Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I9fiWj1SOoCU2GTkc9v097KIQio.roa
File: I9fiWj1SOoCU2GTkc9v097KIQio.roa (raw, json)
Hash identifier: W3a/nkj5wisS2MPMMp1AxHqUjT3rjorxdnLlHvkV0d8=
Subject key identifier: 23:D7:E2:5A:3D:52:3A:80:94:D8:64:E4:73:DB:F4:F7:B2:88:42:2A
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019198F1B4B00B9D839B0A620D0BD3C038EA
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I9fiWj1SOoCU2GTkc9v097KIQio.roa
Signing time: Wed 28 Aug 2024 12:24:22 +0000
ROA not before: Wed 28 Aug 2024 12:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204104
IP address blocks: 46.38.136.0/24 maxlen: 24
212.80.8.0/24 maxlen: 24
212.80.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 08:08:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:f1:b4:b0:0b:9d:83:9b:0a:62:0d:0b:d3:c0:38:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 28 12:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23d7e25a3d523a8094d864e473dbf4f7b288422a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:f5:0d:59:ae:23:ec:9a:ad:ba:d3:86:33:
22:27:96:cd:f1:af:77:55:79:a7:d2:41:bb:26:ae:
b4:48:30:ee:c5:21:44:c0:15:03:07:b0:99:f3:a2:
a7:30:b3:c2:dc:1e:c9:6c:e0:c1:b4:db:3b:75:1f:
4e:0d:18:d3:1e:ea:83:30:4e:7a:0b:25:81:eb:90:
7e:4e:4f:f6:5c:bf:32:d9:6b:25:54:b4:91:c8:50:
aa:49:41:84:8e:5a:10:52:be:be:8d:15:95:b6:ac:
54:34:79:18:2a:9d:a5:6c:c9:a0:dc:d3:91:f7:82:
c6:85:18:4b:ac:e2:f8:db:b1:49:1e:d4:26:42:e1:
4d:d1:f6:b0:0c:82:8e:e0:3b:7c:6c:68:ee:8f:df:
9f:b7:83:29:c8:73:b8:79:fa:c8:4b:eb:bf:02:54:
51:b6:2e:99:ae:b4:b2:67:3a:3a:a1:e0:78:ab:3e:
f3:6e:bd:dd:bd:5b:8c:70:ad:14:7e:d8:29:99:5f:
4d:3f:e6:64:ce:75:95:07:ce:7c:32:b2:75:fb:b3:
a9:c0:d4:52:cc:67:f9:b1:65:98:57:74:c7:c8:ac:
d4:04:bc:57:f3:c6:4a:28:81:6a:f0:d0:2d:44:8c:
67:dd:df:25:20:db:ae:5f:ae:86:15:a2:25:e9:55:
27:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:D7:E2:5A:3D:52:3A:80:94:D8:64:E4:73:DB:F4:F7:B2:88:42:2A
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/I9fiWj1SOoCU2GTkc9v097KIQio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0/24
212.80.8.0/24
212.80.10.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6e:8f:07:6c:0a:62:3a:87:c6:51:e5:b9:f3:72:65:ae:d8:
e3:e0:cf:5a:25:42:9d:06:c8:e8:09:1f:a4:ec:63:4c:6b:f0:
11:0b:f1:7d:69:29:09:9d:16:c0:da:82:14:e5:80:b4:e4:71:
27:e7:65:82:76:a1:44:08:c5:14:dc:ba:af:7e:bf:77:a2:42:
1b:5f:0f:43:df:76:be:49:14:1f:4b:2e:30:af:67:cf:1a:c2:
f8:78:25:d1:f7:b9:2c:fa:b0:7f:d0:74:2e:63:fe:9c:bf:93:
90:ee:dd:ad:2f:7e:2e:68:9c:71:c1:33:14:17:c3:fd:c3:ae:
de:6a:c6:04:83:bb:c4:c9:0f:23:83:10:25:c8:67:69:33:ea:
4d:64:67:54:b0:f4:07:e8:41:1b:d1:25:af:a3:84:cc:f5:cc:
fe:7b:2d:0c:15:01:e6:d6:f7:73:e0:26:02:6e:54:f0:e4:c9:
bd:70:fd:f1:b1:bb:aa:bb:59:54:55:59:92:e2:f5:48:8d:45:
c7:cc:4a:e4:d3:27:ab:39:74:25:d3:31:f2:57:dc:b6:ef:28:
06:ef:72:94:ab:5a:bd:16:7d:81:83:fe:ef:6d:5c:35:76:ec:
f2:3d:0b:39:aa:89:23:7c:85:86:5a:77:4a:21:92:bb:81:56:
84:28:6c:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGY8bSwC52DmwpiDQvTwDjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwODI4MTIyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Q3ZTI1YTNkNTIzYTgwOTRkODY0ZTQ3M2RiZjRmN2IyODg0MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXP1DVmuI+yarbrThjMiJ5bN8a93
VXmn0kG7Jq60SDDuxSFEwBUDB7CZ86KnMLPC3B7JbODBtNs7dR9ODRjTHuqDME56
CyWB65B+Tk/2XL8y2WslVLSRyFCqSUGEjloQUr6+jRWVtqxUNHkYKp2lbMmg3NOR
94LGhRhLrOL427FJHtQmQuFN0fawDIKO4Dt8bGjuj9+ft4MpyHO4efrIS+u/AlRR
ti6ZrrSyZzo6oeB4qz7zbr3dvVuMcK0UftgpmV9NP+ZkznWVB858MrJ1+7OpwNRS
zGf5sWWYV3THyKzUBLxX88ZKKIFq8NAtRIxn3d8lINuuX66GFaIl6VUn6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCPX4lo9UjqAlNhk5HPb9PeyiEIqMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSTlmaVdqMVNPb0NVMkdUa2M5djA5N0tJUWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiaIAwQA
1FAIAwQA1FAKMA0GCSqGSIb3DQEBCwUAA4IBAQCRbo8HbApiOofGUeW583Jlrtjj
4M9aJUKdBsjoCR+k7GNMa/ARC/F9aSkJnRbA2oIU5YC05HEn52WCdqFECMUU3Lqv
fr93okIbXw9D33a+SRQfSy4wr2fPGsL4eCXR97ks+rB/0HQuY/6cv5OQ7t2tL34u
aJxxwTMUF8P9w67easYEg7vEyQ8jgxAlyGdpM+pNZGdUsPQH6EEb0SWvo4TM9cz+
ey0MFQHm1vdz4CYCblTw5Mm9cP3xsbuqu1lUVVmS4vVIjUXHzErk0yerOXQl0zHy
V9y27ygG73KUq1q9Fn2Bg/7vbVw1duzyPQs5qokjfIWGWndKIZK7gVaEKGxw
-----END CERTIFICATE-----
Generated at Wed Oct 16 09:53:48 2024 by rpki-client on console-fra.rpki-client.org