Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/0U0TIqXNC5jkeI-Uqkvd1O9pA1c.roa
File: 0U0TIqXNC5jkeI-Uqkvd1O9pA1c.roa (raw, json)
Hash identifier: m0AF+25IbzBNw+g8brAPbzEV+gV77pYjrdoVl90N0eU=
Subject key identifier: D1:4D:13:22:A5:CD:0B:98:E4:78:8F:94:AA:4B:DD:D4:EF:69:03:57
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 0190978E761AFBBFC883DF8623D29DB66FAE
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/0U0TIqXNC5jkeI-Uqkvd1O9pA1c.roa
Signing time: Tue 09 Jul 2024 12:53:34 +0000
ROA not before: Tue 09 Jul 2024 12:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198682
IP address blocks: 45.88.140.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.220.72.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
2a00:1f10::/32 maxlen: 32
2a0b:f1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:8e:76:1a:fb:bf:c8:83:df:86:23:d2:9d:b6:6f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jul 9 12:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14d1322a5cd0b98e4788f94aa4bddd4ef690357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:43:79:d9:b5:bd:44:fe:97:a7:10:7b:35:1e:
6d:bb:ec:7e:38:a9:f2:e8:a8:3c:ed:99:8f:af:37:
2d:6d:87:64:06:64:c0:57:9d:8b:a6:cd:da:1e:0e:
2c:71:5f:e5:5d:a9:1d:ed:2a:65:39:97:8b:dc:28:
93:7c:4e:e6:f7:4d:71:6d:1f:ea:ff:da:c0:08:25:
50:1b:01:e9:e5:d3:39:25:b1:1a:80:5a:d6:b3:31:
d2:fd:1f:20:b7:58:7e:7d:82:79:f1:d2:4a:c5:25:
ee:1b:67:7b:97:c8:a8:7c:d7:6d:2c:b7:4e:25:56:
38:d8:95:1d:70:68:c8:e1:37:80:eb:7d:ad:d4:a6:
e2:dd:b1:51:15:d8:7b:33:33:86:23:a4:87:19:31:
96:35:63:aa:3a:86:54:81:91:7a:22:7b:67:5c:3e:
b9:44:e3:62:13:6f:ab:bb:20:02:59:4c:e4:c8:4a:
d7:10:c3:28:21:10:d6:f8:05:92:b6:de:38:57:2c:
0f:ca:25:ae:ab:7a:f9:4d:19:e1:f0:30:9a:00:ca:
cd:17:81:ac:9f:e5:39:c6:d8:ac:d2:20:4d:f3:63:
26:be:ac:93:ea:e1:cd:bc:bb:d5:e9:d3:fe:e9:2e:
08:d8:d0:8f:f8:9f:a5:24:91:f1:3b:f3:04:a3:7d:
f6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4D:13:22:A5:CD:0B:98:E4:78:8F:94:AA:4B:DD:D4:EF:69:03:57
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/0U0TIqXNC5jkeI-Uqkvd1O9pA1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.140.0/22
109.71.136.0/21
109.205.0.0/21
185.220.72.0/22
185.230.96.0/22
193.176.64.0/22
IPv6:
2a00:1f10::/32
2a0b:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
46:84:ee:ca:b3:8b:1d:bc:c1:e5:61:81:5b:96:ab:0b:a8:88:
80:d6:00:e1:fd:6f:36:ba:dd:aa:bb:65:b2:cd:a0:9f:73:0f:
17:58:65:dd:f6:ad:e8:81:20:a0:17:ba:0b:0b:93:a0:8e:7f:
06:11:f3:2e:96:c9:14:7f:26:4d:ef:b4:5a:b7:fd:59:e7:6e:
1e:ba:67:ea:36:7d:5a:b4:e7:a4:62:c2:67:5a:c1:5d:37:66:
06:0e:96:a3:6a:3a:7e:de:64:82:39:4c:74:b8:c9:13:24:15:
d2:98:a9:f3:c2:a4:85:b3:42:54:f5:7d:74:ff:31:74:c9:da:
af:a0:e9:60:fd:c1:7b:6e:27:76:ff:d5:a1:d9:31:03:34:f6:
c8:f6:bd:6d:35:9d:4e:e0:d5:78:96:e0:39:b2:35:39:43:c9:
ed:59:f0:62:8b:51:68:c6:43:fa:b4:1f:a8:2d:47:28:0e:a6:
ae:ec:d4:4c:6c:9a:17:46:78:75:9b:18:18:d6:f2:05:dd:f3:
b8:60:68:82:15:b6:1d:96:3a:20:a7:d7:b4:0c:70:24:27:e7:
e2:c0:e2:24:07:9d:47:c0:e6:9c:d1:0e:50:62:3f:65:a4:92:
f0:8f:35:ff:3e:78:84:c9:41:17:f6:1c:22:12:0b:17:e0:4e:
3e:a0:d6:ad
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZCXjnYa+7/Ig9+GI9Kdtm+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNzA5MTI1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRkMTMyMmE1Y2QwYjk4ZTQ3ODhmOTRhYTRiZGRkNGVmNjkwMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30N52bW9RP6XpxB7NR5tu+x+OKny
6Kg87ZmPrzctbYdkBmTAV52Lps3aHg4scV/lXakd7SplOZeL3CiTfE7m901xbR/q
/9rACCVQGwHp5dM5JbEagFrWszHS/R8gt1h+fYJ58dJKxSXuG2d7l8iofNdtLLdO
JVY42JUdcGjI4TeA632t1Kbi3bFRFdh7MzOGI6SHGTGWNWOqOoZUgZF6IntnXD65
RONiE2+ruyACWUzkyErXEMMoIRDW+AWStt44VywPyiWuq3r5TRnh8DCaAMrNF4Gs
n+U5xtis0iBN82MmvqyT6uHNvLvV6dP+6S4I2NCP+J+lJJHxO/MEo332UQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNFNEyKlzQuY5HiPlKpL3dTvaQNXMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvMFUwVElxWE5DNWprZUktVXFrdmQxTzlwQTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLViMAwQD
bUeIAwQDbc0AAwQCudxIAwQCueZgAwQCwbBAMBQEAgACMA4DBQAqAB8QAwUAKgvx
wDANBgkqhkiG9w0BAQsFAAOCAQEARoTuyrOLHbzB5WGBW5arC6iIgNYA4f1vNrrd
qrtlss2gn3MPF1hl3fat6IEgoBe6CwuToI5/BhHzLpbJFH8mTe+0Wrf9WeduHrpn
6jZ9WrTnpGLCZ1rBXTdmBg6Wo2o6ft5kgjlMdLjJEyQV0pip88KkhbNCVPV9dP8x
dMnar6DpYP3Be24ndv/VodkxAzT2yPa9bTWdTuDVeJbgObI1OUPJ7VnwYotRaMZD
+rQfqC1HKA6mruzUTGyaF0Z4dZsYGNbyBd3zuGBoghW2HZY6IKfXtAxwJCfn4sDi
JAedR8DmnNEOUGI/ZaSS8I81/z54hMlBF/YcIhILF+BOPqDWrQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:50 2025 by rpki-client