Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/cruBmDmiJcYX0T252QIV4bLPx8Y.roa
File: cruBmDmiJcYX0T252QIV4bLPx8Y.roa (raw, json)
Hash identifier: pYnCZ1Gk/oIGB0A8/Jp/II/V9lobWmByEWteQUig15U=
Subject key identifier: 72:BB:81:98:39:A2:25:C6:17:D1:3D:B9:D9:02:15:E1:B2:CF:C7:C6
Certificate issuer: /CN=0f4d50f390cf945c6fa5b900905b4d517ebb091a
Certificate serial: 0191ECD774F94DA775ED6A9602B0FD91B826
Authority key identifier: 0F:4D:50:F3:90:CF:94:5C:6F:A5:B9:00:90:5B:4D:51:7E:BB:09:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D01Q85DPlFxvpbkAkFtNUX67CRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/cruBmDmiJcYX0T252QIV4bLPx8Y.roa
Signing time: Fri 13 Sep 2024 19:23:48 +0000
ROA not before: Fri 13 Sep 2024 19:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199723
IP address blocks: 45.157.12.0/22 maxlen: 24
185.41.128.0/22 maxlen: 24
185.252.180.0/22 maxlen: 24
193.160.33.0/24 maxlen: 24
2a01:59a0::/29 maxlen: 48
2a05:8580::/29 maxlen: 48
2a0f:3880::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ec:d7:74:f9:4d:a7:75:ed:6a:96:02:b0:fd:91:b8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f4d50f390cf945c6fa5b900905b4d517ebb091a
Validity
Not Before: Sep 13 19:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72bb819839a225c617d13db9d90215e1b2cfc7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:10:19:8e:d3:b4:eb:22:11:a2:8d:62:3f:8a:
80:1c:10:7c:38:aa:f0:51:44:b0:69:84:48:e4:ed:
e5:a1:5e:1d:af:d6:c9:d4:dc:f2:3e:1e:c5:72:56:
57:f8:9f:6f:1f:38:d5:15:96:8c:86:22:7c:55:14:
b8:25:d7:5f:14:d0:33:9a:a7:94:52:ac:f2:da:28:
e6:6a:17:26:92:ae:c5:03:30:42:48:3c:d2:c0:15:
d3:cf:77:96:47:99:48:5b:07:b5:64:0f:78:36:52:
05:b8:e4:b9:be:54:16:fc:df:9f:f9:fc:75:a1:4f:
05:59:99:52:95:bc:7e:60:cb:e0:8c:c2:3f:cc:5f:
57:12:bf:85:a4:48:32:f5:1a:3c:a0:fe:14:26:80:
4c:d6:8a:55:b1:b8:5b:c4:c3:04:1a:8a:5a:9e:0b:
ea:f6:03:72:c2:ec:f6:86:46:53:5f:b1:10:cc:d0:
53:27:ee:60:f5:02:0f:1f:71:e6:5b:e1:a2:22:bb:
56:29:23:7c:39:55:06:40:3d:33:df:cc:e4:c2:46:
69:04:5f:3b:cc:3e:43:49:73:93:86:a2:2b:8d:42:
f1:8e:88:a2:cf:6f:83:9a:c1:18:c5:83:db:04:d7:
56:95:23:c8:77:dd:9b:57:79:2d:9a:86:3a:a9:4c:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BB:81:98:39:A2:25:C6:17:D1:3D:B9:D9:02:15:E1:B2:CF:C7:C6
X509v3 Authority Key Identifier:
keyid:0F:4D:50:F3:90:CF:94:5C:6F:A5:B9:00:90:5B:4D:51:7E:BB:09:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D01Q85DPlFxvpbkAkFtNUX67CRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/cruBmDmiJcYX0T252QIV4bLPx8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/D01Q85DPlFxvpbkAkFtNUX67CRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.12.0/22
185.41.128.0/22
185.252.180.0/22
193.160.33.0/24
IPv6:
2a01:59a0::/29
2a05:8580::/29
2a0f:3880::/29
Signature Algorithm: sha256WithRSAEncryption
41:d5:bd:c6:94:7a:e2:16:e6:bc:74:be:e4:5d:c0:66:67:3f:
ac:e9:e1:b6:c1:32:7f:b3:10:ba:b1:59:8a:d0:93:17:ea:57:
e9:52:08:e0:9f:50:76:e8:8a:af:3e:a5:b2:da:db:fe:b1:34:
cf:ba:60:28:bd:b3:3c:f4:90:ff:e6:74:53:2e:75:2e:ca:90:
c7:4d:67:44:8a:66:a3:be:03:22:b1:4f:e5:d0:f6:1f:67:7f:
49:72:51:13:87:aa:b6:8a:d7:fc:e3:80:a2:13:a9:fc:28:1c:
f0:0b:8b:49:ac:c2:4e:5d:64:e0:b4:35:4d:4f:53:48:91:4c:
5e:0d:8e:4d:4a:59:31:88:c7:64:af:dd:0b:b0:8e:41:7d:23:
34:73:42:d2:75:e4:0c:ea:5c:0c:9d:9f:5d:8e:e7:29:a4:d0:
e0:07:c4:24:96:ab:23:fa:45:11:16:f1:de:e0:b4:56:bb:3f:
79:32:06:82:24:de:e5:a2:ec:ff:44:d6:ab:34:9a:93:ae:7e:
3b:b9:b2:5f:eb:d9:c5:71:37:f0:2e:9e:0f:0b:ba:18:2a:b8:
64:f9:4c:67:74:69:c6:51:9b:63:29:0c:fe:a0:2c:a7:8a:fb:
44:3d:0d:18:59:8c:18:09:ad:23:30:35:1f:0c:f1:e1:0e:98:
fe:8b:09:da
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZHs13T5Tad17WqWArD9kbgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNGQ1MGYzOTBjZjk0NWM2ZmE1YjkwMDkwNWI0ZDUxN2Vi
YjA5MWEwHhcNMjQwOTEzMTkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmJiODE5ODM5YTIyNWM2MTdkMTNkYjlkOTAyMTVlMWIyY2ZjN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRAZjtO06yIRoo1iP4qAHBB8OKrw
UUSwaYRI5O3loV4dr9bJ1NzyPh7FclZX+J9vHzjVFZaMhiJ8VRS4JddfFNAzmqeU
Uqzy2ijmahcmkq7FAzBCSDzSwBXTz3eWR5lIWwe1ZA94NlIFuOS5vlQW/N+f+fx1
oU8FWZlSlbx+YMvgjMI/zF9XEr+FpEgy9Ro8oP4UJoBM1opVsbhbxMMEGopangvq
9gNywuz2hkZTX7EQzNBTJ+5g9QIPH3HmW+GiIrtWKSN8OVUGQD0z38zkwkZpBF87
zD5DSXOThqIrjULxjoiiz2+DmsEYxYPbBNdWlSPId92bV3ktmoY6qUzMvwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHK7gZg5oiXGF9E9udkCFeGyz8fGMB8GA1UdIwQY
MBaAFA9NUPOQz5Rcb6W5AJBbTVF+uwkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDAxUTg1RFBsRnh2cGJrQWtGdE5VWDY3Q1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zMmQ0OWMtZmJiOS00NjY0LTlhYjgt
ZjJiZGMyMjc1YjZlLzEvY3J1Qm1EbWlKY1lYMFQyNTJRSVY0YkxQeDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zMmQ0OWMtZmJiOS00NjY0LTlhYjgtZjJiZGMyMjc1YjZl
LzEvRDAxUTg1RFBsRnh2cGJrQWtGdE5VWDY3Q1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLZ0MAwQC
uSmAAwQCufy0AwQAwaAhMBsEAgACMBUDBQMqAVmgAwUDKgWFgAMFAyoPOIAwDQYJ
KoZIhvcNAQELBQADggEBAEHVvcaUeuIW5rx0vuRdwGZnP6zp4bbBMn+zELqxWYrQ
kxfqV+lSCOCfUHboiq8+pbLa2/6xNM+6YCi9szz0kP/mdFMudS7KkMdNZ0SKZqO+
AyKxT+XQ9h9nf0lyUROHqraK1/zjgKITqfwoHPALi0mswk5dZOC0NU1PU0iRTF4N
jk1KWTGIx2Sv3QuwjkF9IzRzQtJ15AzqXAydn12O5ymk0OAHxCSWqyP6RREW8d7g
tFa7P3kyBoIk3uWi7P9E1qs0mpOufju5sl/r2cVxN/Aung8LuhgquGT5TGd0acZR
m2MpDP6gLKeK+0Q9DRhZjBgJrSMwNR8M8eEOmP6LCdo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:13 2025 by rpki-client