Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/crHijyQ7SH1DsjuIQ95wnKcg9Bw.roa
File: crHijyQ7SH1DsjuIQ95wnKcg9Bw.roa (raw, json)
Hash identifier: VKB3p6fzAFzqVls5XQ2c+f7SmAN869bASYqHkdXttjg=
Subject key identifier: 72:B1:E2:8F:24:3B:48:7D:43:B2:3B:88:43:DE:70:9C:A7:20:F4:1C
Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Certificate serial: 018CC3495ADE6B4CD0178B49BD0E238A3D74
Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/crHijyQ7SH1DsjuIQ95wnKcg9Bw.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5482
IP address blocks: 193.36.4.0/22 maxlen: 22
45.9.23.0/24 maxlen: 24
2a0b:6dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Mar 2024 11:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5a:de:6b:4c:d0:17:8b:49:bd:0e:23:8a:3d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b1e28f243b487d43b23b8843de709ca720f41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:f5:cd:a1:0c:3b:5b:9b:96:4e:da:07:9e:
4f:f1:eb:f7:c7:68:45:1e:a6:5e:4d:18:9b:99:92:
05:ab:9c:97:d3:b1:8c:c2:f0:60:32:cb:6d:1a:21:
d0:f1:4f:db:59:5b:c2:da:bf:90:79:a9:df:16:cc:
e5:3e:0a:67:3f:34:ff:b8:c7:8a:f6:08:b5:c3:ca:
b1:be:d8:a6:45:cb:78:d3:0f:c5:31:28:e5:b1:8d:
73:83:a1:e7:e7:04:8a:5e:a4:ce:35:a1:a2:18:d5:
0a:e3:71:d2:4a:8e:74:c0:ed:27:5e:13:c8:10:8c:
55:68:75:16:81:2a:23:a5:55:48:4d:8f:ae:32:f7:
0b:90:9f:49:c4:a4:47:ad:07:92:44:3a:76:e7:88:
4f:1a:70:32:bd:aa:b4:ee:81:29:d3:a9:54:59:43:
93:66:ff:a1:7a:7c:9f:13:f1:c0:c8:1f:87:e5:47:
0b:4e:bf:47:e8:7e:cb:ee:f2:18:6f:8d:29:f5:13:
3b:90:dc:86:8a:f8:76:3c:83:10:25:40:df:be:cd:
91:44:1c:2c:6a:39:79:72:ec:40:18:b2:5b:3e:6a:
48:f2:d8:9f:52:3c:60:87:d5:a7:72:99:d3:07:d0:
e8:68:56:c7:82:0b:11:a6:82:0a:bd:8a:f3:bb:5a:
a1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B1:E2:8F:24:3B:48:7D:43:B2:3B:88:43:DE:70:9C:A7:20:F4:1C
X509v3 Authority Key Identifier:
keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/crHijyQ7SH1DsjuIQ95wnKcg9Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.23.0/24
193.36.4.0/22
IPv6:
2a0b:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:77:ea:80:2a:ee:db:ef:3c:bf:f9:d6:2a:b1:97:9e:80:40:
b4:ab:8b:b5:c2:a8:27:be:74:ed:52:c6:5f:22:a9:df:2c:af:
f9:63:8e:66:31:e0:d2:4d:f7:11:f6:fd:8b:00:10:ee:1c:56:
aa:91:c4:7c:62:b3:de:28:72:8c:69:84:93:c4:7a:9b:b9:f2:
6b:f9:d8:69:b8:df:06:4a:b6:3d:6c:f2:b6:55:86:8d:72:81:
a0:cd:93:11:69:bb:62:89:1e:5f:ef:f6:d8:cd:e1:ab:a2:09:
8f:a9:45:9d:4a:71:6a:53:d6:df:c4:56:23:08:85:79:04:93:
15:45:ae:bb:5a:9c:e8:ce:6f:e4:ad:5d:59:07:d7:e8:2d:3b:
3e:93:58:3b:6c:2c:e0:92:eb:9f:71:47:4e:80:4c:2d:c0:17:
38:f3:95:87:a7:66:0d:d6:f8:71:2a:bc:33:93:c1:c4:f4:38:
e4:bd:85:13:7f:76:20:2a:3f:81:2e:2d:ca:76:20:0b:4d:f4:
cf:a7:9a:9f:8f:91:b6:01:01:78:04:6e:d8:a3:63:e9:d5:3b:
cf:9e:32:ff:ec:87:b5:a4:38:86:b6:3b:39:dd:69:af:78:50:
3d:ff:e6:9a:c9:89:60:b6:0a:9a:e5:0e:b5:0a:4a:51:b5:f0:
54:46:d0:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSVrea0zQF4tJvQ4jij10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzI5MWI4ZGI2Y2ZkZGY2ZGQyYTFkNTViMjI2ZDQ5NDky
YTI3MDUwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIxZTI4ZjI0M2I0ODdkNDNiMjNiODg0M2RlNzA5Y2E3MjBmNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxv1zaEMO1ublk7aB55P8ev3x2hF
HqZeTRibmZIFq5yX07GMwvBgMsttGiHQ8U/bWVvC2r+QeanfFszlPgpnPzT/uMeK
9gi1w8qxvtimRct40w/FMSjlsY1zg6Hn5wSKXqTONaGiGNUK43HSSo50wO0nXhPI
EIxVaHUWgSojpVVITY+uMvcLkJ9JxKRHrQeSRDp254hPGnAyvaq07oEp06lUWUOT
Zv+henyfE/HAyB+H5UcLTr9H6H7L7vIYb40p9RM7kNyGivh2PIMQJUDfvs2RRBws
ajl5cuxAGLJbPmpI8tifUjxgh9WncpnTB9DoaFbHggsRpoIKvYrzu1qhDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHKx4o8kO0h9Q7I7iEPecJynIPQcMB8GA1UdIwQY
MBaAFC3CkbjbbP3fbdKh1VsibUlJKicFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjIt
MmIxNzBlOTVjMmI3LzEvY3JIaWp5UTdTSDFEc2p1SVE5NXduS2NnOUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjItMmIxNzBlOTVjMmI3
LzEvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQkXAwQC
wSQEMA0EAgACMAcDBQMqC23AMA0GCSqGSIb3DQEBCwUAA4IBAQAud+qAKu7b7zy/
+dYqsZeegEC0q4u1wqgnvnTtUsZfIqnfLK/5Y45mMeDSTfcR9v2LABDuHFaqkcR8
YrPeKHKMaYSTxHqbufJr+dhpuN8GSrY9bPK2VYaNcoGgzZMRabtiiR5f7/bYzeGr
ogmPqUWdSnFqU9bfxFYjCIV5BJMVRa67Wpzozm/krV1ZB9foLTs+k1g7bCzgkuuf
cUdOgEwtwBc485WHp2YN1vhxKrwzk8HE9DjkvYUTf3YgKj+BLi3KdiALTfTPp5qf
j5G2AQF4BG7Yo2Pp1TvPnjL/7Ie1pDiGtjs53WmveFA9/+aayYlgtgqa5Q61CkpR
tfBURtB4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org