Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ryAslcURN5feAZIOkQxoBKhflTg.roa
File: ryAslcURN5feAZIOkQxoBKhflTg.roa (raw, json)
Hash identifier: YwBT8f6uIkwxkjNyOAmCuujg4+AQWKNXeo7MaX2pa8Q=
Subject key identifier: AF:20:2C:95:C5:11:37:97:DE:01:92:0E:91:0C:68:04:A8:5F:95:38
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01930B4C7A3F7AEF9A896FDE308512737310
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ryAslcURN5feAZIOkQxoBKhflTg.roa
Signing time: Fri 08 Nov 2024 10:23:01 +0000
ROA not before: Fri 08 Nov 2024 10:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
62.3.50.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b640::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0c:b641:50::/44 maxlen: 48
2a0c:b641:60::/44 maxlen: 48
2a0c:b641:150::/44 maxlen: 48
2a0c:b641:160::/44 maxlen: 48
2a0c:b641:530::/44 maxlen: 48
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
2a0c:b641:820::/44 maxlen: 48
2a0c:b641:cb0::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Nov 2024 08:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:4c:7a:3f:7a:ef:9a:89:6f:de:30:85:12:73:73:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 8 10:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af202c95c5113797de01920e910c6804a85f9538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d2:95:84:e4:6d:df:1e:fa:c9:56:87:11:48:
74:9f:d5:45:2a:f0:b9:52:90:2b:e1:61:57:21:1b:
d6:07:3b:3c:b9:21:f6:b6:82:cb:25:6d:e5:49:f0:
d1:5f:d2:20:c9:84:ab:31:23:7e:98:94:b6:c3:aa:
72:11:ee:5f:38:1c:13:61:9c:0c:f5:9d:a4:b5:6f:
39:58:b2:b1:fc:c2:f0:51:85:40:c0:0f:50:d8:3f:
35:04:ab:17:ed:3d:0a:33:55:9b:4a:67:8e:1d:9c:
15:61:13:bd:13:ee:6e:7a:cf:0f:b1:aa:40:11:e3:
16:67:42:ff:7c:28:5a:70:bf:10:f2:14:6f:7d:f3:
7b:b6:82:fa:26:c1:5f:b4:9e:60:a1:34:c5:51:50:
29:7e:2a:b7:3a:2d:01:6b:30:60:0b:da:5d:5f:c2:
f6:1f:5a:97:dd:83:43:2f:eb:24:57:22:4a:64:4a:
ed:ed:0a:2e:64:f5:3a:0f:f3:ad:08:06:b0:aa:b0:
05:92:2b:f1:f5:f4:bb:33:b7:39:8d:0a:64:aa:c5:
5d:c9:2d:f3:03:9f:c2:9c:65:b1:f8:f1:8e:fb:2b:
f5:20:e8:27:cb:28:4b:fd:5d:99:1a:db:18:ed:69:
5b:f8:9f:be:e5:3d:7c:b4:dc:5c:35:2c:aa:6f:55:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:20:2C:95:C5:11:37:97:DE:01:92:0E:91:0C:68:04:A8:5F:95:38
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ryAslcURN5feAZIOkQxoBKhflTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:150::-2a0c:b641:16f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:530::-2a0c:b641:54f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0c:b641:cb0::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
27:ea:a7:9f:85:86:a7:f6:35:bc:fd:01:7c:65:38:fa:0a:93:
d9:14:b0:9a:1c:ee:7f:05:d7:f5:19:62:70:06:ac:9a:bb:29:
86:6e:d3:45:db:20:d9:e3:68:35:3f:a8:97:eb:29:ce:c3:36:
42:42:17:af:7b:ee:a4:fb:c7:47:5a:7f:7b:b4:96:24:db:21:
51:ed:bf:86:e0:a8:60:86:3b:e5:58:fb:96:2a:f4:fe:bc:e2:
6d:bc:c3:d6:e8:ba:5b:dd:1c:05:a3:f7:45:d5:49:23:c0:d4:
11:4e:1b:94:7a:17:f4:64:1b:63:6c:09:8e:cd:14:87:50:ce:
b7:fc:fa:8f:7d:07:2e:51:4c:84:f5:7a:40:73:40:69:94:5d:
eb:64:e3:48:2b:0a:63:07:c4:19:bf:12:60:2c:40:42:ff:40:
17:c8:e2:ae:0f:70:cf:11:b8:b2:42:d8:7e:ae:59:44:c5:c3:
77:79:ea:9c:d0:f9:df:6c:e0:a6:8b:24:4c:40:f2:d9:c6:8c:
a9:b4:3b:4c:45:cf:50:2a:3b:fc:9e:36:a0:80:7f:8b:6f:59:
94:89:e6:80:7d:8f:13:a1:02:fa:00:b7:af:7f:70:5e:88:2f:
2a:13:4f:ba:77:fe:cb:c4:ef:6d:c2:36:e7:ba:97:ed:56:1c:
35:bc:61:e0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZMLTHo/eu+aiW/eMIUSc3MQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQxMTA4MTAyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIwMmM5NWM1MTEzNzk3ZGUwMTkyMGU5MTBjNjgwNGE4NWY5NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dKVhORt3x76yVaHEUh0n9VFKvC5
UpAr4WFXIRvWBzs8uSH2toLLJW3lSfDRX9IgyYSrMSN+mJS2w6pyEe5fOBwTYZwM
9Z2ktW85WLKx/MLwUYVAwA9Q2D81BKsX7T0KM1WbSmeOHZwVYRO9E+5ues8PsapA
EeMWZ0L/fChacL8Q8hRvffN7toL6JsFftJ5goTTFUVApfiq3Oi0BazBgC9pdX8L2
H1qX3YNDL+skVyJKZErt7QouZPU6D/OtCAawqrAFkivx9fS7M7c5jQpkqsVdyS3z
A5/CnGWx+PGO+yv1IOgnyyhL/V2ZGtsY7Wlb+J++5T18tNxcNSyqb1WzIQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFK8gLJXFETeX3gGSDpEMaASoX5U4MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvcnlBc2xjVVJONWZlQVpJT2tReG9CS2hmbFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjAYBAIAATASAwQALZph
AwQAPgMyAwQBwhxiMHYEAgACMHAwEAMFBioMtkADBwUqDLZBAAAwEgMHBCoMtkEA
UAMHBCoMtkEAYDASAwcEKgy2QQFQAwcEKgy2QQFgMBIDBwQqDLZBBTADBwQqDLZB
BUADBwAqDLZBBw8DBwQqDLZBCCADBwQqDLZBDLADBQAqD4QAMA0GCSqGSIb3DQEB
CwUAA4IBAQAn6qefhYan9jW8/QF8ZTj6CpPZFLCaHO5/Bdf1GWJwBqyauymGbtNF
2yDZ42g1P6iX6ynOwzZCQheve+6k+8dHWn97tJYk2yFR7b+G4KhghjvlWPuWKvT+
vOJtvMPW6Lpb3RwFo/dF1UkjwNQRThuUehf0ZBtjbAmOzRSHUM63/PqPfQcuUUyE
9XpAc0BplF3rZONIKwpjB8QZvxJgLEBC/0AXyOKuD3DPEbiyQth+rllExcN3eeqc
0PnfbOCmiyRMQPLZxoyptDtMRc9QKjv8njaggH+Lb1mUieaAfY8ToQL6ALevf3Be
iC8qE0+6d/7LxO9twjbnupftVhw1vGHg
-----END CERTIFICATE-----
Generated at Sun Nov 17 11:05:22 2024 by rpki-client on console-fra.rpki-client.org