Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-i1RnEwptqWcparby2SPi9lU8zQ.roa
File: 1-i1RnEwptqWcparby2SPi9lU8zQ.roa (raw, json)
Hash identifier: qZP8HwH7CzoF8ENLMxsPH9ZjU8FeDbsdqLbNkCwyx70=
Subject key identifier: FA:2D:51:9C:4C:29:B6:A5:9C:A5:AA:DB:CB:64:8F:8B:D9:54:F3:34
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E86047F384D3867EAD12D086219347669
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-i1RnEwptqWcparby2SPi9lU8zQ.roa
Signing time: Thu 28 Mar 2024 17:03:45 +0000
ROA not before: Thu 28 Mar 2024 17:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 45.87.255.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 13:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:04:7f:38:4d:38:67:ea:d1:2d:08:62:19:34:76:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 17:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa2d519c4c29b6a59ca5aadbcb648f8bd954f334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8f:4c:b5:27:9a:a8:40:ba:d2:84:9d:9d:8f:
11:39:64:20:3b:c3:06:42:46:ce:73:78:d3:97:39:
f9:97:eb:93:f3:2d:4c:8c:ca:8b:66:12:33:de:0a:
fd:e4:da:d4:ae:6b:35:3f:18:e8:cf:0a:1a:39:e7:
b5:86:a3:45:89:4b:5b:ff:17:f5:73:22:f4:5c:3a:
7c:21:59:ae:e0:1b:5c:d0:4c:a9:b3:bc:d8:e6:f8:
2e:e2:02:de:37:bb:2e:f5:b2:62:e1:a9:20:58:1a:
13:70:10:c4:c2:19:7e:a2:d6:81:fb:ce:69:80:f4:
84:95:e4:09:2b:40:9e:58:61:49:e2:42:b0:3b:5d:
c6:ff:93:a7:74:6f:3a:45:90:28:f3:bc:33:18:6a:
4a:66:e8:b9:5a:d6:d6:d5:76:b1:db:67:23:8e:ca:
ec:88:3d:54:21:1c:24:d2:34:1d:c7:d5:4c:c5:ca:
e5:99:1d:25:63:50:21:04:5e:5d:ae:fe:81:3b:04:
0d:ea:69:93:6a:5e:3c:bc:ad:90:7d:e7:7d:8f:36:
14:f0:a6:cb:77:47:2b:3e:ec:b8:63:84:90:17:90:
b2:2e:53:b0:8c:e8:f2:29:d1:90:40:cd:77:8e:08:
63:c0:2c:f6:09:30:ce:52:b9:23:0f:24:34:ca:2e:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2D:51:9C:4C:29:B6:A5:9C:A5:AA:DB:CB:64:8F:8B:D9:54:F3:34
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-i1RnEwptqWcparby2SPi9lU8zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.255.0/24
45.95.28.0/24
94.154.188.0/23
94.154.191.0/24
193.187.106.0/24
212.60.7.0/24
Signature Algorithm: sha256WithRSAEncryption
68:cd:02:ae:09:3b:b3:75:43:5a:6d:97:88:20:ee:9a:3f:3c:
b0:30:3a:27:6b:51:aa:ed:e5:28:18:63:de:2f:fb:cd:0b:86:
50:5c:9e:75:b9:0a:00:59:25:76:36:c9:d2:7f:18:ae:4a:aa:
b7:31:36:0b:8c:e0:79:a5:a4:d2:e0:ee:d8:d9:48:cd:8a:9a:
f2:11:2c:9d:48:e8:93:2e:49:38:f2:15:e8:72:53:d2:73:25:
8d:fd:89:6c:99:54:db:c4:de:40:39:88:f7:66:c2:ee:08:3a:
e9:a3:0a:01:01:96:b4:1b:29:19:fb:1f:78:fc:fd:1d:b6:9a:
e8:bb:37:83:94:3b:e6:1b:c4:ab:4e:30:74:cf:84:86:cc:aa:
d0:1d:39:93:1c:65:ee:96:49:69:cb:cb:3d:1b:0f:41:68:71:
07:d7:d8:da:e3:fe:66:d5:41:b0:9a:3f:fb:73:14:00:7e:cc:
5d:35:9a:ac:84:e1:33:12:ac:f3:71:cf:fd:55:37:1e:23:17:
a9:d0:c4:28:44:0f:dc:d7:6f:cf:ba:13:2a:0c:63:69:3e:0f:
77:1b:51:d2:be:2d:43:ce:5f:5b:ca:de:e9:0c:c4:43:ca:43:
87:c6:ee:6a:40:f4:bf:5f:c7:8f:52:bc:77:5c:46:c7:a6:f9:
a2:d5:ce:d1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY6GBH84TThn6tEtCGIZNHZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTcwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJkNTE5YzRjMjliNmE1OWNhNWFhZGJjYjY0OGY4YmQ5NTRmMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt49MtSeaqEC60oSdnY8ROWQgO8MG
QkbOc3jTlzn5l+uT8y1MjMqLZhIz3gr95NrUrms1PxjozwoaOee1hqNFiUtb/xf1
cyL0XDp8IVmu4Btc0Eyps7zY5vgu4gLeN7su9bJi4akgWBoTcBDEwhl+otaB+85p
gPSEleQJK0CeWGFJ4kKwO13G/5OndG86RZAo87wzGGpKZui5WtbW1Xax22cjjsrs
iD1UIRwk0jQdx9VMxcrlmR0lY1AhBF5drv6BOwQN6mmTal48vK2Qfed9jzYU8KbL
d0crPuy4Y4SQF5CyLlOwjOjyKdGQQM13jghjwCz2CTDOUrkjDyQ0yi6kNQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPotUZxMKbalnKWq28tkj4vZVPM0MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMS1pMVJuRXdwdHFXY3BhcmJ5MlNQaTlsVTh6US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvN2I5MzM2LWU5ZjgtNGUyNy1hZjRiLTIzOWQyZmUzOThi
MS8xL0NUTlR3ZnEtaVdyNHVGX25ZQTVHTkphUHpFdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAC1X/wME
AC1fHAMEAV6avAMEAF6avwMEAMG7agMEANQ8BzANBgkqhkiG9w0BAQsFAAOCAQEA
aM0Crgk7s3VDWm2XiCDumj88sDA6J2tRqu3lKBhj3i/7zQuGUFyedbkKAFkldjbJ
0n8YrkqqtzE2C4zgeaWk0uDu2NlIzYqa8hEsnUjoky5JOPIV6HJT0nMljf2JbJlU
28TeQDmI92bC7gg66aMKAQGWtBspGfsfePz9Hbaa6Ls3g5Q75hvEq04wdM+Ehsyq
0B05kxxl7pZJacvLPRsPQWhxB9fY2uP+ZtVBsJo/+3MUAH7MXTWarIThMxKs83HP
/VU3HiMXqdDEKEQP3Ndvz7oTKgxjaT4PdxtR0r4tQ85fW8re6QzEQ8pDh8buakD0
v1/Hj1K8d1xGx6b5otXO0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org