Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/n1T8W9iRb1-6hC2FVbYhpH6KyRc.roa
File: n1T8W9iRb1-6hC2FVbYhpH6KyRc.roa (raw, json)
Hash identifier: Pu1F9Xzkx5ngCzgCXQGS4TbZD24VKNE0jUzPOd936TY=
Subject key identifier: 9F:54:FC:5B:D8:91:6F:5F:BA:84:2D:85:55:B6:21:A4:7E:8A:C9:17
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018F9BD2F44927EEBF2ED4DB658389219B9D
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/n1T8W9iRb1-6hC2FVbYhpH6KyRc.roa
Signing time: Tue 21 May 2024 15:44:04 +0000
ROA not before: Tue 21 May 2024 15:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 45.13.179.0/24 maxlen: 24
80.91.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jun 2024 05:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:d2:f4:49:27:ee:bf:2e:d4:db:65:83:89:21:9b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: May 21 15:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f54fc5bd8916f5fba842d8555b621a47e8ac917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b3:84:0a:0b:dd:c0:ac:9b:da:ea:20:56:c1:
55:8e:b3:e8:30:e0:6a:7d:5f:e5:ca:a9:11:9a:c8:
ce:66:ee:7b:f7:ce:b1:ce:46:38:d5:5f:5e:09:7f:
69:a8:69:21:31:df:e5:70:19:de:be:8b:d7:ed:fe:
0f:5a:82:5a:d3:e1:49:f9:e3:49:d1:9b:44:a7:f2:
e8:76:ae:65:27:bf:ad:19:17:da:53:53:45:dd:ea:
08:a9:ca:4c:05:77:d0:69:4b:85:ca:6c:4f:ca:7d:
51:82:cc:8f:ef:58:14:10:73:4d:db:0a:8f:51:ad:
e1:99:08:a1:c7:3c:95:ec:80:cc:99:65:17:36:a5:
60:65:11:e3:36:78:63:de:1e:a2:6b:08:6d:6c:67:
0d:13:9a:cf:61:7f:96:35:f4:c7:b4:fd:0a:a6:e4:
e1:6a:a4:28:af:4d:39:d2:93:5e:58:f6:47:46:d7:
e6:cb:47:c7:c6:ce:a3:62:59:29:6e:57:2a:29:e9:
4e:41:03:ea:7f:82:30:bb:d9:b5:ff:5d:96:3c:53:
02:98:8e:57:23:23:90:b3:ab:a8:bf:a4:f1:1a:ef:
d6:4d:4f:30:6a:ef:42:7d:d7:84:73:47:74:82:ba:
22:79:06:00:68:ad:24:d2:f7:2e:13:c5:32:53:2d:
a8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:54:FC:5B:D8:91:6F:5F:BA:84:2D:85:55:B6:21:A4:7E:8A:C9:17
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/n1T8W9iRb1-6hC2FVbYhpH6KyRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.179.0/24
80.91.221.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ac:4d:42:cb:fc:4e:28:99:6c:10:0a:b2:e6:ed:1d:23:5c:
6f:48:6c:9a:0b:48:d4:1e:8e:77:6e:c5:e9:c4:fa:1b:37:1c:
02:e4:0f:25:59:74:af:0c:d1:21:52:f5:76:2a:d9:bd:bd:a0:
26:05:e2:3f:97:7d:45:b6:02:11:1f:ec:4d:dc:c0:03:7b:5b:
84:9d:13:27:0b:bd:84:17:f2:5b:df:90:ce:71:9d:6a:5d:d6:
99:15:c0:45:1b:60:4c:56:b4:88:a1:79:4e:26:69:e5:f7:b8:
b0:1f:19:85:3a:46:bf:67:20:a8:65:4b:96:47:af:b4:f1:3b:
0f:72:38:6c:bd:46:89:79:9f:3c:ab:cc:4e:ec:6a:27:2e:2d:
8f:11:f5:e4:6d:41:d1:27:3b:dd:43:44:95:bf:42:12:c4:f4:
79:ac:96:36:ac:af:cf:2a:b1:54:9c:a9:ba:e1:b8:a3:24:67:
fd:6c:08:2c:4b:3d:df:9d:8d:46:dd:cc:13:97:47:79:6a:ae:
62:6c:7b:0f:90:9d:5f:58:22:2a:9f:d1:b4:dd:7c:bd:be:66:
8f:8e:16:58:4b:f1:5a:e2:2b:0a:b7:f5:93:f5:ff:62:3c:5f:
2d:d8:55:cc:1d:2d:21:0a:4a:af:27:12:14:ff:c8:23:b7:98:
42:96:cb:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+b0vRJJ+6/LtTbZYOJIZudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNTIxMTU0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU0ZmM1YmQ4OTE2ZjVmYmE4NDJkODU1NWI2MjFhNDdlOGFjOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bOECgvdwKyb2uogVsFVjrPoMOBq
fV/lyqkRmsjOZu57986xzkY41V9eCX9pqGkhMd/lcBnevovX7f4PWoJa0+FJ+eNJ
0ZtEp/Lodq5lJ7+tGRfaU1NF3eoIqcpMBXfQaUuFymxPyn1RgsyP71gUEHNN2wqP
Ua3hmQihxzyV7IDMmWUXNqVgZRHjNnhj3h6iawhtbGcNE5rPYX+WNfTHtP0KpuTh
aqQor0050pNeWPZHRtfmy0fHxs6jYlkpblcqKelOQQPqf4Iwu9m1/12WPFMCmI5X
IyOQs6uov6TxGu/WTU8wau9CfdeEc0d0groieQYAaK0k0vcuE8UyUy2oqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ9U/FvYkW9fuoQthVW2IaR+iskXMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvbjFUOFc5aVJiMS02aEMyRlZiWWhwSDZLeVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ2zAwQA
UFvdMA0GCSqGSIb3DQEBCwUAA4IBAQBIrE1Cy/xOKJlsEAqy5u0dI1xvSGyaC0jU
Ho53bsXpxPobNxwC5A8lWXSvDNEhUvV2Ktm9vaAmBeI/l31FtgIRH+xN3MADe1uE
nRMnC72EF/Jb35DOcZ1qXdaZFcBFG2BMVrSIoXlOJmnl97iwHxmFOka/ZyCoZUuW
R6+08TsPcjhsvUaJeZ88q8xO7GonLi2PEfXkbUHRJzvdQ0SVv0ISxPR5rJY2rK/P
KrFUnKm64bijJGf9bAgsSz3fnY1G3cwTl0d5aq5ibHsPkJ1fWCIqn9G03Xy9vmaP
jhZYS/Fa4isKt/WT9f9iPF8t2FXMHS0hCkqvJxIU/8gjt5hClssN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:04 2025 by rpki-client