Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/o_VUPvm2jpAUAT_maz2oP3K-_YY.roa
File: o_VUPvm2jpAUAT_maz2oP3K-_YY.roa (raw, json)
Hash identifier: mU3b1WhdITm86N9F7QMwqBt6nYThUsE0RE9Rgsp/E14=
Subject key identifier: A3:F5:54:3E:F9:B6:8E:90:14:01:3F:E6:6B:3D:A8:3F:72:BE:FD:86
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018D5EB9515682C30422EDA1B1384B10A001
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/o_VUPvm2jpAUAT_maz2oP3K-_YY.roa
Signing time: Wed 31 Jan 2024 08:53:39 +0000
ROA not before: Wed 31 Jan 2024 08:53:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 45.91.4.0/24 maxlen: 24
45.139.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:b9:51:56:82:c3:04:22:ed:a1:b1:38:4b:10:a0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 31 08:53:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f5543ef9b68e9014013fe66b3da83f72befd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:70:48:99:41:d7:13:7c:9b:9e:fc:43:38:
ec:db:86:62:45:53:0c:59:b7:fe:ee:ee:e1:56:2c:
cd:8f:d3:b5:39:50:44:fb:ae:c9:e6:6a:fb:f6:53:
7f:3c:d2:1b:d0:4a:c1:4e:17:6e:a8:ba:29:22:b9:
68:08:f0:03:02:f7:c1:15:04:a6:4c:3b:26:ce:84:
4e:c7:db:f1:27:e3:2d:8f:61:5f:fe:ef:9e:9a:17:
b3:38:61:9d:3e:1c:54:14:c5:09:08:44:2c:96:b4:
6d:09:1a:d8:35:09:68:03:c0:18:33:35:77:ed:92:
6e:19:ba:c9:f5:42:59:a6:88:48:42:a5:76:a6:c3:
2d:87:54:6d:94:d3:83:0b:84:f5:48:19:5e:b1:cc:
32:96:db:f6:ee:d1:3b:1e:e0:73:19:2e:2b:10:de:
30:ef:e9:f6:b9:97:30:00:80:c1:61:97:94:05:8c:
e8:68:39:30:77:eb:7b:ce:6e:5f:dc:9a:89:f2:b0:
c2:62:7e:db:c7:a7:6a:84:2a:3f:cf:a7:ec:e6:2c:
cc:4e:e2:69:b7:29:44:7a:fc:86:f1:3c:a9:9e:28:
6e:93:fc:5a:39:62:1b:c6:35:d0:47:b4:ef:30:c5:
9b:fe:e3:5a:f7:6f:1b:9d:17:22:f2:91:cc:a4:10:
1f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F5:54:3E:F9:B6:8E:90:14:01:3F:E6:6B:3D:A8:3F:72:BE:FD:86
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/o_VUPvm2jpAUAT_maz2oP3K-_YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.4.0/24
45.139.70.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6e:44:c2:e9:11:06:b2:8f:61:b1:33:26:1c:62:15:cc:01:
28:45:2a:cb:ec:8e:0d:0b:55:69:98:27:d1:a0:f3:45:f9:0e:
b3:03:52:86:23:8d:4d:3f:8e:aa:94:f6:7a:2f:70:98:1d:bb:
e4:af:75:3d:5d:87:30:4f:57:bc:5f:16:82:5d:bc:23:cf:bf:
f7:f7:27:d0:2f:cd:97:bb:a9:bc:37:f0:12:17:b5:72:77:33:
36:59:f1:dd:1f:ed:fc:bb:f3:f9:84:b5:4e:14:7d:b5:9b:a9:
34:95:d4:ec:a5:75:e0:3d:65:2e:35:cc:ce:4f:9d:a0:97:a1:
ad:42:12:5f:4c:4c:fe:6f:06:ff:a8:38:79:51:81:be:1d:c3:
1a:f5:4b:0a:52:57:d9:06:35:f7:50:72:b3:3f:57:c8:67:ba:
c5:31:8b:dd:6d:f7:a2:bb:3f:72:d2:77:05:a9:b4:4f:12:76:
cb:3e:9a:91:e5:d7:af:64:a2:b2:30:77:fc:25:9b:a4:49:eb:
38:f3:a6:d8:38:85:5c:2a:a6:55:e4:d6:c1:b3:4b:31:81:60:
fb:99:eb:c2:65:0c:90:67:dd:d6:37:16:17:0d:14:5e:50:dd:
0c:65:f5:5e:fd:32:d9:9e:05:25:2d:4c:f2:a1:f2:d8:db:91:
47:92:f2:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1euVFWgsMEIu2hsThLEKABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMTMxMDg1MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y1NTQzZWY5YjY4ZTkwMTQwMTNmZTY2YjNkYTgzZjcyYmVmZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXlwSJlB1xN8m578Qzjs24ZiRVMM
Wbf+7u7hVizNj9O1OVBE+67J5mr79lN/PNIb0ErBThduqLopIrloCPADAvfBFQSm
TDsmzoROx9vxJ+Mtj2Ff/u+emhezOGGdPhxUFMUJCEQslrRtCRrYNQloA8AYMzV3
7ZJuGbrJ9UJZpohIQqV2psMth1RtlNODC4T1SBlescwyltv27tE7HuBzGS4rEN4w
7+n2uZcwAIDBYZeUBYzoaDkwd+t7zm5f3JqJ8rDCYn7bx6dqhCo/z6fs5izMTuJp
tylEevyG8Typnihuk/xaOWIbxjXQR7TvMMWb/uNa928bnRci8pHMpBAfewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKP1VD75to6QFAE/5ms9qD9yvv2GMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvb19WVVB2bTJqcEFVQVRfbWF6Mm9QM0stX1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVsEAwQA
LYtGMA0GCSqGSIb3DQEBCwUAA4IBAQCMbkTC6REGso9hsTMmHGIVzAEoRSrL7I4N
C1VpmCfRoPNF+Q6zA1KGI41NP46qlPZ6L3CYHbvkr3U9XYcwT1e8XxaCXbwjz7/3
9yfQL82Xu6m8N/ASF7VydzM2WfHdH+38u/P5hLVOFH21m6k0ldTspXXgPWUuNczO
T52gl6GtQhJfTEz+bwb/qDh5UYG+HcMa9UsKUlfZBjX3UHKzP1fIZ7rFMYvdbfei
uz9y0ncFqbRPEnbLPpqR5devZKKyMHf8JZukSes486bYOIVcKqZV5NbBs0sxgWD7
mevCZQyQZ93WNxYXDRReUN0MZfVe/TLZngUlLUzyofLY25FHkvLo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:00 2025 by rpki-client