Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Oumdj7rJ99t_0A3Dkb4zMq8by2M.roa
File: Oumdj7rJ99t_0A3Dkb4zMq8by2M.roa (raw, json)
Hash identifier: tHWMUzlAgr5C226l1ZfyID641G2DUvdyXJ2ngOIRCyw=
Subject key identifier: 3A:E9:9D:8F:BA:C9:F7:DB:7F:D0:0D:C3:91:BE:33:32:AF:1B:CB:63
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0192BDA6C7D6C3017CD6634518886D79043E
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Oumdj7rJ99t_0A3Dkb4zMq8by2M.roa
Signing time: Thu 24 Oct 2024 08:31:16 +0000
ROA not before: Thu 24 Oct 2024 08:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55933
IP address blocks: 45.89.232.0/23 maxlen: 24
185.207.152.0/22 maxlen: 22
185.207.152.0/24 maxlen: 24
185.207.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 13:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:a6:c7:d6:c3:01:7c:d6:63:45:18:88:6d:79:04:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 24 08:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ae99d8fbac9f7db7fd00dc391be3332af1bcb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d1:04:4e:49:51:45:8a:56:bc:bc:70:f8:53:
67:00:b4:af:98:20:de:31:6d:e7:08:9c:16:33:41:
fe:20:78:d1:30:3c:79:9d:58:30:19:e8:bb:f0:d7:
82:c4:f7:8e:39:5f:a6:26:20:5a:d7:57:7a:c3:ff:
78:67:1d:3f:96:a7:be:5b:63:17:20:73:e5:d1:9e:
a6:5e:12:d1:8e:40:81:90:35:db:a6:e3:8d:3c:3f:
cb:03:88:09:b4:50:91:7a:2c:ca:b7:25:8c:34:10:
ea:69:79:a7:2a:4a:61:6b:54:c6:ed:ce:91:56:93:
5d:45:65:d5:66:2a:72:37:22:e3:0c:1f:4b:14:cf:
31:35:d5:fa:af:dd:07:48:7a:d0:30:8c:1e:99:e8:
d6:c1:c5:28:69:9e:e8:16:e4:01:18:f8:6d:e1:fb:
d5:7c:59:be:fe:00:8d:77:73:7a:df:1a:c9:91:56:
8f:26:78:ff:1f:85:8a:94:6c:e0:ae:9e:19:59:15:
c6:77:5a:29:60:b5:99:09:45:e5:9e:16:75:54:ff:
5c:18:ba:7b:66:69:62:71:2b:56:42:95:28:43:24:
ce:3c:df:a9:8f:87:43:cc:1e:12:14:5a:3a:ec:04:
ca:73:64:b3:fa:0d:c9:32:0c:47:bd:1c:33:11:18:
00:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E9:9D:8F:BA:C9:F7:DB:7F:D0:0D:C3:91:BE:33:32:AF:1B:CB:63
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/Oumdj7rJ99t_0A3Dkb4zMq8by2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.232.0/23
185.207.152.0/22
Signature Algorithm: sha256WithRSAEncryption
37:1f:80:e4:4b:8f:0a:6a:4c:ed:a3:85:0b:ad:09:11:2a:2f:
d8:78:32:81:98:f4:38:d3:ed:1c:7a:e9:82:37:21:2d:7d:23:
3d:12:fb:7a:52:5d:ce:4d:1c:a9:27:35:55:e9:55:df:48:84:
00:14:d9:e5:b1:a6:f2:4e:57:5f:6f:ea:2c:ce:8b:c4:ba:5e:
29:ee:e7:a1:75:09:54:b8:3d:43:c8:81:09:83:4b:a8:e3:34:
0e:7a:d5:4a:98:08:67:15:6a:b5:37:49:d4:ce:e0:5a:86:a7:
aa:7f:f1:35:bf:f6:02:92:89:4f:ac:de:5a:4c:9e:38:4f:f2:
a8:c1:7f:00:66:dd:9b:98:aa:b0:39:95:b4:0e:64:ae:3d:2c:
4e:8b:cb:b6:38:31:0b:ac:b4:d2:af:24:f0:99:62:51:c9:57:
c7:2c:a3:85:da:19:7f:4f:f0:a9:a1:23:16:fb:4b:0b:5e:4f:
94:94:dc:57:72:42:17:80:df:f5:cf:38:bf:ae:28:82:ec:cb:
ac:89:02:a1:7f:49:da:21:b7:b5:46:45:15:5b:90:49:3a:62:
a2:85:35:b5:79:93:68:aa:1d:54:d7:fe:9b:b4:04:6a:ef:b2:
f3:17:8e:ac:81:d2:5b:b4:50:b3:e8:8c:31:5b:b0:54:cf:d8:
c7:b2:94:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK9psfWwwF81mNFGIhteQQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQxMDI0MDgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU5OWQ4ZmJhYzlmN2RiN2ZkMDBkYzM5MWJlMzMzMmFmMWJjYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdEETklRRYpWvLxw+FNnALSvmCDe
MW3nCJwWM0H+IHjRMDx5nVgwGei78NeCxPeOOV+mJiBa11d6w/94Zx0/lqe+W2MX
IHPl0Z6mXhLRjkCBkDXbpuONPD/LA4gJtFCReizKtyWMNBDqaXmnKkpha1TG7c6R
VpNdRWXVZipyNyLjDB9LFM8xNdX6r90HSHrQMIwemejWwcUoaZ7oFuQBGPht4fvV
fFm+/gCNd3N63xrJkVaPJnj/H4WKlGzgrp4ZWRXGd1opYLWZCUXlnhZ1VP9cGLp7
ZmlicStWQpUoQyTOPN+pj4dDzB4SFFo67ATKc2Sz+g3JMgxHvRwzERgA0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDrpnY+6yffbf9ANw5G+MzKvG8tjMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvT3VtZGo3cko5OXRfMEEzRGtiNHpNcThieTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVnoAwQC
uc+YMA0GCSqGSIb3DQEBCwUAA4IBAQA3H4DkS48Kakzto4ULrQkRKi/YeDKBmPQ4
0+0ceumCNyEtfSM9Evt6Ul3OTRypJzVV6VXfSIQAFNnlsabyTldfb+oszovEul4p
7uehdQlUuD1DyIEJg0uo4zQOetVKmAhnFWq1N0nUzuBahqeqf/E1v/YCkolPrN5a
TJ44T/KowX8AZt2bmKqwOZW0DmSuPSxOi8u2ODELrLTSryTwmWJRyVfHLKOF2hl/
T/CpoSMW+0sLXk+UlNxXckIXgN/1zzi/riiC7MusiQKhf0naIbe1RkUVW5BJOmKi
hTW1eZNoqh1U1/6btARq77LzF46sgdJbtFCz6IwxW7BUz9jHspRU
-----END CERTIFICATE-----
Generated at Fri Oct 25 15:59:21 2024 by rpki-client on console-fra.rpki-client.org