Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/8RDVhSDYZ1IkeuzL-U372BAyFsg.roa
File: 8RDVhSDYZ1IkeuzL-U372BAyFsg.roa (raw, json)
Hash identifier: AaoBS/Vx2IdV6TG6m8rXNz2ySPV+pLVToPrta4MWc30=
Subject key identifier: F1:10:D5:85:20:D8:67:52:24:7A:EC:CB:F9:4D:FB:D8:10:32:16:C8
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0192A40C86AFF274C065545A25ACB9DD0970
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/8RDVhSDYZ1IkeuzL-U372BAyFsg.roa
Signing time: Sat 19 Oct 2024 09:12:17 +0000
ROA not before: Sat 19 Oct 2024 09:12:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/24 maxlen: 24
89.42.45.0/24 maxlen: 24
89.42.46.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 08:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a4:0c:86:af:f2:74:c0:65:54:5a:25:ac:b9:dd:09:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 19 09:12:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f110d58520d86752247aeccbf94dfbd8103216c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1f:31:0f:44:ff:3d:2f:17:00:f6:9d:bc:be:
ee:ee:9b:2f:af:31:d0:74:ef:37:32:45:ed:77:30:
60:57:7e:47:9e:47:03:04:e8:c7:17:c4:41:e9:60:
10:b9:32:5a:58:cd:be:ae:ab:0a:2f:73:1a:7d:6f:
a2:5b:80:ef:57:97:1c:ff:d5:82:c2:7c:3b:84:87:
96:ea:9b:99:69:96:f5:83:46:87:4d:6c:12:10:00:
76:e8:cb:76:e3:fc:c0:93:b2:1d:5f:8c:67:2d:f3:
a4:7d:39:a8:43:68:1b:e9:f7:3a:06:36:64:0d:90:
0e:85:4b:c2:ff:de:53:73:83:92:d2:28:48:3c:07:
f3:2e:93:3e:25:49:0d:fa:19:d3:d9:fb:ae:fc:b2:
ee:1d:df:55:d0:67:4e:5b:35:50:f8:46:80:e8:da:
88:35:85:f1:4d:47:61:7b:cd:aa:a6:28:9e:38:cc:
1c:4b:50:05:6d:89:bb:66:5d:79:24:a3:91:f4:4e:
a9:34:fc:38:ca:b3:04:eb:6d:b9:05:db:71:96:50:
33:c6:9f:63:38:d4:87:44:1d:5d:f8:95:8d:20:9a:
83:b1:04:b1:97:65:90:df:61:db:02:41:e8:1c:1b:
b7:da:34:9d:8d:47:37:c7:64:d3:4b:02:be:cd:50:
47:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:10:D5:85:20:D8:67:52:24:7A:EC:CB:F9:4D:FB:D8:10:32:16:C8
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/8RDVhSDYZ1IkeuzL-U372BAyFsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0-89.42.46.255
185.3.200.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
25:2f:7c:1d:fc:3e:6d:4a:fc:fe:14:5f:6e:15:a0:c4:62:3e:
9c:2c:7c:26:1f:59:0f:2a:ae:d1:5f:da:97:62:60:93:1b:01:
3f:d9:d8:c4:ed:43:df:40:1b:4e:4f:db:5f:49:54:7d:0d:8d:
b0:2c:dd:b9:a8:9b:4a:5e:7b:3e:ea:f2:34:a5:f4:ec:67:71:
e9:05:e7:09:92:de:da:06:e0:3c:82:fa:db:b8:d9:b7:df:c9:
18:40:a5:fc:47:8a:c8:d8:64:b0:2a:9a:22:f6:81:51:bb:91:
85:35:c1:20:3e:33:62:d9:29:e4:8c:ff:9f:60:99:57:8b:d0:
55:7a:d6:8a:e5:f5:0a:d2:40:b7:ab:45:0f:12:b2:eb:7f:73:
a1:02:8a:06:05:fb:e2:2f:51:e1:2d:87:d9:29:ac:3c:91:be:
38:a9:c7:fa:e5:c4:45:8b:bd:c0:57:1e:67:72:16:db:68:d3:
b0:4f:f7:54:83:50:83:68:3a:2f:b0:0c:8e:df:b4:2e:54:48:
89:2e:c2:9b:53:39:93:06:8a:bb:b5:ac:f8:5b:96:7f:24:3e:
52:70:f9:b7:da:78:17:0b:86:93:f2:ba:a0:98:93:cd:fc:bf:
a7:2e:08:7e:5a:bd:c9:a6:6a:b6:95:eb:3b:39:45:4c:9f:e3:
63:a2:35:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKkDIav8nTAZVRaJay53QlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMDE5MDkxMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTEwZDU4NTIwZDg2NzUyMjQ3YWVjY2JmOTRkZmJkODEwMzIxNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh8xD0T/PS8XAPadvL7u7psvrzHQ
dO83MkXtdzBgV35HnkcDBOjHF8RB6WAQuTJaWM2+rqsKL3MafW+iW4DvV5cc/9WC
wnw7hIeW6puZaZb1g0aHTWwSEAB26Mt24/zAk7IdX4xnLfOkfTmoQ2gb6fc6BjZk
DZAOhUvC/95Tc4OS0ihIPAfzLpM+JUkN+hnT2fuu/LLuHd9V0GdOWzVQ+EaA6NqI
NYXxTUdhe82qpiieOMwcS1AFbYm7Zl15JKOR9E6pNPw4yrME6225BdtxllAzxp9j
ONSHRB1d+JWNIJqDsQSxl2WQ32HbAkHoHBu32jSdjUc3x2TTSwK+zVBHmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPEQ1YUg2GdSJHrsy/lN+9gQMhbIMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvOFJEVmhTRFlaMUlrZXV6TC1VMzcyQkF5RnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLV7WMAwD
BAJZKiwDBABZKi4DBAC5A8gDBAC88MQwDQYJKoZIhvcNAQELBQADggEBACUvfB38
Pm1K/P4UX24VoMRiPpwsfCYfWQ8qrtFf2pdiYJMbAT/Z2MTtQ99AG05P219JVH0N
jbAs3bmom0peez7q8jSl9OxncekF5wmS3toG4DyC+tu42bffyRhApfxHisjYZLAq
miL2gVG7kYU1wSA+M2LZKeSM/59gmVeL0FV61orl9QrSQLerRQ8Ssut/c6ECigYF
++IvUeEth9kprDyRvjipx/rlxEWLvcBXHmdyFtto07BP91SDUINoOi+wDI7ftC5U
SIkuwptTOZMGiru1rPhbln8kPlJw+bfaeBcLhpPyuqCYk838v6cuCH5avcmmaraV
6zs5RUyf42OiNUM=
-----END CERTIFICATE-----
Generated at Thu Oct 24 10:40:06 2024 by rpki-client on console-fra.rpki-client.org