3:f8:67:3c:0c:75:d7:c1:35:6c:6d:
8a:f4:9d:f3:f4:6f:18:09:f8:35:ba:ba:aa:ac:10:
c5:fd:b5:83:b4:d0:44:25:70:65:0a:98:ec:90:1b:
b8:da:04:c6:9c:4b:75:cc:3c:03:4f:34:ab:84:41:
9c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:23:39:70:85:DE:01:9D:1A:D9:05:1F:4A:A7:94:DE:72:34:61:44
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/yiM5cIXeAZ0a2QUfSqeU3nI0YUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a02:340::/32
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:85:71:48:56:27:f2:6c:00:32:27:30:e6:e7:76:2c:e2:29:
08:51:47:85:55:ee:c5:97:3e:fb:45:c5:70:32:75:8c:cb:67:
4b:dd:4c:8b:10:d8:a3:96:b5:d2:c1:1d:0b:87:3d:06:8a:58:
c8:00:51:6b:65:04:7b:1a:b0:f9:8a:6b:c2:3f:8c:4b:ae:aa:
b2:d8:28:3e:52:e0:09:ae:7a:bc:f4:0e:12:0e:a3:25:ed:9e:
66:b9:a8:ac:07:62:ba:49:3b:81:99:90:0c:b1:dc:21:e4:f2:
ee:78:e8:35:14:23:60:71:15:82:23:b9:23:d2:af:49:fe:7d:
36:36:5c:40:99:a8:66:21:e1:81:40:35:65:9b:53:47:01:00:
6f:79:f5:1a:da:3d:36:01:34:8d:13:bc:23:5c:53:52:98:cf:
0c:18:f4:16:73:89:3c:52:6a:04:c5:ef:af:89:0b:8c:ed:5d:
13:da:bd:6d:78:c0:c2:15:c7:ab:7a:eb:8d:af:f9:cb:ae:e4:
6e:f2:39:ac:9f:2f:b7:cb:d8:89:ee:3c:fb:44:de:10:64:c0:
b8:41:c6:06:e2:52:77:b0:37:93:7b:64:87:23:5e:9d:1d:45:
b7:13:7f:3b:b1:21:13:cd:35:58:e4:6f:59:7f:37:38:8b:34:
21:51:91:f0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZCha3yUQL0zowl5tDhUdkSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjQwNzExMTA1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTIzMzk3MDg1ZGUwMTlkMWFkOTA1MWY0YWE3OTRkZTcyMzQ2MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c5EeB/JtBEZW1inNbIwLLpKISpM
N67oL6dZMLHNCvq+d2oj/i8k+EtmUisivurNUuVusdYVQ0CCr7SAnnwnJZVAQZjk
nLHDhyQ0Z4WaZR4TdtNKGhMFkyPOoUbSshZ2AhMh/xyyVVy/vxlJyPJXDDVVbIkq
KBGhwGB7rrs4kC2dko7dNG9f2wM4ndmmQ1bcIpXnRdUDKU9FDn83XV5R9UU8opfL
80U3FW++sds9n6PYOPRr9xI+ozsPUzYqGF2CQG+JuxlYw/hnPAx118E1bG2K9J3z
9G8YCfg1urqqrBDF/bWDtNBEJXBlCpjskBu42gTGnEt1zDwDTzSrhEGccQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMojOXCF3gGdGtkFH0qnlN5yNGFEMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEveWlNNWNJWGVBWjBhMlFVZlNxZVUzbkkwWVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLZdcAwQE
UEJgAwQCucbIAwQCwxQUMBQEAgACMA4DBQAqAgNAAwUDKgqOwDANBgkqhkiG9w0B
AQsFAAOCAQEAWoVxSFYn8mwAMicw5ud2LOIpCFFHhVXuxZc++0XFcDJ1jMtnS91M
ixDYo5a10sEdC4c9BopYyABRa2UEexqw+Yprwj+MS66qstgoPlLgCa56vPQOEg6j
Je2eZrmorAdiukk7gZmQDLHcIeTy7njoNRQjYHEVgiO5I9KvSf59NjZcQJmoZiHh
gUA1ZZtTRwEAb3n1Gto9NgE0jRO8I1xTUpjPDBj0FnOJPFJqBMXvr4kLjO1dE9q9
bXjAwhXHq3rrja/5y67kbvI5rJ8vt8vYie48+0TeEGTAuEHGBuJSd7A3k3tkhyNe
nR1FtxN/O7EhE801WORvWX83OIs0IVGR8A==
-----END CERTIFICATE-----
Generated at Fri Oct 4 10:23:20 2024 by rpki-client on console-ams.rpki-client.org