Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1he1Cc_QiLd01n-2nGNiFWV8IaU.roa
File: 1he1Cc_QiLd01n-2nGNiFWV8IaU.roa (raw, json)
Hash identifier: EZIqkrjtUJ2+uTvX/m60yBocsvxsKcI92nwUmmNGaq0=
Subject key identifier: D6:17:B5:09:CF:D0:88:B7:74:D6:7F:B6:9C:63:62:15:65:7C:21:A5
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0191BC253C66E64C79E78878236E90957888
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1he1Cc_QiLd01n-2nGNiFWV8IaU.roa
Signing time: Wed 04 Sep 2024 08:27:22 +0000
ROA not before: Wed 04 Sep 2024 08:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.10.40.0/22 maxlen: 24
88.218.168.0/22 maxlen: 24
93.183.80.0/22 maxlen: 24
185.197.75.0/24 maxlen: 24
193.188.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 13:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:25:3c:66:e6:4c:79:e7:88:78:23:6e:90:95:78:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Sep 4 08:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d617b509cfd088b774d67fb69c636215657c21a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5c:05:cf:fc:1c:b4:bd:28:b4:42:c4:73:c1:
57:67:88:34:4a:c1:3a:fb:51:d3:28:8c:89:ee:99:
df:ce:11:e2:70:5d:f6:be:1c:8b:c6:c6:82:54:29:
23:a3:fd:0a:3a:2f:48:46:ff:fc:9b:42:f5:ac:a7:
74:17:ec:40:4a:9d:64:05:4d:1d:00:1d:cd:f0:2e:
de:74:9b:13:fa:e7:56:84:49:8e:b2:3b:ac:32:ff:
ed:e7:88:be:1f:5b:e8:49:d4:6d:73:5c:19:96:6d:
65:16:a3:a6:1b:4a:3e:99:d2:a4:a0:b2:f5:7c:bf:
a7:2e:4b:0f:e9:8c:b9:ea:09:53:78:ff:0f:7b:72:
87:9a:64:93:b1:49:18:74:6a:44:84:0a:a2:e7:95:
9b:95:71:c4:55:96:58:e6:8a:68:db:7f:1d:98:32:
dc:ea:7b:01:6c:f5:c3:e8:94:a4:97:6e:fc:79:08:
6f:4c:79:88:11:05:c3:71:d0:c0:5a:74:6a:d6:1b:
b2:91:c7:10:16:db:2e:99:bc:3e:01:be:75:51:7c:
60:c4:22:d4:e4:72:90:7f:2f:75:be:3b:3a:55:e4:
64:bb:f4:44:71:1b:da:1b:cb:0c:20:27:51:b9:8c:
b3:a1:a1:6b:2f:f7:b3:cc:d3:9d:fb:39:e4:7b:5b:
91:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:B5:09:CF:D0:88:B7:74:D6:7F:B6:9C:63:62:15:65:7C:21:A5
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/1he1Cc_QiLd01n-2nGNiFWV8IaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.40.0/22
88.218.168.0/22
93.183.80.0/22
185.197.75.0/24
193.188.23.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:51:1c:15:5d:58:9c:df:60:5c:3e:42:03:36:ea:df:84:6f:
07:c7:f9:5a:44:05:23:3b:dc:ac:fd:da:ff:ce:cd:b1:27:35:
41:0e:19:01:19:71:55:1a:a6:77:34:3b:ec:85:44:12:82:4c:
9b:40:84:e9:5c:e5:8d:9b:f1:cd:22:3d:fa:c9:bf:ee:75:ef:
0e:a2:82:4b:c0:51:54:29:bb:67:c1:f9:bd:03:20:4d:d8:f4:
d7:f2:25:13:f8:b0:4b:27:8c:d7:e6:ab:5f:92:6c:be:5a:ad:
e9:bd:06:eb:6b:21:8f:70:f9:58:e4:d9:45:41:65:07:d9:3e:
63:4c:73:3b:a4:e1:a9:19:12:70:f9:5c:eb:39:89:02:07:57:
e2:3f:fa:e8:25:ed:bd:f8:2b:2b:b2:84:33:96:5f:f2:b8:86:
30:39:55:1c:11:b3:5b:e4:96:b0:dc:6e:e5:4a:3b:d7:18:26:
65:e7:02:e0:c0:e5:5a:87:0c:72:86:f1:ed:8d:b6:02:1f:5a:
14:e9:0a:47:ab:2d:dc:30:ec:f7:b1:f7:66:8a:43:e3:6c:1d:
f7:46:f9:7f:95:9d:84:a0:53:f9:3f:48:b7:c4:c3:e5:a7:30:
f7:fb:fc:f9:66:22:b1:d6:4c:f3:ce:66:a1:e0:47:be:e5:a3:
c9:ba:c2:5f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZG8JTxm5kx554h4I26QlXiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwOTA0MDgyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3YjUwOWNmZDA4OGI3NzRkNjdmYjY5YzYzNjIxNTY1N2MyMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlwFz/wctL0otELEc8FXZ4g0SsE6
+1HTKIyJ7pnfzhHicF32vhyLxsaCVCkjo/0KOi9IRv/8m0L1rKd0F+xASp1kBU0d
AB3N8C7edJsT+udWhEmOsjusMv/t54i+H1voSdRtc1wZlm1lFqOmG0o+mdKkoLL1
fL+nLksP6Yy56glTeP8Pe3KHmmSTsUkYdGpEhAqi55WblXHEVZZY5opo238dmDLc
6nsBbPXD6JSkl278eQhvTHmIEQXDcdDAWnRq1huykccQFtsumbw+Ab51UXxgxCLU
5HKQfy91vjs6VeRku/REcRvaG8sMICdRuYyzoaFrL/ezzNOd+znke1uRUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNYXtQnP0Ii3dNZ/tpxjYhVlfCGlMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvMWhlMUNjX1FpTGQwMW4tMm5HTmlGV1Y4SWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLQooAwQC
WNqoAwQCXbdQAwQAucVLAwQAwbwXMA0GCSqGSIb3DQEBCwUAA4IBAQCLURwVXVic
32BcPkIDNurfhG8Hx/laRAUjO9ys/dr/zs2xJzVBDhkBGXFVGqZ3NDvshUQSgkyb
QITpXOWNm/HNIj36yb/ude8OooJLwFFUKbtnwfm9AyBN2PTX8iUT+LBLJ4zX5qtf
kmy+Wq3pvQbrayGPcPlY5NlFQWUH2T5jTHM7pOGpGRJw+VzrOYkCB1fiP/roJe29
+CsrsoQzll/yuIYwOVUcEbNb5Jaw3G7lSjvXGCZl5wLgwOVahwxyhvHtjbYCH1oU
6QpHqy3cMOz3sfdmikPjbB33Rvl/lZ2EoFP5P0i3xMPlpzD3+/z5ZiKx1kzzzmah
4Ee+5aPJusJf
-----END CERTIFICATE-----
Generated at Fri Sep 6 17:07:50 2024 by rpki-client on console-fra.rpki-client.org