Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/xdU4zeG9CLZnEjM5GK8DobZIGYg.roa
File: xdU4zeG9CLZnEjM5GK8DobZIGYg.roa (raw, json)
Hash identifier: 961Dxvs5i4oq8q8qUgLJSIsa3yIHpRA68Rst+zdo1eg=
Subject key identifier: C5:D5:38:CD:E1:BD:08:B6:67:12:33:39:18:AF:03:A1:B6:48:19:88
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 0192C58F0368FF988F4989DAF67520A8370B
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/xdU4zeG9CLZnEjM5GK8DobZIGYg.roa
Signing time: Fri 25 Oct 2024 21:22:17 +0000
ROA not before: Fri 25 Oct 2024 21:22:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 45.82.82.0/24 maxlen: 24
2a06:7840::/29 maxlen: 29
2a0b:2a80::/29 maxlen: 29
2a0d:4440::/29 maxlen: 29
2a0f:f02::/32 maxlen: 32
2a0f:f03::/32 maxlen: 32
2a0f:f04::/30 maxlen: 30
2a0f:59c0::/29 maxlen: 29
2a0f:a380::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Nov 2024 17:13:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c5:8f:03:68:ff:98:8f:49:89:da:f6:75:20:a8:37:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Oct 25 21:22:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5d538cde1bd08b66712333918af03a1b6481988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:04:43:04:01:48:95:5e:0d:de:45:d1:cd:4d:
3e:97:31:9f:1c:27:8e:37:67:58:5e:97:8b:70:d1:
8e:e8:45:70:63:ae:ac:d6:53:3d:72:c8:a6:ff:11:
88:4c:8a:7c:fa:a7:f1:dc:a9:69:87:bc:c1:ac:d6:
15:6e:2c:bc:79:49:5b:61:94:3c:db:d5:7c:66:38:
14:a8:40:c7:43:c3:9e:31:ca:24:1e:af:6b:09:5a:
38:bb:7f:2b:c0:2f:af:89:6a:1f:2d:0a:f5:51:dc:
b1:46:de:59:d6:ce:e7:40:91:87:3e:90:5e:12:2c:
35:20:92:19:28:f3:98:77:36:e5:89:5a:6d:2e:80:
21:80:b6:71:0c:29:4c:0c:af:2a:ed:fe:68:ed:02:
23:68:84:4e:5d:8c:56:b0:6c:8f:e8:57:53:d0:fe:
cf:09:ec:41:fd:35:48:83:54:85:af:7e:71:01:09:
75:ab:e5:48:aa:82:a4:da:86:e6:30:2b:f6:de:24:
d3:f9:d3:7f:b4:47:ba:bb:6b:16:15:c9:79:1f:0d:
05:ed:be:bd:6b:54:90:e8:1d:a0:4f:e6:17:9b:98:
3c:dc:15:67:c7:52:22:f9:7d:00:9a:d2:f4:c5:23:
e8:da:4a:f5:81:e1:6f:0e:38:32:21:28:15:6d:c0:
bb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D5:38:CD:E1:BD:08:B6:67:12:33:39:18:AF:03:A1:B6:48:19:88
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/xdU4zeG9CLZnEjM5GK8DobZIGYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.82.0/24
IPv6:
2a06:7840::/29
2a0b:2a80::/29
2a0d:4440::/29
2a0f:f02::-2a0f:f07:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:59c0::/29
2a0f:a380::/29
Signature Algorithm: sha256WithRSAEncryption
6a:ce:10:84:d1:57:c4:c9:47:31:00:79:cd:2d:9f:98:e2:d9:
fa:22:0d:b4:75:4a:49:a2:92:16:3d:8d:e3:e2:b3:a9:58:b4:
ae:99:b1:ee:04:00:a4:b7:6c:f4:17:d8:d5:ea:4c:46:2c:87:
2c:d0:2b:94:60:84:9b:1c:05:86:c2:7b:cb:c6:23:f6:e2:11:
cf:aa:2b:04:15:95:f7:aa:b5:3b:b7:bf:f8:4e:29:2f:f1:83:
dc:0d:0d:25:74:09:6d:6d:ad:b8:40:c7:ac:ac:e8:66:be:8d:
1b:76:50:09:ed:25:57:ad:29:7a:14:3e:57:59:f9:78:98:c7:
e6:b6:57:00:8a:0d:4e:cb:8f:39:4a:1b:12:f5:bf:7b:2e:ad:
85:1b:57:4c:58:d0:10:af:8b:87:6d:11:bd:05:99:ee:eb:52:
2c:73:7f:e3:59:2d:8c:f8:12:99:9f:2a:f6:54:5c:11:62:82:
b4:e9:e8:8f:f0:d2:d8:0d:21:aa:26:87:77:1e:e6:07:39:22:
65:cb:64:82:b5:55:2d:4b:57:4d:73:fd:c3:d6:a0:a6:19:3e:
ca:7c:3e:1f:c5:1a:84:fe:ed:2a:cb:4e:c0:d7:e8:4e:9c:53:
bd:69:3f:0c:1e:60:0b:51:6a:09:bf:94:e3:96:dc:09:cc:6a:
a0:61:4f:89
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZLFjwNo/5iPSYna9nUgqDcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjQxMDI1MjEyMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ1MzhjZGUxYmQwOGI2NjcxMjMzMzkxOGFmMDNhMWI2NDgxOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwRDBAFIlV4N3kXRzU0+lzGfHCeO
N2dYXpeLcNGO6EVwY66s1lM9csim/xGITIp8+qfx3Klph7zBrNYVbiy8eUlbYZQ8
29V8ZjgUqEDHQ8OeMcokHq9rCVo4u38rwC+viWofLQr1UdyxRt5Z1s7nQJGHPpBe
Eiw1IJIZKPOYdzbliVptLoAhgLZxDClMDK8q7f5o7QIjaIROXYxWsGyP6FdT0P7P
CexB/TVIg1SFr35xAQl1q+VIqoKk2obmMCv23iTT+dN/tEe6u2sWFcl5Hw0F7b69
a1SQ6B2gT+YXm5g83BVnx1Ii+X0AmtL0xSPo2kr1geFvDjgyISgVbcC7qQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMXVOM3hvQi2ZxIzORivA6G2SBmIMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEveGRVNHplRzlDTFpuRWpNNUdLOERvYlpJR1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAMBAIAATAGAwQALVJSMDkE
AgACMDMDBQMqBnhAAwUDKgsqgAMFAyoNREAwDgMFASoPDwIDBQMqDw8AAwUDKg9Z
wAMFAyoPo4AwDQYJKoZIhvcNAQELBQADggEBAGrOEITRV8TJRzEAec0tn5ji2foi
DbR1SkmikhY9jePis6lYtK6Zse4EAKS3bPQX2NXqTEYshyzQK5RghJscBYbCe8vG
I/biEc+qKwQVlfeqtTu3v/hOKS/xg9wNDSV0CW1trbhAx6ys6Ga+jRt2UAntJVet
KXoUPldZ+XiYx+a2VwCKDU7LjzlKGxL1v3surYUbV0xY0BCvi4dtEb0Fme7rUixz
f+NZLYz4EpmfKvZUXBFigrTp6I/w0tgNIaomh3ce5gc5ImXLZIK1VS1LV01z/cPW
oKYZPsp8Ph/FGoT+7SrLTsDX6E6cU71pPwweYAtRagm/lOOW3AnMaqBhT4k=
-----END CERTIFICATE-----
Generated at Wed Nov 13 19:52:34 2024 by rpki-client on console-fra.rpki-client.org