Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Abxqm2wzF_bqmCPdrI6THdC08Uc.roa
File: Abxqm2wzF_bqmCPdrI6THdC08Uc.roa (raw, json)
Hash identifier: R5yAo7regaC8FfbshnnPvw7eR69HjwbnWvo+2VUFUI4=
Subject key identifier: 01:BC:6A:9B:6C:33:17:F6:EA:98:23:DD:AC:8E:93:1D:D0:B4:F1:47
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019377D99DBE652C4E8D4EA5DC4FC6F8D5A6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Abxqm2wzF_bqmCPdrI6THdC08Uc.roa
Signing time: Fri 29 Nov 2024 12:16:10 +0000
ROA not before: Fri 29 Nov 2024 12:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44948
IP address blocks: 45.131.184.0/22 maxlen: 24
109.61.104.0/21 maxlen: 24
185.238.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 08:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:d9:9d:be:65:2c:4e:8d:4e:a5:dc:4f:c6:f8:d5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 29 12:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bc6a9b6c3317f6ea9823ddac8e931dd0b4f147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f8:04:08:f9:93:fc:2e:9b:ae:76:7b:02:72:
78:70:dd:22:c3:f1:49:d3:37:d9:9c:46:25:4d:13:
04:0b:18:fd:8d:ad:73:ef:e2:b9:58:3f:82:5e:2b:
76:c8:00:6d:45:30:3a:e8:32:ba:93:09:63:bb:ff:
e2:cb:87:d3:98:2d:10:dd:bb:5c:53:37:d2:ee:28:
a7:87:13:fe:94:dc:0b:52:59:ac:d0:d9:50:69:9b:
74:67:c7:e2:80:a6:b2:e9:0a:25:42:ba:e2:a2:34:
1f:b1:55:f1:ca:8e:cb:b2:34:65:22:5d:bc:aa:07:
4c:5d:df:95:c3:8d:3d:fe:6b:bd:b3:75:05:66:62:
61:9d:57:f6:32:43:8d:84:e9:9c:b4:89:02:cd:19:
f8:cd:a5:70:e8:ff:3f:5e:0f:25:fc:2e:9c:ef:92:
f0:40:c6:87:7e:8f:da:81:de:20:7a:e4:d6:8b:a8:
8f:c0:94:06:f4:ea:65:e9:e2:25:ff:32:6f:13:d0:
2b:5f:83:65:2c:5d:18:23:72:b1:12:03:9d:49:67:
55:2e:f0:95:af:5b:07:75:bc:18:9c:5a:e9:84:92:
f1:d4:cc:7c:b4:e8:a0:e0:fb:9d:2f:25:a1:dc:0d:
36:5f:a8:c2:2c:30:c8:a0:36:99:ce:91:56:18:2b:
bd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BC:6A:9B:6C:33:17:F6:EA:98:23:DD:AC:8E:93:1D:D0:B4:F1:47
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Abxqm2wzF_bqmCPdrI6THdC08Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.184.0/22
109.61.104.0/21
185.238.188.0/22
Signature Algorithm: sha256WithRSAEncryption
51:7e:18:ef:92:fc:f0:64:0c:bb:ba:ae:c9:a0:c6:f5:b8:9a:
d8:23:4c:ea:4d:6d:36:58:b8:2e:5a:8e:4a:e3:70:7d:9c:32:
d3:83:57:82:25:b2:2b:88:a2:3a:c9:ab:bd:8b:af:c0:1b:5c:
33:f7:3c:84:85:8f:ea:4e:80:97:e3:72:d4:2c:d2:9c:c9:67:
44:3d:67:b7:c3:8c:0a:08:5a:73:57:f2:4c:1b:bc:0f:4f:22:
ca:e8:a8:3b:68:30:70:75:eb:b7:7a:33:81:d7:01:0a:ee:1a:
f3:13:51:2e:82:61:e8:0c:56:0b:bf:15:ae:62:73:35:cc:35:
01:99:d0:29:cd:28:96:31:7e:8d:06:30:dd:d8:de:cb:26:ac:
6b:ab:68:03:03:31:1b:25:94:05:c4:24:cf:f4:d4:47:d1:4a:
19:18:72:96:10:2e:7a:1b:b3:0a:6a:e3:73:95:87:13:8f:6d:
86:ba:a6:d0:7b:f7:43:45:9a:34:79:5e:87:2a:c7:0f:47:3f:
ea:d8:11:ae:b2:2b:a8:c3:d0:ef:04:08:f6:33:32:8e:3a:31:
aa:10:a9:d1:5b:b5:2a:dc:66:5c:12:a0:e0:01:06:c4:03:6d:
68:9d:e3:50:0a:88:97:9b:22:d4:f1:6c:90:87:78:3c:6b:a4:
0f:eb:87:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZN32Z2+ZSxOjU6l3E/G+NWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTI5MTIxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJjNmE5YjZjMzMxN2Y2ZWE5ODIzZGRhYzhlOTMxZGQwYjRmMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/gECPmT/C6brnZ7AnJ4cN0iw/FJ
0zfZnEYlTRMECxj9ja1z7+K5WD+CXit2yABtRTA66DK6kwlju//iy4fTmC0Q3btc
UzfS7iinhxP+lNwLUlms0NlQaZt0Z8figKay6QolQrriojQfsVXxyo7LsjRlIl28
qgdMXd+Vw409/mu9s3UFZmJhnVf2MkONhOmctIkCzRn4zaVw6P8/Xg8l/C6c75Lw
QMaHfo/agd4geuTWi6iPwJQG9Opl6eIl/zJvE9ArX4NlLF0YI3KxEgOdSWdVLvCV
r1sHdbwYnFrphJLx1Mx8tOig4PudLyWh3A02X6jCLDDIoDaZzpFWGCu9ywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAG8aptsMxf26pgj3ayOkx3QtPFHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQWJ4cW0yd3pGX2JxbUNQZHJJNlRIZEMwOFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYO4AwQD
bT1oAwQCue68MA0GCSqGSIb3DQEBCwUAA4IBAQBRfhjvkvzwZAy7uq7JoMb1uJrY
I0zqTW02WLguWo5K43B9nDLTg1eCJbIriKI6yau9i6/AG1wz9zyEhY/qToCX43LU
LNKcyWdEPWe3w4wKCFpzV/JMG7wPTyLK6Kg7aDBwdeu3ejOB1wEK7hrzE1EugmHo
DFYLvxWuYnM1zDUBmdApzSiWMX6NBjDd2N7LJqxrq2gDAzEbJZQFxCTP9NRH0UoZ
GHKWEC56G7MKauNzlYcTj22GuqbQe/dDRZo0eV6HKscPRz/q2BGusiuow9DvBAj2
MzKOOjGqEKnRW7Uq3GZcEqDgAQbEA21oneNQCoiXmyLU8WyQh3g8a6QP64ew
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:48:27 2025 by rpki-client