Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m3KFpBrsvUHNOIXiVnhwExvzyYU.roa
File: m3KFpBrsvUHNOIXiVnhwExvzyYU.roa (raw, json)
Hash identifier: f0iFv+cZVIQS3+5m7yPpBxJXCyQWtkrR4cUN1Q3FaN8=
Subject key identifier: 9B:72:85:A4:1A:EC:BD:41:CD:38:85:E2:56:78:70:13:1B:F3:C9:85
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 019167851D4BA43012D7218417A05C28885C
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m3KFpBrsvUHNOIXiVnhwExvzyYU.roa
Signing time: Sun 18 Aug 2024 22:04:22 +0000
ROA not before: Sun 18 Aug 2024 22:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.149.94.0/24 maxlen: 24
80.246.230.0/24 maxlen: 24
80.246.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 08:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:67:85:1d:4b:a4:30:12:d7:21:84:17:a0:5c:28:88:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Aug 18 22:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b7285a41aecbd41cd3885e2567870131bf3c985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ca:d4:47:5e:ba:12:98:e4:03:ac:de:3c:f0:
c4:c1:18:c7:1b:fd:fe:64:a3:a4:6d:fe:70:be:8d:
42:6c:21:3f:0e:bd:f1:84:ab:de:be:53:88:64:48:
92:a6:64:4f:03:27:60:37:28:17:00:20:bf:a7:c0:
90:4f:0a:9a:f1:65:3e:dc:28:2c:fa:e7:ce:4d:9d:
b7:1a:ce:a1:54:57:76:85:c7:1d:c3:ce:aa:bb:08:
a4:bb:a4:a6:89:ea:91:36:71:2a:f6:cf:07:df:00:
e2:eb:a6:f7:50:16:58:ec:c1:46:22:96:16:5e:2b:
61:ca:88:7f:ec:80:e8:b6:85:17:ec:99:24:85:4f:
45:20:26:29:32:6b:4d:53:cb:ca:26:01:b0:07:75:
d9:09:d0:69:19:0a:fe:71:4a:e4:32:2c:ba:90:5c:
f6:8d:06:55:72:b8:c2:5c:1a:3a:b3:69:a9:eb:fa:
32:57:bf:07:bc:d4:88:f9:fa:99:3f:0d:4a:23:81:
d1:64:fd:35:05:8e:3b:f9:74:2e:d8:2a:a6:40:88:
70:d0:2e:8d:11:8f:7e:18:ea:9f:12:6c:df:e1:e1:
14:7f:8f:98:a9:aa:dd:b4:88:55:67:84:08:64:5a:
95:30:93:6b:d4:c2:ff:05:d6:36:dd:07:fb:0e:64:
28:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:72:85:A4:1A:EC:BD:41:CD:38:85:E2:56:78:70:13:1B:F3:C9:85
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m3KFpBrsvUHNOIXiVnhwExvzyYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
80.246.230.0/24
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
00:fe:a5:81:d0:d8:e9:e8:7c:99:67:04:aa:c1:96:45:52:1e:
34:3b:7f:50:0d:ad:33:8c:44:b0:39:2b:7a:e9:aa:44:2f:07:
ca:44:c1:05:8a:32:94:2f:7d:77:33:81:ef:f6:fc:8c:29:ce:
7a:87:c1:3f:dc:95:9c:0a:44:f4:ed:e6:ce:d5:40:9f:80:2f:
9b:da:66:a6:f5:ec:88:dc:d4:be:a1:06:d6:34:4f:7d:6c:93:
56:11:2e:fd:e0:df:77:e7:1c:5a:62:aa:6c:fa:19:1c:d5:78:
7a:4c:26:d6:2c:b7:8e:22:4e:c2:26:78:7f:56:1d:2a:27:fc:
ad:66:f9:a8:60:31:7b:b5:dc:f0:95:3f:f3:f4:45:2d:ed:24:
ab:7e:2c:45:76:3b:84:ee:0d:32:a3:2e:2a:25:e6:92:a1:29:
e2:f4:51:e1:a9:67:84:5d:93:2b:4d:3e:77:6b:d0:44:15:a3:
f1:7b:67:1a:0d:57:61:c3:cf:3c:bb:43:d7:01:96:e3:ba:eb:
ef:4a:13:ce:eb:6c:d4:0b:dd:74:06:d1:bc:40:1b:6c:b5:f2:
27:b9:ff:c1:4f:e4:56:7e:e5:59:da:4b:03:ca:42:a7:88:b4:
94:0b:1a:32:95:b1:4e:64:73:60:f4:80:0d:7c:21:1d:5b:a0:
06:83:47:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFnhR1LpDAS1yGEF6BcKIhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjQwODE4MjIwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjcyODVhNDFhZWNiZDQxY2QzODg1ZTI1Njc4NzAxMzFiZjNjOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsrUR166EpjkA6zePPDEwRjHG/3+
ZKOkbf5wvo1CbCE/Dr3xhKvevlOIZEiSpmRPAydgNygXACC/p8CQTwqa8WU+3Cgs
+ufOTZ23Gs6hVFd2hccdw86quwiku6SmieqRNnEq9s8H3wDi66b3UBZY7MFGIpYW
Xithyoh/7IDotoUX7JkkhU9FICYpMmtNU8vKJgGwB3XZCdBpGQr+cUrkMiy6kFz2
jQZVcrjCXBo6s2mp6/oyV78HvNSI+fqZPw1KI4HRZP01BY47+XQu2CqmQIhw0C6N
EY9+GOqfEmzf4eEUf4+YqardtIhVZ4QIZFqVMJNr1ML/BdY23Qf7DmQotQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJtyhaQa7L1BzTiF4lZ4cBMb88mFMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvbTNLRnBCcnN2VUhOT0lYaVZuaHdFeHZ6eVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZVeAwQA
UPbmAwQDUPboMA0GCSqGSIb3DQEBCwUAA4IBAQAA/qWB0Njp6HyZZwSqwZZFUh40
O39QDa0zjESwOSt66apELwfKRMEFijKUL313M4Hv9vyMKc56h8E/3JWcCkT07ebO
1UCfgC+b2mam9eyI3NS+oQbWNE99bJNWES794N935xxaYqps+hkc1Xh6TCbWLLeO
Ik7CJnh/Vh0qJ/ytZvmoYDF7tdzwlT/z9EUt7SSrfixFdjuE7g0yoy4qJeaSoSni
9FHhqWeEXZMrTT53a9BEFaPxe2caDVdhw888u0PXAZbjuuvvShPO62zUC910BtG8
QBtstfInuf/BT+RWfuVZ2ksDykKniLSUCxoylbFOZHNg9IANfCEdW6AGg0cj
-----END CERTIFICATE-----
Generated at Sat Aug 24 10:34:37 2024 by rpki-client on console-ams.rpki-client.org