Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FSn5aefIT2Exe-jQsB5qVdtkxbo.roa
File: FSn5aefIT2Exe-jQsB5qVdtkxbo.roa (raw, json)
Hash identifier: fuDYSIw1JzbPcedMqNRPgKQWqwqNmCzgIBBVV+YgnrY=
Subject key identifier: 15:29:F9:69:E7:C8:4F:61:31:7B:E8:D0:B0:1E:6A:55:DB:64:C5:BA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019131AF691BF57202CB9F4C0A1195F23C58
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FSn5aefIT2Exe-jQsB5qVdtkxbo.roa
Signing time: Thu 08 Aug 2024 11:11:04 +0000
ROA not before: Thu 08 Aug 2024 11:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211014
IP address blocks: 45.144.173.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
89.45.44.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 12:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:af:69:1b:f5:72:02:cb:9f:4c:0a:11:95:f2:3c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 8 11:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1529f969e7c84f61317be8d0b01e6a55db64c5ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:32:26:7f:cd:ec:6a:be:81:d5:64:e5:57:fa:
a7:14:ea:d4:8f:40:30:9a:da:c2:b0:88:f1:8c:cc:
41:bc:6b:60:d1:92:1e:a8:2a:fc:83:4c:54:84:89:
07:6b:67:8f:4b:63:3a:c5:59:ed:a5:99:a1:3d:c3:
11:ad:35:54:c5:a0:46:12:aa:1d:ad:c0:6e:93:ff:
b8:6a:f4:55:e6:2b:0f:5d:35:88:de:6d:9f:d8:ac:
30:61:74:b3:65:be:30:d8:ab:fe:7d:2f:ea:29:5b:
9a:52:1d:17:78:46:fb:de:30:ed:dd:55:8e:34:9e:
c5:fc:00:90:d8:f1:02:aa:df:59:f2:63:a0:ef:f7:
df:34:75:e2:f5:cd:3c:bb:09:c0:1d:8f:60:74:3a:
7c:d5:03:38:8a:13:1e:19:21:5b:34:f0:a2:21:d5:
b1:3e:42:57:bc:ce:0c:47:5e:83:84:71:f8:af:fe:
76:a4:fb:ff:a8:7b:bc:43:59:66:55:e6:71:91:ce:
35:d8:eb:ea:c7:b4:d0:5e:67:b4:c5:2b:c5:7d:94:
7c:b9:27:03:af:5e:5c:1c:6c:8e:41:be:41:d7:b5:
12:6d:0f:d5:99:84:3a:0a:17:91:1c:43:43:a9:aa:
da:69:26:8a:dc:1e:87:d2:fd:ed:c1:98:92:1b:a0:
c9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:29:F9:69:E7:C8:4F:61:31:7B:E8:D0:B0:1E:6A:55:DB:64:C5:BA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FSn5aefIT2Exe-jQsB5qVdtkxbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.173.0/24
89.40.70.0/24
89.45.44.0/24
185.141.217.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ba:b7:83:b8:1e:35:25:5d:41:80:1d:ff:98:73:43:0d:c4:
04:4b:e4:bf:4b:d3:02:ae:50:32:10:cc:40:4a:a9:b9:4c:fe:
1b:31:e0:ef:af:ef:8d:b0:e8:5e:57:56:88:e3:e7:68:22:a2:
9c:2f:2e:58:e8:57:4f:b3:d6:5f:99:a6:22:69:35:bd:91:d8:
e8:e4:aa:d7:29:89:40:c2:25:ec:e7:cd:c3:15:d0:51:01:f5:
b9:82:35:c9:9d:52:d9:fa:ea:70:98:b8:41:d1:09:ab:63:f2:
49:ea:05:8b:bd:d3:9b:3c:9e:a7:14:77:33:2e:b0:7b:61:b4:
74:b0:c7:e3:88:15:fa:40:c6:65:4d:f5:49:f2:52:02:dd:a7:
91:5a:a4:ce:89:80:ee:5c:29:89:0a:2f:70:2c:aa:50:90:0b:
b4:bb:5c:10:52:6e:fb:db:08:1e:1b:db:b2:fa:db:46:27:6e:
bf:00:45:e6:e0:eb:86:3d:0c:ce:60:03:f3:75:8a:a6:ba:55:
0c:16:26:ab:14:3a:c0:e8:d8:84:bc:3c:1f:09:63:5b:7b:45:
55:32:6d:27:a2:1e:fd:b5:9f:5a:9f:bb:16:47:1b:49:98:26:
74:03:7f:c2:fe:54:c7:02:e2:1d:09:f2:fe:ee:4a:6f:2d:e9:
e1:d3:7e:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZExr2kb9XICy59MChGV8jxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwODA4MTExMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI5Zjk2OWU3Yzg0ZjYxMzE3YmU4ZDBiMDFlNmE1NWRiNjRjNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzImf83sar6B1WTlV/qnFOrUj0Aw
mtrCsIjxjMxBvGtg0ZIeqCr8g0xUhIkHa2ePS2M6xVntpZmhPcMRrTVUxaBGEqod
rcBuk/+4avRV5isPXTWI3m2f2KwwYXSzZb4w2Kv+fS/qKVuaUh0XeEb73jDt3VWO
NJ7F/ACQ2PECqt9Z8mOg7/ffNHXi9c08uwnAHY9gdDp81QM4ihMeGSFbNPCiIdWx
PkJXvM4MR16DhHH4r/52pPv/qHu8Q1lmVeZxkc412Ovqx7TQXme0xSvFfZR8uScD
r15cHGyOQb5B17USbQ/VmYQ6CheRHENDqaraaSaK3B6H0v3twZiSG6DJSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUp+WnnyE9hMXvo0LAealXbZMW6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRlNuNWFlZklUMkV4ZS1qUXNCNXFWZHRreGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZCtAwQA
WShGAwQAWS0sAwQAuY3ZMA0GCSqGSIb3DQEBCwUAA4IBAQCBureDuB41JV1BgB3/
mHNDDcQES+S/S9MCrlAyEMxASqm5TP4bMeDvr++NsOheV1aI4+doIqKcLy5Y6FdP
s9ZfmaYiaTW9kdjo5KrXKYlAwiXs583DFdBRAfW5gjXJnVLZ+upwmLhB0QmrY/JJ
6gWLvdObPJ6nFHczLrB7YbR0sMfjiBX6QMZlTfVJ8lIC3aeRWqTOiYDuXCmJCi9w
LKpQkAu0u1wQUm772wgeG9uy+ttGJ26/AEXm4OuGPQzOYAPzdYqmulUMFiarFDrA
6NiEvDwfCWNbe0VVMm0noh79tZ9an7sWRxtJmCZ0A3/C/lTHAuIdCfL+7kpvLenh
035y
-----END CERTIFICATE-----
Generated at Sun Aug 11 15:05:28 2024 by rpki-client on console-fra.rpki-client.org