Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7RJ1QPgWdRFYl4eYUEKpKVBxmnM.roa
File: 7RJ1QPgWdRFYl4eYUEKpKVBxmnM.roa (raw, json)
Hash identifier: mXToeyPL7OBZZo+GPfgaYMuYW/D3Dxz7FaoEdTCAZEU=
Subject key identifier: ED:12:75:40:F8:16:75:11:58:97:87:98:50:42:A9:29:50:71:9A:73
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0191C8AE2A05ADD543551E704F83D9199D6A
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7RJ1QPgWdRFYl4eYUEKpKVBxmnM.roa
Signing time: Fri 06 Sep 2024 18:52:22 +0000
ROA not before: Fri 06 Sep 2024 18:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.132.50.0/24 maxlen: 24
185.140.172.0/24 maxlen: 24
194.26.138.0/24 maxlen: 24
213.109.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c8:ae:2a:05:ad:d5:43:55:1e:70:4f:83:d9:19:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Sep 6 18:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed127540f8167511589787985042a92950719a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:de:2e:11:25:c8:04:b2:34:21:99:46:69:
09:64:5c:bf:e1:42:45:08:f7:32:52:db:7d:87:c7:
1a:51:ef:6d:87:1f:6b:74:52:19:f1:d1:e5:3d:a9:
5c:03:82:d5:53:0a:ff:f1:c4:41:6b:fd:55:1b:8a:
91:5d:1f:84:c6:91:40:c7:bc:9a:d5:b4:aa:5c:c9:
dc:ad:42:ad:49:b4:16:48:f1:7d:f7:d9:82:9b:a8:
13:3e:a9:32:73:09:33:be:a7:b4:49:e8:e8:df:b1:
df:0a:35:13:6d:66:c4:8d:dd:a9:38:1c:e0:1e:54:
4a:40:18:f3:6e:c0:c0:84:83:57:ef:ab:03:84:bc:
20:1f:b7:d8:f0:30:7e:00:3e:12:35:86:bd:2c:0d:
65:c0:e2:a7:03:cb:a0:30:53:ba:7f:96:ee:e9:67:
37:05:85:52:6c:2d:d5:8e:00:b1:06:de:88:81:0c:
8b:1a:36:c6:e3:97:39:33:ac:dc:80:38:22:28:38:
8e:8c:1f:6e:db:7c:de:ca:3e:a1:01:04:a7:6a:89:
c7:f9:8b:15:5c:35:d4:0b:83:84:19:41:80:f3:2b:
c9:e1:b3:20:9a:b8:3f:9b:83:d5:de:dc:8b:e9:86:
a2:10:1e:cd:8a:6a:de:f3:60:4b:90:27:f1:ee:70:
52:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:12:75:40:F8:16:75:11:58:97:87:98:50:42:A9:29:50:71:9A:73
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7RJ1QPgWdRFYl4eYUEKpKVBxmnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.50.0/24
185.140.172.0/24
194.26.138.0/24
213.109.204.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:72:80:3e:8e:6e:fa:07:e5:76:20:ff:53:56:80:12:c4:6d:
7e:18:14:a1:64:b3:b8:0e:1c:b2:a4:6b:bf:6c:8a:6b:94:39:
0d:68:f2:58:e5:a5:9f:4e:e2:64:82:42:08:21:b0:69:0d:65:
bc:c2:40:98:1a:ec:0f:5a:64:11:4b:72:27:1d:82:f6:b4:90:
fe:a5:36:1e:9b:60:8f:57:88:7d:78:91:dd:88:94:c5:73:77:
34:2f:54:0a:ce:89:a9:91:52:90:97:b0:cc:fd:13:48:e1:76:
72:8f:dc:2d:9f:90:83:b4:5a:7b:ca:5a:59:5b:e0:b2:bd:b7:
dd:64:b4:3c:9e:54:0c:f0:10:49:dc:af:93:56:1c:f8:ec:45:
7e:c3:a4:5c:17:ea:a7:80:cd:8b:f1:ae:ef:4b:36:c8:01:fe:
51:1c:12:58:6f:74:72:95:e3:fc:4a:e9:cc:cf:f5:01:32:be:
30:88:af:7f:ce:dc:a3:9e:5b:65:20:54:7e:0d:69:7c:45:c1:
b8:1f:fe:61:9b:e5:56:02:5c:91:00:65:5d:e6:c3:22:5e:bd:
e0:c0:70:70:85:c8:ec:7f:ce:80:93:3c:1c:f5:80:85:f0:5c:
1d:d9:f8:28:0a:08:ac:80:3e:94:57:90:54:b1:57:d3:10:08:
42:a2:04:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHIrioFrdVDVR5wT4PZGZ1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwOTA2MTg1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDEyNzU0MGY4MTY3NTExNTg5Nzg3OTg1MDQyYTkyOTUwNzE5YTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWzeLhElyASyNCGZRmkJZFy/4UJF
CPcyUtt9h8caUe9thx9rdFIZ8dHlPalcA4LVUwr/8cRBa/1VG4qRXR+ExpFAx7ya
1bSqXMncrUKtSbQWSPF999mCm6gTPqkycwkzvqe0Sejo37HfCjUTbWbEjd2pOBzg
HlRKQBjzbsDAhINX76sDhLwgH7fY8DB+AD4SNYa9LA1lwOKnA8ugMFO6f5bu6Wc3
BYVSbC3VjgCxBt6IgQyLGjbG45c5M6zcgDgiKDiOjB9u23zeyj6hAQSnaonH+YsV
XDXUC4OEGUGA8yvJ4bMgmrg/m4PV3tyL6YaiEB7Nimre82BLkCfx7nBS/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO0SdUD4FnURWJeHmFBCqSlQcZpzMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvN1JKMVFQZ1dkUkZZbDRlWVVFS3BLVkJ4bW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYQyAwQA
uYysAwQAwhqKAwQA1W3MMA0GCSqGSIb3DQEBCwUAA4IBAQAqcoA+jm76B+V2IP9T
VoASxG1+GBShZLO4DhyypGu/bIprlDkNaPJY5aWfTuJkgkIIIbBpDWW8wkCYGuwP
WmQRS3InHYL2tJD+pTYem2CPV4h9eJHdiJTFc3c0L1QKzompkVKQl7DM/RNI4XZy
j9wtn5CDtFp7ylpZW+CyvbfdZLQ8nlQM8BBJ3K+TVhz47EV+w6RcF+qngM2L8a7v
SzbIAf5RHBJYb3RyleP8SunMz/UBMr4wiK9/ztyjnltlIFR+DWl8RcG4H/5hm+VW
AlyRAGVd5sMiXr3gwHBwhcjsf86Akzwc9YCF8Fwd2fgoCgisgD6UV5BUsVfTEAhC
ogSc
-----END CERTIFICATE-----
Generated at Thu Sep 12 14:04:23 2024 by rpki-client on console-ams.rpki-client.org