Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/P9gryuvTRUEI-wZAAwxeDANxHs0.roa
File: P9gryuvTRUEI-wZAAwxeDANxHs0.roa (raw, json)
Hash identifier: NqedYOdZuFNMrOqJwXaWHGuhg/CC6heJwovl0AAXq5A=
Subject key identifier: 3F:D8:2B:CA:EB:D3:45:41:08:FB:06:40:03:0C:5E:0C:03:71:1E:CD
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 019138854896C848B5F28B8A14FA818FA039
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/P9gryuvTRUEI-wZAAwxeDANxHs0.roa
Signing time: Fri 09 Aug 2024 19:02:24 +0000
ROA not before: Fri 09 Aug 2024 19:02:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.140.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 00:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:85:48:96:c8:48:b5:f2:8b:8a:14:fa:81:8f:a0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Aug 9 19:02:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fd82bcaebd3454108fb0640030c5e0c03711ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:20:a9:81:09:c0:f9:d5:1e:e3:51:78:1b:
e9:34:ec:2c:e3:95:3f:21:01:39:44:da:3e:9e:3f:
ad:55:79:b3:f7:ad:40:b3:3d:1e:fc:45:ac:af:14:
63:2c:93:50:86:7f:1f:e6:17:9f:69:f7:08:3a:00:
43:09:f2:81:af:5c:17:21:51:37:fa:8e:76:65:5c:
79:dc:82:81:ce:b6:9a:3e:64:07:19:48:ce:22:e5:
24:ff:f7:e5:02:af:60:22:7d:3c:bd:98:24:79:f8:
e6:57:b4:0f:6a:cb:66:f2:01:9e:14:92:2f:7f:be:
18:5e:32:09:85:b7:4f:a0:6d:30:c2:9b:35:b4:6e:
dd:81:b6:ed:3a:5a:f5:21:9c:e6:7d:14:2a:22:fb:
65:3a:cc:b5:b6:9d:98:b5:72:89:be:09:4b:d0:d3:
cc:3e:ce:3e:e8:94:72:0d:29:d9:15:00:98:b9:5a:
c0:3b:d8:b5:bb:aa:1f:62:a5:ad:dd:ec:d3:31:4a:
28:bf:9c:33:a8:89:aa:91:62:8d:ad:02:3b:dc:ce:
e7:92:8f:71:5a:f7:cb:20:85:0c:37:7b:d1:53:e6:
14:95:97:b9:ce:ef:ae:32:9c:56:af:db:83:a2:11:
f6:27:93:5c:5b:64:86:9a:2a:34:89:1a:0b:9c:e6:
f9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D8:2B:CA:EB:D3:45:41:08:FB:06:40:03:0C:5E:0C:03:71:1E:CD
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/P9gryuvTRUEI-wZAAwxeDANxHs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.247.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:01:7e:ec:15:33:b3:b0:4b:11:5c:42:42:96:70:db:65:8d:
f1:e2:eb:6f:55:bf:7e:36:9b:a5:45:c4:53:4a:6e:52:3a:fc:
2d:78:27:57:59:01:8f:b4:13:08:6b:ec:76:c2:ec:d6:bd:63:
a4:78:ed:e4:04:b6:66:2c:82:11:9b:30:86:1f:45:2d:ab:0a:
2e:bc:1a:a9:0a:30:67:5d:9b:3a:bd:c0:cb:5c:9e:1e:11:60:
7b:ef:01:e6:93:b2:28:41:d7:93:a2:2c:10:c6:85:2f:59:30:
19:f7:77:e6:05:9a:0c:b3:a6:e2:36:e6:b7:a4:8c:8d:3d:d6:
fb:dc:e5:bc:a7:b2:ec:33:f4:f6:06:b8:9a:46:62:86:2c:63:
b2:40:c9:d4:99:ab:ed:7d:2e:0f:2e:44:c0:33:d8:2b:ce:fb:
1f:43:17:02:1b:3e:02:4f:9c:32:6f:a8:ae:c7:21:e5:12:a6:
a5:8f:5a:22:af:8d:c2:03:a8:ab:3e:4a:a1:6e:71:7b:78:d7:
00:ba:78:c9:cb:62:a4:58:9d:1f:3d:cf:ea:2c:5e:2b:fe:52:
1b:fc:72:43:2c:12:b3:e5:c3:b6:74:b0:40:63:64:bb:7a:bf:
80:69:90:a7:69:15:7a:bd:d7:4f:9e:59:67:48:4f:88:23:07:
44:2b:f3:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE4hUiWyEi18ouKFPqBj6A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwODA5MTkwMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ4MmJjYWViZDM0NTQxMDhmYjA2NDAwMzBjNWUwYzAzNzExZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgsgqYEJwPnVHuNReBvpNOws45U/
IQE5RNo+nj+tVXmz961Asz0e/EWsrxRjLJNQhn8f5hefafcIOgBDCfKBr1wXIVE3
+o52ZVx53IKBzraaPmQHGUjOIuUk//flAq9gIn08vZgkefjmV7QPastm8gGeFJIv
f74YXjIJhbdPoG0wwps1tG7dgbbtOlr1IZzmfRQqIvtlOsy1tp2YtXKJvglL0NPM
Ps4+6JRyDSnZFQCYuVrAO9i1u6ofYqWt3ezTMUoov5wzqImqkWKNrQI73M7nko9x
WvfLIIUMN3vRU+YUlZe5zu+uMpxWr9uDohH2J5NcW2SGmio0iRoLnOb5NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/YK8rr00VBCPsGQAMMXgwDcR7NMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvUDlncnl1dlRSVUVJLXdaQUF3eGVEQU54SHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYz3MA0G
CSqGSIb3DQEBCwUAA4IBAQB+AX7sFTOzsEsRXEJClnDbZY3x4utvVb9+NpulRcRT
Sm5SOvwteCdXWQGPtBMIa+x2wuzWvWOkeO3kBLZmLIIRmzCGH0UtqwouvBqpCjBn
XZs6vcDLXJ4eEWB77wHmk7IoQdeToiwQxoUvWTAZ93fmBZoMs6biNua3pIyNPdb7
3OW8p7LsM/T2BriaRmKGLGOyQMnUmavtfS4PLkTAM9grzvsfQxcCGz4CT5wyb6iu
xyHlEqalj1oir43CA6irPkqhbnF7eNcAunjJy2KkWJ0fPc/qLF4r/lIb/HJDLBKz
5cO2dLBAY2S7er+AaZCnaRV6vddPnllnSE+IIwdEK/NG
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:11 2025 by rpki-client