Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/d9lXlEpMAKqk-0w1DWRtDqrdWDY.roa
File: d9lXlEpMAKqk-0w1DWRtDqrdWDY.roa (raw, json)
Hash identifier: PbHuB3DUMMfMUP8e3GH01cEA++Oj8joLamC4/ogBnAA=
Subject key identifier: 77:D9:57:94:4A:4C:00:AA:A4:FB:4C:35:0D:64:6D:0E:AA:DD:58:36
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0187C23367091A70C987CAD2B2C3854043D7
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/d9lXlEpMAKqk-0w1DWRtDqrdWDY.roa
Signing time: Thu 27 Apr 2023 10:12:41 +0000
ROA not before: Thu 27 Apr 2023 10:12:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.145.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Apr 2023 09:55:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:33:67:09:1a:70:c9:87:ca:d2:b2:c3:85:40:43:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 27 10:12:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77d957944a4c00aaa4fb4c350d646d0eaadd5836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:05:f5:0e:96:af:88:a4:49:35:24:d6:92:bf:
e7:6c:5e:6b:d6:8f:98:52:00:6d:0b:c8:87:28:16:
69:e3:e0:25:b2:c6:0c:b1:de:6b:24:88:a4:96:ba:
ec:65:f7:95:03:56:a2:f5:3d:fa:fa:43:3a:6c:9b:
d4:f1:e6:1a:40:f0:9a:ab:07:a3:48:2d:b0:54:a1:
cc:b2:1c:98:a5:58:7a:11:22:46:13:ae:dd:ee:0c:
20:e2:31:df:ce:9c:30:20:51:31:d1:ec:b5:cc:a9:
fe:d8:c2:82:f8:68:1e:c8:ff:f0:e1:1a:6d:5c:66:
8e:54:8b:03:5b:60:09:f3:ee:b5:e2:6a:f0:a7:fd:
fd:b2:bc:e1:19:d2:a9:cd:fa:3b:60:17:90:15:6a:
c6:f8:a7:14:82:dd:b4:7d:dd:20:76:30:70:8e:53:
86:9c:df:da:c9:a0:be:0d:c0:6b:82:0f:71:44:74:
1d:b1:cf:7a:cb:48:18:00:30:75:86:4d:79:21:f4:
8f:e5:27:9d:fb:bc:e7:5e:8e:4a:5b:40:94:24:c7:
16:47:a2:ae:f9:45:ee:6f:35:a8:36:4d:7d:af:b7:
2d:0c:98:9c:e5:ce:f9:60:6f:6f:9a:84:7e:c6:be:
a1:56:5a:bc:b2:1b:39:d5:69:b6:97:85:24:36:2c:
7e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D9:57:94:4A:4C:00:AA:A4:FB:4C:35:0D:64:6D:0E:AA:DD:58:36
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/d9lXlEpMAKqk-0w1DWRtDqrdWDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.145.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
4d:16:d6:46:4a:7e:db:cb:56:17:68:29:c1:2a:69:10:ae:99:
59:1a:00:c1:b8:38:38:36:d7:a3:c9:b2:d2:b1:da:d1:03:45:
f6:cb:2c:c7:a6:48:f9:2b:0c:87:3a:f1:6a:e7:78:ae:4d:82:
20:c1:b2:f3:0c:fe:92:0b:89:2b:16:f8:68:8c:81:51:93:01:
d7:b6:d2:c5:f2:46:89:50:ec:e0:8e:1e:29:9f:55:b8:95:c4:
b3:0a:8c:f7:72:48:ea:c5:77:bb:0e:df:01:10:4f:0a:7f:bb:
e6:04:14:79:e1:7e:74:7a:e3:69:8a:e4:89:21:b2:d2:72:ca:
57:b7:f7:82:bc:16:07:c9:9b:55:a7:7f:be:f4:2e:c7:69:85:
b7:24:8b:ae:94:f4:83:25:84:02:70:4f:51:0f:29:e6:e1:42:
fe:a7:24:07:8a:01:0f:79:b4:f0:af:d2:91:66:19:d1:40:19:
58:9a:3a:05:3a:2f:9c:fa:b8:0c:e7:d7:4c:5f:43:b7:21:fa:
30:47:4c:d7:fe:ae:48:b5:54:ff:61:94:b2:9e:74:0e:40:7e:
d3:cb:c3:d8:7e:db:7c:9e:c6:39:2e:19:aa:a8:29:ca:e5:72:
97:cd:f9:04:ed:27:60:3d:a8:58:ba:37:8f:a5:bf:23:c6:d9:
80:4c:e3:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfCM2cJGnDJh8rSssOFQEPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDI3MTAxMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Q5NTc5NDRhNGMwMGFhYTRmYjRjMzUwZDY0NmQwZWFhZGQ1ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAX1DpaviKRJNSTWkr/nbF5r1o+Y
UgBtC8iHKBZp4+AlssYMsd5rJIiklrrsZfeVA1ai9T36+kM6bJvU8eYaQPCaqwej
SC2wVKHMshyYpVh6ESJGE67d7gwg4jHfzpwwIFEx0ey1zKn+2MKC+GgeyP/w4Rpt
XGaOVIsDW2AJ8+614mrwp/39srzhGdKpzfo7YBeQFWrG+KcUgt20fd0gdjBwjlOG
nN/ayaC+DcBrgg9xRHQdsc96y0gYADB1hk15IfSP5Sed+7znXo5KW0CUJMcWR6Ku
+UXubzWoNk19r7ctDJic5c75YG9vmoR+xr6hVlq8shs51Wm2l4UkNix+bQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHfZV5RKTACqpPtMNQ1kbQ6q3Vg2MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvZDlsWGxFcE1BS3FrLTB3MURXUnREcXJkV0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLULgAwQA
UR2RMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQBNFtZGSn7by1YX
aCnBKmkQrplZGgDBuDg4NtejybLSsdrRA0X2yyzHpkj5KwyHOvFq53iuTYIgwbLz
DP6SC4krFvhojIFRkwHXttLF8kaJUOzgjh4pn1W4lcSzCoz3ckjqxXe7Dt8BEE8K
f7vmBBR54X50euNpiuSJIbLScspXt/eCvBYHyZtVp3++9C7HaYW3JIuulPSDJYQC
cE9RDynm4UL+pyQHigEPebTwr9KRZhnRQBlYmjoFOi+c+rgM59dMX0O3IfowR0zX
/q5ItVT/YZSynnQOQH7Ty8PYftt8nsY5LhmqqCnK5XKXzfkE7SdgPahYujePpb8j
xtmATONh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:36 2024 by rpki-client on console-ams.rpki-client.org