Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3XZ4vQmmWDsiBHdfPDUWDY6jlfU.roa
File: 3XZ4vQmmWDsiBHdfPDUWDY6jlfU.roa (raw, json)
Hash identifier: Jr8jQtbMv+cjaUftHkFQsZkWWfTIrWxZLBFFBF13/WE=
Subject key identifier: DD:76:78:BD:09:A6:58:3B:22:04:77:5F:3C:35:16:0D:8E:A3:95:F5
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018F13EB266EEA28048C7CB16756EB3D334D
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3XZ4vQmmWDsiBHdfPDUWDY6jlfU.roa
Signing time: Thu 25 Apr 2024 06:22:08 +0000
ROA not before: Thu 25 Apr 2024 06:22:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 45.131.79.0/24 maxlen: 24
79.110.236.0/24 maxlen: 24
146.19.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 06:57:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:eb:26:6e:ea:28:04:8c:7c:b1:67:56:eb:3d:33:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Apr 25 06:22:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd7678bd09a6583b2204775f3c35160d8ea395f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:04:9c:9e:89:ec:4e:a7:57:b7:77:be:6e:3e:
89:b6:f7:38:ba:fe:35:fd:aa:0b:21:17:ab:da:9d:
56:e3:c6:a7:9c:34:50:38:ff:cb:27:2d:bb:ec:80:
ea:cb:df:26:07:84:f9:71:ad:4e:b1:13:ae:09:96:
c0:cd:4c:22:11:e9:9a:9a:ef:eb:72:90:f2:51:58:
50:6c:83:1f:6c:b2:2d:26:8c:53:e8:ed:ec:95:d0:
10:2d:89:af:07:fa:0a:84:47:09:7c:48:30:83:77:
78:60:41:42:a4:11:1f:5c:fb:e1:5a:f4:81:78:43:
89:db:83:b6:1e:68:84:78:6d:a4:ab:3a:ee:46:3a:
45:6f:d6:82:90:0c:03:f2:72:22:45:05:e8:de:3a:
01:be:33:0b:99:4c:93:30:0e:ff:38:17:02:09:7a:
d8:ab:d4:6d:b0:28:d2:90:ef:74:dc:ee:7f:f2:62:
77:ad:0a:d6:85:25:53:bb:fa:7c:c2:51:2a:50:ec:
26:37:0f:e5:d1:d5:a2:05:4c:fa:ee:47:51:86:f6:
52:53:e1:b1:b7:7e:8a:f0:c4:08:ba:0f:8b:ab:fb:
7a:64:66:ed:25:6d:51:b1:0f:fd:5c:fd:16:47:b9:
63:ec:c8:04:47:cc:9f:b4:5c:94:e6:e5:fc:dd:2e:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:76:78:BD:09:A6:58:3B:22:04:77:5F:3C:35:16:0D:8E:A3:95:F5
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/3XZ4vQmmWDsiBHdfPDUWDY6jlfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.79.0/24
79.110.236.0/24
146.19.160.0/24
Signature Algorithm: sha256WithRSAEncryption
59:1f:b7:3a:c8:6c:65:da:54:e4:4d:5a:c6:41:4b:31:63:11:
5b:9f:64:a2:7f:53:3c:8b:55:4b:09:b2:ff:21:ad:f3:fc:8b:
dd:c9:f6:ab:4c:07:8a:93:e1:93:9e:26:a4:9c:c8:05:45:0d:
18:5f:28:3b:07:9e:2c:58:3b:2f:a4:bf:5b:7b:8a:2d:39:a1:
27:92:77:0d:b2:00:23:67:c0:5f:96:16:ce:11:ae:02:ea:66:
26:11:01:07:ac:25:e9:9c:0f:ee:73:22:5f:dc:4a:54:8b:43:
56:9e:47:2c:68:a7:86:57:fa:b4:da:f8:2c:90:ac:38:c0:0b:
8d:c2:a7:0d:81:6a:03:11:72:5d:59:41:30:a8:9b:12:8a:d8:
89:96:a0:81:a6:4e:34:79:bf:c4:98:5f:89:af:bf:5d:a7:d6:
8c:bb:3c:13:42:14:bb:01:3c:9e:d5:55:d3:68:78:01:94:ed:
3e:90:54:97:7b:fe:61:0c:bf:12:80:0a:d9:c7:21:be:88:58:
b4:a3:8c:f4:4b:32:a4:61:e5:56:7c:70:36:0e:32:8a:45:92:
41:98:03:6b:85:d8:09:69:4d:f5:47:b1:21:a7:6e:07:28:f4:
e6:d7:40:12:c9:28:67:aa:21:3b:02:d7:06:de:12:e8:fb:09:
59:a9:c7:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8T6yZu6igEjHyxZ1brPTNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQwNDI1MDYyMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc2NzhiZDA5YTY1ODNiMjIwNDc3NWYzYzM1MTYwZDhlYTM5NWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgScnonsTqdXt3e+bj6Jtvc4uv41
/aoLIRer2p1W48annDRQOP/LJy277IDqy98mB4T5ca1OsROuCZbAzUwiEemamu/r
cpDyUVhQbIMfbLItJoxT6O3sldAQLYmvB/oKhEcJfEgwg3d4YEFCpBEfXPvhWvSB
eEOJ24O2HmiEeG2kqzruRjpFb9aCkAwD8nIiRQXo3joBvjMLmUyTMA7/OBcCCXrY
q9RtsCjSkO903O5/8mJ3rQrWhSVTu/p8wlEqUOwmNw/l0dWiBUz67kdRhvZSU+Gx
t36K8MQIug+Lq/t6ZGbtJW1RsQ/9XP0WR7lj7MgER8yftFyU5uX83S5SiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN12eL0Jplg7IgR3Xzw1Fg2Oo5X1MB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvM1haNHZRbW1XRHNpQkhkZlBEVVdEWTZqbGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYNPAwQA
T27sAwQAkhOgMA0GCSqGSIb3DQEBCwUAA4IBAQBZH7c6yGxl2lTkTVrGQUsxYxFb
n2Sif1M8i1VLCbL/Ia3z/IvdyfarTAeKk+GTniaknMgFRQ0YXyg7B54sWDsvpL9b
e4otOaEnkncNsgAjZ8BflhbOEa4C6mYmEQEHrCXpnA/ucyJf3EpUi0NWnkcsaKeG
V/q02vgskKw4wAuNwqcNgWoDEXJdWUEwqJsSitiJlqCBpk40eb/EmF+Jr79dp9aM
uzwTQhS7ATye1VXTaHgBlO0+kFSXe/5hDL8SgArZxyG+iFi0o4z0SzKkYeVWfHA2
DjKKRZJBmANrhdgJaU31R7Ehp24HKPTm10ASyShnqiE7AtcG3hLo+wlZqceq
-----END CERTIFICATE-----
Generated at Mon Nov 11 08:15:42 2024 by rpki-client on console-fra.rpki-client.org