Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cVRyJPwx6AXpgCocffK1EmSYbFE.roa
File: cVRyJPwx6AXpgCocffK1EmSYbFE.roa (raw, json)
Hash identifier: Mm4CYYwcKgrhS6T91gLlzWsyhKw7nr9+8KV0ISWdWAU=
Subject key identifier: 71:54:72:24:FC:31:E8:05:E9:80:2A:1C:7D:F2:B5:12:64:98:6C:51
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01922D8ED7B66AFB19FAB7E27F7E560C561F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cVRyJPwx6AXpgCocffK1EmSYbFE.roa
Signing time: Thu 26 Sep 2024 08:59:48 +0000
ROA not before: Thu 26 Sep 2024 08:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 45.88.12.0/24 maxlen: 24
91.216.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:8e:d7:b6:6a:fb:19:fa:b7:e2:7f:7e:56:0c:56:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 26 08:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71547224fc31e805e9802a1c7df2b51264986c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:87:6e:a2:bb:de:28:37:b5:47:03:d0:6a:ed:
4c:3b:e8:01:14:cf:1c:19:cd:22:18:9f:90:27:1d:
a5:c4:26:ed:3d:19:c5:18:12:34:76:65:9e:89:ae:
ae:a7:8d:73:70:28:b0:99:ea:cd:84:60:bc:08:aa:
cf:62:c4:03:a9:61:66:1b:d6:25:49:c3:88:0c:3c:
83:71:c9:96:51:72:23:26:1c:f4:6b:38:cb:8f:43:
9b:c6:67:51:c3:9a:d8:72:13:a6:48:ff:b7:a8:50:
67:93:14:97:1a:52:2f:fd:1c:6d:7c:62:7b:18:4b:
c4:96:ad:da:38:4c:d9:16:24:fb:55:35:7d:73:9f:
91:c8:17:bc:6c:22:71:b6:4a:15:3c:24:f0:4e:dc:
58:e8:28:f5:2a:9d:5d:a9:76:77:c3:bd:41:04:05:
8b:02:41:bd:67:f3:cf:f2:ed:ee:fc:c1:c3:92:30:
74:e9:2f:0f:78:08:ee:44:ae:32:35:1d:29:cb:1e:
e0:8d:fb:c9:40:2a:6e:28:d1:1d:fd:e1:22:e9:c5:
c7:98:55:2f:bd:35:cd:88:5b:bb:cc:88:29:6f:ce:
5d:ce:84:df:00:13:16:87:1f:8e:e1:80:0c:e6:3b:
c9:74:ff:47:fb:f4:66:f0:c7:7e:ea:c9:99:6c:da:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:54:72:24:FC:31:E8:05:E9:80:2A:1C:7D:F2:B5:12:64:98:6C:51
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cVRyJPwx6AXpgCocffK1EmSYbFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.12.0/24
91.216.185.0/24
Signature Algorithm: sha256WithRSAEncryption
99:de:ab:3f:22:c2:16:84:b3:f7:9a:c5:da:ff:58:12:df:bb:
3c:16:32:3d:f9:d7:48:02:ba:88:b9:15:4a:c3:01:36:21:50:
88:cb:bf:19:7a:df:a3:58:f6:08:9e:07:60:97:8d:ae:99:17:
1f:cf:66:e1:05:43:e9:54:e0:62:8e:02:84:7b:ad:46:0b:58:
42:8f:80:1b:a3:71:32:12:c4:45:12:42:f7:94:30:53:b0:76:
fd:cd:7c:ab:e6:84:d3:4f:dc:64:bc:db:56:ec:17:cb:d6:68:
ca:a5:8e:03:c1:30:93:9d:4f:7e:b8:46:50:87:a6:7a:b5:c6:
78:35:0c:72:21:88:df:0b:39:44:c5:7f:f4:18:5c:1b:48:0f:
56:f5:b6:54:1a:1f:c7:88:cf:f4:25:47:1c:91:45:78:09:df:
62:85:5f:ce:f5:8f:24:df:ac:8e:6f:83:22:75:ba:df:ee:75:
5e:d1:c2:43:da:20:1b:f9:42:af:23:c8:a1:da:34:f6:f3:17:
84:90:b3:1b:b1:02:8f:78:95:c7:b1:d8:77:aa:fd:e6:f2:5d:
50:03:22:e6:c1:16:ec:fc:da:64:6e:3b:89:dd:56:e7:f3:e1:
6c:f4:66:aa:4c:ba:a8:d7:b3:3f:21:0c:b7:91:03:de:bb:fb:
8e:cc:39:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZItjte2avsZ+rfif35WDFYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTI2MDg1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU0NzIyNGZjMzFlODA1ZTk4MDJhMWM3ZGYyYjUxMjY0OTg2YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYduorveKDe1RwPQau1MO+gBFM8c
Gc0iGJ+QJx2lxCbtPRnFGBI0dmWeia6up41zcCiwmerNhGC8CKrPYsQDqWFmG9Yl
ScOIDDyDccmWUXIjJhz0azjLj0ObxmdRw5rYchOmSP+3qFBnkxSXGlIv/RxtfGJ7
GEvElq3aOEzZFiT7VTV9c5+RyBe8bCJxtkoVPCTwTtxY6Cj1Kp1dqXZ3w71BBAWL
AkG9Z/PP8u3u/MHDkjB06S8PeAjuRK4yNR0pyx7gjfvJQCpuKNEd/eEi6cXHmFUv
vTXNiFu7zIgpb85dzoTfABMWhx+O4YAM5jvJdP9H+/Rm8Md+6smZbNqQjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHFUciT8MegF6YAqHH3ytRJkmGxRMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvY1ZSeUpQd3g2QVhwZ0NvY2ZmSzFFbVNZYkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVgMAwQA
W9i5MA0GCSqGSIb3DQEBCwUAA4IBAQCZ3qs/IsIWhLP3msXa/1gS37s8FjI9+ddI
ArqIuRVKwwE2IVCIy78Zet+jWPYIngdgl42umRcfz2bhBUPpVOBijgKEe61GC1hC
j4Abo3EyEsRFEkL3lDBTsHb9zXyr5oTTT9xkvNtW7BfL1mjKpY4DwTCTnU9+uEZQ
h6Z6tcZ4NQxyIYjfCzlExX/0GFwbSA9W9bZUGh/HiM/0JUcckUV4Cd9ihV/O9Y8k
36yOb4Midbrf7nVe0cJD2iAb+UKvI8ih2jT28xeEkLMbsQKPeJXHsdh3qv3m8l1Q
AyLmwRbs/NpkbjuJ3Vbn8+Fs9GaqTLqo17M/IQy3kQPeu/uOzDkM
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:11 2025 by rpki-client