Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/g5oSBbCly9-pCraf5w29dzNgp0c.roa
File: g5oSBbCly9-pCraf5w29dzNgp0c.roa (raw, json)
Hash identifier: vwwiXHdO9qHgqzw4Bl/GkC8xvfwmTWpCO7+lAVlvEMk=
Subject key identifier: 83:9A:12:05:B0:A5:CB:DF:A9:0A:B6:9F:E7:0D:BD:77:33:60:A7:47
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 01930AEC57F505F59BC9370E7C7C7718368D
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/g5oSBbCly9-pCraf5w29dzNgp0c.roa
Signing time: Fri 08 Nov 2024 08:38:01 +0000
ROA not before: Fri 08 Nov 2024 08:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57829
IP address blocks: 45.93.140.0/22 maxlen: 24
95.141.80.0/20 maxlen: 24
185.134.124.0/22 maxlen: 24
2a02:f58::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0a:ec:57:f5:05:f5:9b:c9:37:0e:7c:7c:77:18:36:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Nov 8 08:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=839a1205b0a5cbdfa90ab69fe70dbd773360a747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:54:1e:de:e7:ab:cf:2e:4d:95:db:34:5d:10:
ad:7e:ed:ea:f8:8e:32:8a:4b:1c:ad:da:c4:88:48:
c3:8b:c2:20:1b:5e:63:78:c0:97:e3:c4:a8:28:4a:
be:37:3d:69:d1:e3:36:f4:af:cb:0c:9f:ed:04:e2:
7f:21:62:a1:43:8c:7a:31:82:d5:9d:30:64:a8:00:
0f:6c:79:97:a1:0e:24:a2:89:72:f0:b2:14:8c:ac:
d4:ff:4b:1a:56:c9:4f:7f:40:85:c0:bc:d4:87:1a:
51:4a:32:81:24:f8:fc:b6:b5:67:84:bb:0c:71:b9:
cc:a5:4c:0f:6b:60:3a:8f:c4:5d:05:dc:8a:70:e3:
7f:47:2b:00:1f:7f:5c:b7:d8:58:9e:e7:bd:dc:e1:
8c:78:7f:fc:b4:e4:91:f5:77:be:fc:62:00:8f:78:
ce:9e:72:46:18:ac:50:d3:96:27:ec:95:b0:9c:72:
a9:e4:a1:8d:46:6c:24:94:0b:7f:c5:26:63:9f:40:
5c:22:e3:ea:64:37:24:30:86:01:8f:13:94:20:8a:
c5:5f:97:0c:5f:ca:52:c2:97:c1:57:9e:7a:31:cd:
29:bb:bb:24:d0:65:3c:02:c4:a6:04:c1:dd:de:e6:
c5:87:76:ce:35:14:89:31:60:60:ea:70:98:2c:23:
0c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9A:12:05:B0:A5:CB:DF:A9:0A:B6:9F:E7:0D:BD:77:33:60:A7:47
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/g5oSBbCly9-pCraf5w29dzNgp0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.140.0/22
95.141.80.0/20
185.134.124.0/22
IPv6:
2a02:f58::/29
Signature Algorithm: sha256WithRSAEncryption
a5:b0:b7:b9:ba:bc:2a:49:5e:81:c1:88:b4:f3:a5:1a:58:56:
85:fc:c8:db:d2:fb:c0:41:30:9f:1d:56:05:2d:26:31:d1:eb:
b5:58:d8:f1:9a:12:30:c8:29:c6:64:83:25:d6:f0:20:c2:da:
cc:98:d0:14:30:f9:4f:e3:cf:4a:7d:44:4a:5c:d1:fc:7d:c0:
5c:30:9c:38:42:58:15:49:5f:7b:76:02:74:ce:fc:4c:a7:5d:
ea:81:ed:13:3b:64:8c:a3:67:fa:c2:d8:45:f8:37:f1:c7:e7:
f1:21:f5:b5:df:f4:79:21:45:4e:16:5d:3d:c4:5c:5d:74:0d:
61:ee:9d:5a:f7:46:0e:41:fe:af:f2:73:c1:c4:63:80:5c:90:
4b:2d:7f:4d:5e:1e:41:b6:b4:ca:c1:62:bb:ff:2c:41:a3:c7:
83:a9:1d:5b:35:8f:c6:cf:fc:40:89:e1:34:5f:5d:6b:e2:39:
b7:3b:d1:78:af:2e:bb:21:65:0a:1d:b9:77:92:69:92:84:e2:
6a:8b:2d:81:90:22:46:a1:30:95:a4:06:26:8c:66:b7:fe:d0:
49:94:82:49:0b:96:f7:31:30:41:96:9c:73:46:ec:5b:cc:fe:
26:b5:81:54:84:b4:e2:29:9f:ac:22:9e:9e:c2:cf:56:3b:c4:
6e:8a:c5:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMK7Ff1BfWbyTcOfHx3GDaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjQxMTA4MDgzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzlhMTIwNWIwYTVjYmRmYTkwYWI2OWZlNzBkYmQ3NzMzNjBhNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVQe3uerzy5Nlds0XRCtfu3q+I4y
ikscrdrEiEjDi8IgG15jeMCX48SoKEq+Nz1p0eM29K/LDJ/tBOJ/IWKhQ4x6MYLV
nTBkqAAPbHmXoQ4kooly8LIUjKzU/0saVslPf0CFwLzUhxpRSjKBJPj8trVnhLsM
cbnMpUwPa2A6j8RdBdyKcON/RysAH39ct9hYnue93OGMeH/8tOSR9Xe+/GIAj3jO
nnJGGKxQ05Yn7JWwnHKp5KGNRmwklAt/xSZjn0BcIuPqZDckMIYBjxOUIIrFX5cM
X8pSwpfBV556Mc0pu7sk0GU8AsSmBMHd3ubFh3bONRSJMWBg6nCYLCMMUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIOaEgWwpcvfqQq2n+cNvXczYKdHMB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEvZzVvU0JiQ2x5OS1wQ3JhZjV3Mjlkek5ncDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLV2MAwQE
X41QAwQCuYZ8MA0EAgACMAcDBQMqAg9YMA0GCSqGSIb3DQEBCwUAA4IBAQClsLe5
urwqSV6BwYi086UaWFaF/Mjb0vvAQTCfHVYFLSYx0eu1WNjxmhIwyCnGZIMl1vAg
wtrMmNAUMPlP489KfURKXNH8fcBcMJw4QlgVSV97dgJ0zvxMp13qge0TO2SMo2f6
wthF+Dfxx+fxIfW13/R5IUVOFl09xFxddA1h7p1a90YOQf6v8nPBxGOAXJBLLX9N
Xh5BtrTKwWK7/yxBo8eDqR1bNY/Gz/xAieE0X11r4jm3O9F4ry67IWUKHbl3kmmS
hOJqiy2BkCJGoTCVpAYmjGa3/tBJlIJJC5b3MTBBlpxzRuxbzP4mtYFUhLTiKZ+s
Ip6ews9WO8RuisUK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:56 2025 by rpki-client