Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tiUzT_0qzXF_64OEosAJpEs9Gbw.roa
File: tiUzT_0qzXF_64OEosAJpEs9Gbw.roa (raw, json)
Hash identifier: 22Ek3VnPIeKlNCbXdAavDXzYbNpf7GYGpzlXnzU5INU=
Subject key identifier: B6:25:33:4F:FD:2A:CD:71:7F:EB:83:84:A2:C0:09:A4:4B:3D:19:BC
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019241D98B4B8CE9DE4A2F3DBB05CF948F3B
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tiUzT_0qzXF_64OEosAJpEs9Gbw.roa
Signing time: Mon 30 Sep 2024 07:33:48 +0000
ROA not before: Mon 30 Sep 2024 07:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211114
IP address blocks: 45.8.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:41:d9:8b:4b:8c:e9:de:4a:2f:3d:bb:05:cf:94:8f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 30 07:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b625334ffd2acd717feb8384a2c009a44b3d19bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:be:db:4f:49:ed:e2:f3:f7:a0:0e:57:33:9f:
ca:38:cd:38:ce:08:e0:b8:62:7f:a5:5b:81:75:3f:
bb:83:eb:6e:74:eb:9b:94:f7:32:d6:ae:61:05:cc:
65:36:73:47:da:02:c3:80:02:3d:50:5d:39:d5:64:
96:0b:b5:53:2e:1c:37:ec:93:37:92:b8:a8:c2:78:
68:34:b5:57:6f:d1:45:15:ae:1e:12:51:6d:7c:33:
a7:e8:7e:25:6f:94:be:aa:e9:9a:6c:cf:a8:1d:c3:
41:37:64:83:6b:a8:69:44:9c:8f:fc:13:6a:d6:b2:
c3:6d:74:77:1a:ca:2f:a4:00:92:f0:58:b4:f4:12:
c4:c8:e2:42:f4:f1:bf:7b:3d:9f:ce:f7:85:dd:71:
6c:f4:f3:8a:53:5d:b4:a8:27:e0:43:f4:9e:8b:18:
a5:fd:a3:7a:c3:47:0a:ec:f7:f3:76:ce:a1:49:69:
13:2c:d3:7d:cd:5d:cb:35:04:b4:f3:7f:3e:b1:ac:
9c:21:f9:f4:1b:83:4c:94:b2:93:69:f0:b6:9b:f5:
0d:6d:9d:c7:bc:15:51:3d:d7:2d:b3:37:82:6a:97:
03:71:aa:6a:89:d8:02:fa:cc:93:8d:50:17:17:fd:
bf:27:5f:44:7b:f1:cb:a3:a7:6a:23:be:63:3a:15:
15:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:25:33:4F:FD:2A:CD:71:7F:EB:83:84:A2:C0:09:A4:4B:3D:19:BC
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tiUzT_0qzXF_64OEosAJpEs9Gbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.196.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:94:c7:e1:0e:f5:fe:d5:85:0b:14:b5:06:ec:f0:10:29:5a:
b0:6e:31:a3:d4:2d:27:1a:28:92:28:4a:b5:fd:46:24:f9:e3:
c1:d2:39:20:40:d9:26:59:ac:df:fe:51:a3:04:b2:7a:da:5a:
3b:db:76:12:17:68:90:f2:88:96:dd:07:e9:62:3d:81:a1:58:
e0:bb:b2:b8:56:2f:96:0a:48:53:49:d6:0f:88:90:87:c8:4c:
1d:04:a3:76:3d:a5:db:3c:9f:f9:25:36:f8:6b:07:1d:77:25:
89:f2:6a:86:9d:59:82:21:f3:99:80:02:fe:0e:e9:8c:9c:d7:
16:ba:20:e3:d7:b1:5b:1a:37:ed:16:f6:3c:35:71:ea:6e:a5:
9d:44:c3:5d:9d:e6:e8:6b:bd:04:67:b8:81:07:55:5e:15:f2:
ff:8a:62:80:f5:df:5c:8d:5e:c6:35:d9:6b:57:9d:b8:78:e6:
75:e0:ec:f1:67:80:66:02:9d:6b:59:39:95:03:1b:cc:b9:8d:
99:cf:c6:56:c0:d3:6e:ba:13:ec:44:d7:44:cb:09:f4:64:c6:
5e:ef:93:49:24:e1:59:45:5f:3f:37:6e:4b:7e:e1:0b:e7:96:
74:0e:d5:67:71:74:6a:16:19:70:2a:b7:65:11:eb:63:4f:b4:
81:7c:88:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJB2YtLjOneSi89uwXPlI87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwOTMwMDczMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI1MzM0ZmZkMmFjZDcxN2ZlYjgzODRhMmMwMDlhNDRiM2QxOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzr7bT0nt4vP3oA5XM5/KOM04zgjg
uGJ/pVuBdT+7g+tudOublPcy1q5hBcxlNnNH2gLDgAI9UF051WSWC7VTLhw37JM3
kriownhoNLVXb9FFFa4eElFtfDOn6H4lb5S+qumabM+oHcNBN2SDa6hpRJyP/BNq
1rLDbXR3GsovpACS8Fi09BLEyOJC9PG/ez2fzveF3XFs9POKU120qCfgQ/Seixil
/aN6w0cK7Pfzds6hSWkTLNN9zV3LNQS0838+saycIfn0G4NMlLKTafC2m/UNbZ3H
vBVRPdctszeCapcDcapqidgC+syTjVAXF/2/J19Ee/HLo6dqI75jOhUVEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYlM0/9Ks1xf+uDhKLACaRLPRm8MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdGlVelRfMHF6WEZfNjRPRW9zQUpwRXM5R2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjEMA0G
CSqGSIb3DQEBCwUAA4IBAQCylMfhDvX+1YULFLUG7PAQKVqwbjGj1C0nGiiSKEq1
/UYk+ePB0jkgQNkmWazf/lGjBLJ62lo723YSF2iQ8oiW3QfpYj2BoVjgu7K4Vi+W
CkhTSdYPiJCHyEwdBKN2PaXbPJ/5JTb4awcddyWJ8mqGnVmCIfOZgAL+DumMnNcW
uiDj17FbGjftFvY8NXHqbqWdRMNdneboa70EZ7iBB1VeFfL/imKA9d9cjV7GNdlr
V524eOZ14OzxZ4BmAp1rWTmVAxvMuY2Zz8ZWwNNuuhPsRNdEywn0ZMZe75NJJOFZ
RV8/N25LfuEL55Z0DtVncXRqFhlwKrdlEetjT7SBfIh2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:04 2025 by rpki-client