Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ndBqH44GUUuaoBnUpurtuPsjPPo.roa
File: ndBqH44GUUuaoBnUpurtuPsjPPo.roa (raw, json)
Hash identifier: CKOw+f6FxmL0sYGS+Kpjj1cvERJMHsjHz5o7GzFvDss=
Subject key identifier: 9D:D0:6A:1F:8E:06:51:4B:9A:A0:19:D4:A6:EA:ED:B8:FB:23:3C:FA
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01856F54BBC6B900C3CF3F1D19A720EC9D82
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ndBqH44GUUuaoBnUpurtuPsjPPo.roa
Signing time: Sun 01 Jan 2023 21:55:02 +0000
ROA not before: Sun 01 Jan 2023 21:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 81.29.150.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.155.0/24 maxlen: 24
81.29.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Feb 2023 07:07:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:bb:c6:b9:00:c3:cf:3f:1d:19:a7:20:ec:9d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9dd06a1f8e06514b9aa019d4a6eaedb8fb233cfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:38:09:06:18:8c:f0:a0:7b:f7:b2:7c:10:e2:
49:68:5e:5d:be:48:16:3d:4e:bd:8c:0f:37:c4:60:
55:c3:ad:23:1c:75:42:5e:8a:5a:f6:9b:68:52:5b:
00:f3:05:1d:3f:00:58:b0:28:56:dc:21:82:08:06:
49:ce:af:e5:f0:12:8a:4d:61:c7:5c:76:05:64:94:
50:e7:78:91:c1:49:f1:89:3e:ee:c1:1c:21:b4:88:
24:21:6f:78:d3:2f:9f:de:5a:1a:78:df:6a:f4:db:
1a:06:07:50:e6:7e:b4:06:94:0b:62:84:9c:8b:69:
9d:03:72:f5:e4:13:49:a0:0a:3f:98:d0:25:6b:2b:
59:dd:92:79:bd:ca:1a:22:8d:cd:34:f2:e0:57:01:
b6:ee:a1:e1:e4:37:57:e0:77:a8:91:68:a4:67:51:
de:95:48:a3:0c:6d:dc:91:48:08:69:e5:54:4d:49:
03:14:85:78:ed:77:f9:e7:23:87:e2:f2:39:91:c4:
d5:43:96:c7:6d:43:2b:20:62:4a:2d:58:dd:42:a8:
c9:34:29:72:2f:87:e0:9b:97:9e:75:2e:20:6c:e8:
15:ff:76:ce:33:cc:bd:0b:43:db:25:18:7b:08:77:
68:ca:93:da:90:d3:3c:81:3b:7b:fa:76:c4:7a:e1:
27:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:6A:1F:8E:06:51:4B:9A:A0:19:D4:A6:EA:ED:B8:FB:23:3C:FA
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/ndBqH44GUUuaoBnUpurtuPsjPPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.147.0/24
81.29.149.0-81.29.150.255
81.29.155.0/24
81.29.159.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:7c:24:78:fb:b9:ce:21:d4:0f:87:c0:05:0c:53:c7:f3:53:
53:61:9b:38:22:e7:3f:de:a1:b8:b2:0f:f5:ed:de:0d:ab:ff:
65:b1:9b:a7:ac:a3:f8:bc:81:cb:98:b4:80:11:b5:94:75:47:
9c:0c:4c:30:78:2c:cd:36:8a:3b:67:e3:39:a7:3f:a7:61:d0:
61:3e:13:0e:9c:80:6d:ac:0e:93:59:a8:dd:e3:3d:03:f6:5c:
a7:d3:05:6a:68:1e:73:ed:62:89:50:9c:41:a6:56:93:59:34:
d6:89:00:03:09:b5:74:89:f4:a4:3a:6a:ec:8a:ae:ea:a6:ea:
7b:52:af:1d:51:8a:b4:aa:39:dd:05:36:8e:77:7e:b0:b2:19:
c8:f9:b5:b1:b1:7f:38:08:47:92:02:0c:56:b7:3a:1a:39:61:
d7:28:8c:4f:26:49:2f:2d:3d:3a:c2:26:9a:57:31:78:91:4b:
2e:fb:3b:77:52:07:ef:87:a9:44:2b:a0:3d:a4:7e:9b:c7:d9:
09:dc:15:23:c6:a7:9c:73:0e:d8:33:54:1f:a7:59:f7:75:1a:
63:77:2a:07:ae:34:68:82:f1:76:89:80:24:7e:03:a8:2d:93:
9e:8c:e4:1d:bd:5e:e5:66:8b:99:e9:33:31:67:e8:11:49:f5:
67:1b:10:93
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvVLvGuQDDzz8dGacg7J2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQwNmExZjhlMDY1MTRiOWFhMDE5ZDRhNmVhZWRiOGZiMjMzY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzgJBhiM8KB797J8EOJJaF5dvkgW
PU69jA83xGBVw60jHHVCXopa9ptoUlsA8wUdPwBYsChW3CGCCAZJzq/l8BKKTWHH
XHYFZJRQ53iRwUnxiT7uwRwhtIgkIW940y+f3loaeN9q9NsaBgdQ5n60BpQLYoSc
i2mdA3L15BNJoAo/mNAlaytZ3ZJ5vcoaIo3NNPLgVwG27qHh5DdX4HeokWikZ1He
lUijDG3ckUgIaeVUTUkDFIV47Xf55yOH4vI5kcTVQ5bHbUMrIGJKLVjdQqjJNCly
L4fgm5eedS4gbOgV/3bOM8y9C0PbJRh7CHdoypPakNM8gTt7+nbEeuEn+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ3Qah+OBlFLmqAZ1Kbq7bj7Izz6MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvbmRCcUg0NEdVVXVhb0JuVXB1cnR1UHNqUFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUR2TMAwD
BABRHZUDBABRHZYDBABRHZsDBABRHZ8wDQYJKoZIhvcNAQELBQADggEBAB98JHj7
uc4h1A+HwAUMU8fzU1Nhmzgi5z/eobiyD/Xt3g2r/2Wxm6eso/i8gcuYtIARtZR1
R5wMTDB4LM02ijtn4zmnP6dh0GE+Ew6cgG2sDpNZqN3jPQP2XKfTBWpoHnPtYolQ
nEGmVpNZNNaJAAMJtXSJ9KQ6auyKruqm6ntSrx1RirSqOd0FNo53frCyGcj5tbGx
fzgIR5ICDFa3Oho5YdcojE8mSS8tPTrCJppXMXiRSy77O3dSB++HqUQroD2kfpvH
2QncFSPGp5xzDtgzVB+nWfd1GmN3KgeuNGiC8XaJgCR+A6gtk56M5B29XuVmi5np
MzFn6BFJ9WcbEJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:40 2024 by rpki-client on console-fra.rpki-client.org