Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dt2n-gxKH7LxWwWS3LauRdpbITc.roa
File: dt2n-gxKH7LxWwWS3LauRdpbITc.roa (raw, json)
Hash identifier: 0fbW3BkLa4H2lTcSXN/ynwatQXJf2q4wfCKuD8jesFU=
Subject key identifier: 76:DD:A7:FA:0C:4A:1F:B2:F1:5B:05:92:DC:B6:AE:45:DA:5B:21:37
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019092A6CAE65C2F306E8C6D0A7AB052BD03
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dt2n-gxKH7LxWwWS3LauRdpbITc.roa
Signing time: Mon 08 Jul 2024 14:02:02 +0000
ROA not before: Mon 08 Jul 2024 14:02:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.67.117.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 15:46:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:a6:ca:e6:5c:2f:30:6e:8c:6d:0a:7a:b0:52:bd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 8 14:02:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76dda7fa0c4a1fb2f15b0592dcb6ae45da5b2137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e7:5b:c4:39:46:10:0b:b1:bd:dd:1a:74:87:
48:cc:e0:08:e9:e6:59:8c:d2:f1:7f:6f:95:71:c1:
24:79:a7:2a:79:6a:6c:42:38:c7:59:71:50:94:3d:
0d:7d:5e:08:1d:92:75:75:8f:49:c0:02:b7:20:e8:
3c:31:5e:63:eb:71:f8:67:25:a1:99:d8:5b:90:d1:
ef:a6:79:83:f7:ae:12:99:49:04:4f:8b:89:49:50:
cb:f0:85:73:ff:18:b7:e9:d2:a5:b4:59:10:56:f6:
29:1f:11:c4:78:85:7f:39:90:82:2b:46:5d:2e:92:
ed:ad:21:90:26:dc:1a:51:35:78:0a:24:8d:53:b7:
8d:74:40:c3:5a:c2:b2:0e:11:ac:3b:b4:2c:81:fc:
cf:07:db:88:74:a5:cf:85:f1:82:ef:4b:28:99:f9:
ee:6f:d5:28:47:b7:b3:18:f0:40:4c:f5:7c:68:b8:
27:af:b7:f0:70:a6:95:ba:2b:c5:ec:af:8e:5d:b1:
82:b9:22:3e:bd:01:b9:21:cb:3e:27:92:1b:29:5e:
5b:a4:78:84:c0:9e:b8:80:08:b4:e3:6d:eb:1c:b9:
25:66:be:3f:62:ae:e4:0e:ea:3b:ba:a3:dc:11:57:
12:19:3a:b6:83:33:43:25:22:15:0e:fa:6f:6f:ea:
03:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DD:A7:FA:0C:4A:1F:B2:F1:5B:05:92:DC:B6:AE:45:DA:5B:21:37
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/dt2n-gxKH7LxWwWS3LauRdpbITc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
91.242.71.0-91.242.73.255
91.242.75.0/24
185.40.105.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
49:52:fe:26:80:07:8e:f5:dc:17:9a:22:4d:a0:ab:85:0d:99:
a8:bd:ff:85:29:de:4f:b4:60:a4:86:09:b2:8d:2f:be:27:f9:
11:38:63:9d:b2:5f:e0:b5:65:ad:ce:a6:d5:08:df:b6:47:df:
3f:7b:d7:93:ef:9c:dc:20:1a:84:b6:72:91:a6:46:43:76:57:
64:75:2c:a4:22:99:dc:6c:e9:54:53:63:1e:b3:ce:7d:51:63:
ff:f4:84:e3:c8:09:48:75:ae:52:c7:43:9b:29:66:c4:da:f8:
1c:2d:42:df:64:0f:13:a4:5f:d1:97:30:e1:1f:e0:af:a0:58:
8b:00:fd:7e:77:b1:3c:1c:06:3b:42:cd:94:57:8d:d7:4a:e8:
b1:64:7c:44:ea:05:2a:d4:0e:b6:df:33:5e:83:55:21:3f:37:
1f:46:27:3a:a0:31:24:de:54:36:96:49:1f:7e:c4:c3:32:a3:
c0:ba:ed:25:ca:ea:15:04:a0:d9:86:e9:b4:1c:66:09:27:24:
63:8a:5a:18:9d:5e:ba:83:0e:ec:e6:e1:f5:80:5d:72:77:d5:
b0:2f:1e:cb:5c:38:a6:bb:1c:58:ff:0f:b5:4b:f1:83:4f:ec:
eb:a4:3f:d4:89:51:59:75:16:c0:43:c6:cb:dc:77:a4:aa:4e:
a9:0f:10:14
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZCSpsrmXC8wboxtCnqwUr0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNzA4MTQwMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRkYTdmYTBjNGExZmIyZjE1YjA1OTJkY2I2YWU0NWRhNWIyMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+dbxDlGEAuxvd0adIdIzOAI6eZZ
jNLxf2+VccEkeacqeWpsQjjHWXFQlD0NfV4IHZJ1dY9JwAK3IOg8MV5j63H4ZyWh
mdhbkNHvpnmD964SmUkET4uJSVDL8IVz/xi36dKltFkQVvYpHxHEeIV/OZCCK0Zd
LpLtrSGQJtwaUTV4CiSNU7eNdEDDWsKyDhGsO7QsgfzPB9uIdKXPhfGC70somfnu
b9UoR7ezGPBATPV8aLgnr7fwcKaVuivF7K+OXbGCuSI+vQG5Ics+J5IbKV5bpHiE
wJ64gAi0423rHLklZr4/Yq7kDuo7uqPcEVcSGTq2gzNDJSIVDvpvb+oDxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHbdp/oMSh+y8VsFkty2rkXaWyE3MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZHQybi1neEtIN0x4V3dXUzNMYXVSZHBiSVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALUN1MAwD
BABb8kcDBAFb8kgDBABb8ksDBAC5KGkDBADCtO4wDQYJKoZIhvcNAQELBQADggEB
AElS/iaAB4713BeaIk2gq4UNmai9/4Up3k+0YKSGCbKNL74n+RE4Y52yX+C1Za3O
ptUI37ZH3z9715PvnNwgGoS2cpGmRkN2V2R1LKQimdxs6VRTYx6zzn1RY//0hOPI
CUh1rlLHQ5spZsTa+BwtQt9kDxOkX9GXMOEf4K+gWIsA/X53sTwcBjtCzZRXjddK
6LFkfETqBSrUDrbfM16DVSE/Nx9GJzqgMSTeVDaWSR9+xMMyo8C67SXK6hUEoNmG
6bQcZgknJGOKWhidXrqDDuzm4fWAXXJ31bAvHstcOKa7HFj/D7VL8YNP7OukP9SJ
UVl1FsBDxsvcd6SqTqkPEBQ=
-----END CERTIFICATE-----
Generated at Wed Sep 4 18:42:07 2024 by rpki-client on console-ams.rpki-client.org