Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UP6XhF9sqfL85gKHnHSCkc8IJdY.roa
File: UP6XhF9sqfL85gKHnHSCkc8IJdY.roa (raw, json)
Hash identifier: R3mqJcV51FyXO0J2QVKKt6JGyjUWFNjoACqk6Sj85SI=
Subject key identifier: 50:FE:97:84:5F:6C:A9:F2:FC:E6:02:87:9C:74:82:91:CF:08:25:D6
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01924395BF0049D2A86F3453C9616EA12AC7
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UP6XhF9sqfL85gKHnHSCkc8IJdY.roa
Signing time: Mon 30 Sep 2024 15:39:00 +0000
ROA not before: Mon 30 Sep 2024 15:39:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.129.128.0/24 maxlen: 24
45.132.50.0/24 maxlen: 24
194.26.138.0/24 maxlen: 24
213.109.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 22:38:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:95:bf:00:49:d2:a8:6f:34:53:c9:61:6e:a1:2a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Sep 30 15:39:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50fe97845f6ca9f2fce602879c748291cf0825d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c2:92:b3:3e:92:ef:fb:85:c4:4f:af:95:f5:
2b:eb:5a:d6:49:e6:f2:3f:4b:35:a1:cf:1d:81:93:
9d:9f:e1:ba:ea:e8:03:3a:b2:9b:63:e8:4a:99:da:
be:75:8e:fb:38:2d:1b:b8:54:79:dd:e2:3f:80:69:
f1:e6:36:18:92:5e:bd:64:6b:40:ef:61:ec:d9:a0:
25:e8:30:5e:7f:ab:e0:07:64:98:a0:4e:15:40:09:
73:ab:df:64:29:28:83:88:4c:08:94:9e:ad:ea:d5:
de:07:03:c9:03:d5:94:aa:93:60:7a:fd:19:95:70:
c2:66:ed:fe:45:53:d5:e1:af:8b:ef:41:89:35:c1:
70:67:a6:07:62:cb:37:da:31:52:41:cf:bf:f1:51:
90:ad:8d:de:18:5c:39:b4:07:00:da:aa:cc:06:81:
48:88:1e:89:60:bc:6d:fc:1a:d8:0f:35:c4:92:9a:
a7:0b:8f:2b:e4:9f:3f:8d:b8:7f:50:09:b5:55:7c:
08:b0:d1:1e:b9:9f:09:8b:8f:0a:19:5c:79:c6:ea:
6b:e0:66:17:64:22:90:67:94:08:ac:49:34:9a:bc:
c1:fe:88:65:61:cc:8f:40:a4:ed:f8:b9:51:d0:07:
d9:8a:54:7a:16:4f:db:dc:92:5c:40:3d:3a:bc:51:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:FE:97:84:5F:6C:A9:F2:FC:E6:02:87:9C:74:82:91:CF:08:25:D6
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UP6XhF9sqfL85gKHnHSCkc8IJdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.128.0/24
45.132.50.0/24
194.26.138.0/24
213.109.204.0/24
Signature Algorithm: sha256WithRSAEncryption
98:bc:a4:09:ac:ec:1f:77:ed:7b:82:42:76:12:9e:d5:ac:d7:
4d:72:7b:7f:c3:88:59:99:11:a0:9e:2b:3d:27:1d:d6:75:f9:
ab:ab:fb:07:3d:03:f0:6d:b2:46:0b:4a:23:70:04:b3:74:01:
cb:d3:44:27:fa:d4:46:70:3b:7d:c7:8d:60:38:b7:6e:b4:0b:
87:c5:80:78:86:5f:e1:d1:e0:8b:27:5b:a9:19:1d:46:c2:55:
4e:6a:e0:dd:9f:67:5b:ae:5c:20:93:7f:98:ab:c5:ae:ad:99:
0e:86:29:16:f2:bd:d2:ab:2f:e2:d7:7a:1c:4e:19:38:2e:f4:
d2:52:fe:05:d2:5f:8a:da:18:d3:75:4e:3f:f2:44:fb:f0:5b:
24:d1:26:5f:8c:3a:3d:07:2b:d0:56:2e:73:44:2e:94:16:73:
c1:3c:8b:a2:9e:17:74:5e:97:4c:80:59:e9:48:1c:5a:cc:a4:
e8:cf:ac:66:40:99:b9:17:ca:b7:94:9d:b7:91:0a:a5:fe:23:
94:0e:94:f4:14:3d:b4:fa:f6:2c:f5:f9:2f:c0:8f:0e:1b:10:
9f:86:4e:b9:82:e0:8e:a3:58:92:cc:ea:eb:15:7d:b5:2f:0a:
76:74:87:6a:0f:40:1a:5a:62:48:b5:b0:cc:15:b5:b6:dd:a8:
20:de:0a:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJDlb8ASdKobzRTyWFuoSrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwOTMwMTUzOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGZlOTc4NDVmNmNhOWYyZmNlNjAyODc5Yzc0ODI5MWNmMDgyNWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMKSsz6S7/uFxE+vlfUr61rWSeby
P0s1oc8dgZOdn+G66ugDOrKbY+hKmdq+dY77OC0buFR53eI/gGnx5jYYkl69ZGtA
72Hs2aAl6DBef6vgB2SYoE4VQAlzq99kKSiDiEwIlJ6t6tXeBwPJA9WUqpNgev0Z
lXDCZu3+RVPV4a+L70GJNcFwZ6YHYss32jFSQc+/8VGQrY3eGFw5tAcA2qrMBoFI
iB6JYLxt/BrYDzXEkpqnC48r5J8/jbh/UAm1VXwIsNEeuZ8Ji48KGVx5xupr4GYX
ZCKQZ5QIrEk0mrzB/ohlYcyPQKTt+LlR0AfZilR6Fk/b3JJcQD06vFFfQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFD+l4RfbKny/OYCh5x0gpHPCCXWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVVA2WGhGOXNxZkw4NWdLSG5IU0NrYzhJSmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYGAAwQA
LYQyAwQAwhqKAwQA1W3MMA0GCSqGSIb3DQEBCwUAA4IBAQCYvKQJrOwfd+17gkJ2
Ep7VrNdNcnt/w4hZmRGgnis9Jx3Wdfmrq/sHPQPwbbJGC0ojcASzdAHL00Qn+tRG
cDt9x41gOLdutAuHxYB4hl/h0eCLJ1upGR1GwlVOauDdn2dbrlwgk3+Yq8WurZkO
hikW8r3Sqy/i13ocThk4LvTSUv4F0l+K2hjTdU4/8kT78Fsk0SZfjDo9ByvQVi5z
RC6UFnPBPIuinhd0XpdMgFnpSBxazKToz6xmQJm5F8q3lJ23kQql/iOUDpT0FD20
+vYs9fkvwI8OGxCfhk65guCOo1iSzOrrFX21Lwp2dIdqD0AaWmJItbDMFbW23agg
3gpY
-----END CERTIFICATE-----
Generated at Tue Oct 15 23:26:16 2024 by rpki-client on console-fra.rpki-client.org