Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8ruduinpsctE7hS4ApzFnG3tXM0.roa
File: 8ruduinpsctE7hS4ApzFnG3tXM0.roa (raw, json)
Hash identifier: BClhgO60OhWR+f7uBGBNeDtcUhUEXrtmx8dVvKP2Gq8=
Subject key identifier: F2:BB:9D:BA:29:E9:B1:CB:44:EE:14:B8:02:9C:C5:9C:6D:ED:5C:CD
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01893E503304800A3A55AD38DFA7EB262675
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8ruduinpsctE7hS4ApzFnG3tXM0.roa
Signing time: Mon 10 Jul 2023 05:39:50 +0000
ROA not before: Mon 10 Jul 2023 05:39:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.15.96.0/24 maxlen: 24
188.209.128.0/22 maxlen: 22
194.15.99.0/24 maxlen: 24
45.65.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 08:39:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:50:33:04:80:0a:3a:55:ad:38:df:a7:eb:26:26:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jul 10 05:39:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2bb9dba29e9b1cb44ee14b8029cc59c6ded5ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:61:34:a3:a2:b9:a7:21:e1:ce:cd:26:7a:d5:
fe:eb:e1:3d:44:31:c4:c0:11:01:6a:d7:d4:81:c8:
fa:ef:03:82:8e:f5:b7:c8:61:ef:67:c5:fb:e8:a4:
23:2e:fd:85:ff:bd:6b:b7:2a:f5:fe:3c:c7:34:2a:
23:4b:ec:9b:cb:72:63:d8:39:9b:83:29:b9:8a:63:
ec:17:cf:6c:6c:bf:7d:f3:bb:41:98:de:08:d3:46:
d3:80:cd:36:1d:94:28:b7:ba:d6:f3:41:99:f8:38:
e0:7f:c3:20:aa:48:66:ed:91:d7:06:1f:ae:95:45:
4e:77:71:b6:8c:47:18:cc:83:ba:42:27:4a:53:d6:
f3:6b:78:21:ad:ac:bc:89:ad:ef:55:16:85:eb:a2:
15:62:20:c1:60:6c:0b:53:e4:b7:fd:7f:52:27:ff:
09:48:6c:52:b1:bf:3b:14:bb:96:38:fa:68:2c:3b:
db:fd:7d:bc:30:5d:c2:b8:4a:c9:69:ab:4f:7b:ce:
35:55:cd:50:23:10:cb:c0:60:79:09:09:a0:9e:78:
05:88:56:f2:a4:ef:cf:74:de:73:27:59:ec:a1:17:
25:68:47:f3:ea:9c:f8:be:05:9e:46:41:35:f1:d0:
ce:6f:37:ae:53:01:67:01:80:ea:75:5f:25:a7:9d:
c3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BB:9D:BA:29:E9:B1:CB:44:EE:14:B8:02:9C:C5:9C:6D:ED:5C:CD
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8ruduinpsctE7hS4ApzFnG3tXM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.113.0/24
188.209.128.0/22
194.15.96.0/24
194.15.99.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a5:84:50:40:37:73:01:ec:b3:85:4f:2d:86:ef:40:fe:83:
d7:af:ae:b8:92:0b:3f:45:2f:e3:4e:02:2d:1f:42:97:95:fa:
29:bf:ff:fb:1d:fc:79:47:e5:c7:62:82:39:53:1e:db:eb:a0:
bc:55:c2:05:2e:61:be:65:86:05:75:1d:5d:0d:24:77:fc:47:
cb:4c:39:49:e7:50:37:f3:66:e8:39:5f:ed:eb:46:40:6a:9a:
ea:1d:b3:e9:5f:d9:09:50:07:78:55:0d:b3:6e:6e:af:18:5f:
69:cd:50:5a:3d:5b:77:59:44:0c:de:51:00:24:02:5e:f6:cb:
0b:9c:c6:5c:3e:44:7e:cd:12:fb:ea:d2:bf:64:29:ce:13:e3:
48:24:03:45:90:08:92:6b:e6:7c:24:4d:59:16:c5:f5:32:43:
df:ea:0a:e1:cf:bb:46:4f:73:b8:5f:56:b2:85:3c:53:13:a8:
ee:86:53:96:a3:82:11:26:67:41:36:ff:d9:87:d3:fb:c5:6e:
33:c0:08:3d:99:03:d1:1d:75:ac:35:a0:cc:3c:cb:5e:3e:8c:
4a:7c:8c:14:f2:7d:a7:38:97:78:8b:97:d1:44:bc:8d:8d:ea:
3c:c6:c5:92:c2:c9:5b:78:43:37:9e:92:12:ec:b9:04:13:3a:
a3:3e:e8:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYk+UDMEgAo6Va0436frJiZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNzEwMDUzOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJiOWRiYTI5ZTliMWNiNDRlZTE0YjgwMjljYzU5YzZkZWQ1Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWE0o6K5pyHhzs0metX+6+E9RDHE
wBEBatfUgcj67wOCjvW3yGHvZ8X76KQjLv2F/71rtyr1/jzHNCojS+yby3Jj2Dmb
gym5imPsF89sbL9987tBmN4I00bTgM02HZQot7rW80GZ+Djgf8Mgqkhm7ZHXBh+u
lUVOd3G2jEcYzIO6QidKU9bza3ghray8ia3vVRaF66IVYiDBYGwLU+S3/X9SJ/8J
SGxSsb87FLuWOPpoLDvb/X28MF3CuErJaatPe841Vc1QIxDLwGB5CQmgnngFiFby
pO/PdN5zJ1nsoRclaEfz6pz4vgWeRkE18dDObzeuUwFnAYDqdV8lp53DxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPK7nbop6bHLRO4UuAKcxZxt7VzNMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvOHJ1ZHVpbnBzY3RFN2hTNEFwekZuRzN0WE0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALUFxAwQC
vNGAAwQAwg9gAwQAwg9jMA0GCSqGSIb3DQEBCwUAA4IBAQBcpYRQQDdzAeyzhU8t
hu9A/oPXr664kgs/RS/jTgItH0KXlfopv//7Hfx5R+XHYoI5Ux7b66C8VcIFLmG+
ZYYFdR1dDSR3/EfLTDlJ51A382boOV/t60ZAaprqHbPpX9kJUAd4VQ2zbm6vGF9p
zVBaPVt3WUQM3lEAJAJe9ssLnMZcPkR+zRL76tK/ZCnOE+NIJANFkAiSa+Z8JE1Z
FsX1MkPf6grhz7tGT3O4X1ayhTxTE6juhlOWo4IRJmdBNv/Zh9P7xW4zwAg9mQPR
HXWsNaDMPMtePoxKfIwU8n2nOJd4i5fRRLyNjeo8xsWSwslbeEM3npIS7LkEEzqj
Puhe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org