Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xP2SEUMELWTDXqJF5NoetQ61-D8.roa
File: xP2SEUMELWTDXqJF5NoetQ61-D8.roa (raw, json)
Hash identifier: BDS+DA2U7DIInXKrzfqOnTwScKaYPfWGTyBuATKpPRE=
Subject key identifier: C4:FD:92:11:43:04:2D:64:C3:5E:A2:45:E4:DA:1E:B5:0E:B5:F8:3F
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018DE4DDF74DC37FEA8D3EB89D8BE34BE7D8
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xP2SEUMELWTDXqJF5NoetQ61-D8.roa
Signing time: Mon 26 Feb 2024 10:02:48 +0000
ROA not before: Mon 26 Feb 2024 10:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.44.242.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
185.239.1.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 08:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:dd:f7:4d:c3:7f:ea:8d:3e:b8:9d:8b:e3:4b:e7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Feb 26 10:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4fd921143042d64c35ea245e4da1eb50eb5f83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3c:13:b1:16:ee:16:44:ac:45:db:86:bb:1a:
d2:d7:42:40:be:e3:df:33:01:9d:ec:d8:18:16:da:
7e:02:25:91:47:f3:a0:2a:b4:c7:2f:29:08:65:ef:
aa:a8:e8:f1:0f:e7:7c:3d:2e:fd:56:de:41:a7:89:
f5:d9:b5:35:72:b7:ef:a8:c8:47:52:38:d2:52:8f:
ca:2b:60:27:8d:ef:5f:8e:0a:28:7a:c6:be:f9:91:
44:91:3b:e6:cc:b7:9a:a2:51:fb:c3:3a:b1:90:7f:
a1:9c:63:e8:c8:d6:e5:af:61:68:ff:95:15:2e:07:
a1:22:99:10:7c:7b:84:e1:8f:0f:b1:75:3c:ce:55:
3c:7d:2a:d4:ec:d0:15:20:03:0b:74:66:bf:5e:b2:
c4:c5:f3:85:af:5e:6b:a8:d9:49:18:7c:bc:70:dd:
f7:7c:cc:b9:ef:6d:e5:3c:d5:b1:0a:05:45:a7:34:
ee:65:e5:21:3c:f5:bd:c3:28:f7:b8:41:dc:cc:30:
e6:c2:41:cf:bd:8a:e9:2f:27:4c:46:e3:f3:29:95:
6a:7a:f4:a6:6e:3b:05:3e:c1:c3:44:2d:0d:d7:87:
20:90:2b:87:6d:9f:4a:aa:6d:f6:28:84:d5:4c:39:
34:77:35:cd:ee:cc:85:d4:2c:96:c9:52:e6:7e:51:
80:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FD:92:11:43:04:2D:64:C3:5E:A2:45:E4:DA:1E:B5:0E:B5:F8:3F
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/xP2SEUMELWTDXqJF5NoetQ61-D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.44.240.0-89.44.242.255
89.46.217.0/24
185.3.200.0/24
185.239.1.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c0:29:5a:bd:72:65:cb:e5:f3:9d:c4:6e:20:26:fe:ce:85:
21:33:b2:3f:a4:11:9d:81:5c:5b:97:bc:ac:ef:7d:23:84:f2:
ed:6d:e1:8f:26:5b:29:61:e6:dc:a6:a6:03:b5:38:4b:9f:f2:
1f:a7:a0:72:b9:39:90:04:8f:bd:23:16:29:b0:ad:ce:ae:4c:
eb:af:4d:fd:b4:3d:a1:a4:29:12:c2:a8:24:21:0b:aa:85:a0:
bc:c9:31:50:3d:e8:8f:74:d0:26:4d:3b:6c:20:30:29:6b:64:
ab:c6:b6:7c:ba:de:bb:ee:ac:ed:7e:63:0b:d4:fb:98:46:90:
d4:2a:29:19:52:1c:9c:3a:20:f6:2b:b5:5d:9d:17:a9:e5:e9:
26:8f:29:d6:55:5d:c1:ed:97:2d:8b:d6:37:d9:78:29:2c:3c:
ee:57:74:b8:43:06:05:52:08:11:7a:96:27:f0:d3:6a:bd:93:
12:68:5c:0f:f8:9c:d0:45:0d:92:21:b6:82:59:62:ae:71:0a:
d2:a1:6d:60:26:ec:b7:c2:c3:bd:eb:04:d3:dc:c0:42:a3:37:
50:ff:4a:48:12:f6:a0:3b:a2:6d:61:f1:b4:1c:8f:22:dc:c9:
87:70:50:86:9a:1e:6c:e9:0a:58:47:21:29:e0:df:5c:ab:38:
48:ab:1b:57
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY3k3fdNw3/qjT64nYvjS+fYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMjI2MTAwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZkOTIxMTQzMDQyZDY0YzM1ZWEyNDVlNGRhMWViNTBlYjVmODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTwTsRbuFkSsRduGuxrS10JAvuPf
MwGd7NgYFtp+AiWRR/OgKrTHLykIZe+qqOjxD+d8PS79Vt5Bp4n12bU1crfvqMhH
UjjSUo/KK2Anje9fjgooesa++ZFEkTvmzLeaolH7wzqxkH+hnGPoyNblr2Fo/5UV
LgehIpkQfHuE4Y8PsXU8zlU8fSrU7NAVIAMLdGa/XrLExfOFr15rqNlJGHy8cN33
fMy5723lPNWxCgVFpzTuZeUhPPW9wyj3uEHczDDmwkHPvYrpLydMRuPzKZVqevSm
bjsFPsHDRC0N14cgkCuHbZ9Kqm32KITVTDk0dzXN7syF1CyWyVLmflGA3wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMT9khFDBC1kw16iReTaHrUOtfg/MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEveFAyU0VVTUVMV1REWHFKRjVOb2V0UTYxLUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBLV7WAwQC
WSosMAwDBARZLPADBABZLPIDBABZLtkDBAC5A8gDBAC57wEDBAC88MQwDQYJKoZI
hvcNAQELBQADggEBAJzAKVq9cmXL5fOdxG4gJv7OhSEzsj+kEZ2BXFuXvKzvfSOE
8u1t4Y8mWylh5tympgO1OEuf8h+noHK5OZAEj70jFimwrc6uTOuvTf20PaGkKRLC
qCQhC6qFoLzJMVA96I900CZNO2wgMClrZKvGtny63rvurO1+YwvU+5hGkNQqKRlS
HJw6IPYrtV2dF6nl6SaPKdZVXcHtly2L1jfZeCksPO5XdLhDBgVSCBF6lifw02q9
kxJoXA/4nNBFDZIhtoJZYq5xCtKhbWAm7LfCw73rBNPcwEKjN1D/SkgS9qA7om1h
8bQcjyLcyYdwUIaaHmzpClhHISng31yrOEirG1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org