Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/1-d5nOwtsxqFuAI13hctPNqcnZf8.roa
File: 1-d5nOwtsxqFuAI13hctPNqcnZf8.roa (raw, json)
Hash identifier: 2TKAE+7ooufH7Im+JNRvow3eI8zUc0ekj1prhFg/FYA=
Subject key identifier: F9:DE:67:3B:0B:6C:C6:A1:6E:00:8D:77:85:CB:4F:36:A7:27:65:FF
Certificate issuer: /CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Certificate serial: 019319D7EDB5ABB03F26C261DF1FD1A5C244
Authority key identifier: 96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/1-d5nOwtsxqFuAI13hctPNqcnZf8.roa
Signing time: Mon 11 Nov 2024 06:10:01 +0000
ROA not before: Mon 11 Nov 2024 06:10:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205638
IP address blocks: 45.137.112.0/23 maxlen: 23
45.137.112.0/24 maxlen: 24
45.137.113.0/24 maxlen: 24
45.137.115.0/24 maxlen: 24
193.143.64.0/24 maxlen: 24
212.233.84.0/23 maxlen: 23
212.233.84.0/24 maxlen: 24
212.233.85.0/24 maxlen: 24
212.233.86.0/23 maxlen: 23
212.233.86.0/24 maxlen: 24
212.233.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Nov 2024 08:11:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:19:d7:ed:b5:ab:b0:3f:26:c2:61:df:1f:d1:a5:c2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96ff45e6de48bfc0397dacad83a84831db7952d1
Validity
Not Before: Nov 11 06:10:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9de673b0b6cc6a16e008d7785cb4f36a72765ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4c:be:7d:b3:4a:a4:53:56:58:d4:1c:99:40:
aa:72:6f:38:1b:a0:f7:cf:bf:f6:b6:f9:f4:ae:65:
3f:ae:42:a0:d9:e0:6a:cc:9e:0b:59:0e:20:eb:bf:
fc:ce:42:42:22:8f:31:f2:91:e0:15:1b:92:3e:6e:
c9:4c:97:38:01:4b:19:e9:d4:d4:72:8b:90:96:19:
c5:d5:21:0d:55:01:3e:6d:56:52:43:a4:0b:d2:54:
22:44:e1:43:2e:f9:3b:1a:6c:f7:c3:c5:bc:89:16:
d8:80:54:1a:e7:92:8e:42:71:75:c5:27:45:0e:47:
93:ab:63:88:e4:88:a8:83:a2:fb:fd:80:e3:0d:e9:
bf:3e:ca:04:1c:dd:27:89:dc:db:50:45:7a:85:cf:
ae:1e:ce:d8:cf:18:aa:97:1c:c8:0a:fa:d6:c6:9c:
be:8b:0d:1a:eb:61:bc:40:ad:5b:62:54:33:fd:1a:
85:cb:6b:af:53:0e:20:79:5f:82:67:09:bd:84:d2:
d2:bf:07:4f:4a:c5:c7:d3:10:51:99:b4:ba:5b:96:
91:55:80:fc:95:ce:a6:4c:3a:61:52:67:86:44:8c:
47:d3:1b:a2:58:e4:d3:22:54:50:de:fb:a4:3b:90:
66:7b:6f:6a:38:a8:4f:d9:ef:6a:20:9a:3d:62:48:
a7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DE:67:3B:0B:6C:C6:A1:6E:00:8D:77:85:CB:4F:36:A7:27:65:FF
X509v3 Authority Key Identifier:
keyid:96:FF:45:E6:DE:48:BF:C0:39:7D:AC:AD:83:A8:48:31:DB:79:52:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lv9F5t5Iv8A5faytg6hIMdt5UtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/1-d5nOwtsxqFuAI13hctPNqcnZf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/6c7b28-f2ce-445f-8f90-0f5d3797a325/1/lv9F5t5Iv8A5faytg6hIMdt5UtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.112.0/23
45.137.115.0/24
193.143.64.0/24
212.233.84.0/22
Signature Algorithm: sha256WithRSAEncryption
d9:8d:e8:66:55:80:de:b4:a5:eb:08:fa:0f:b5:a2:84:ff:a9:
0a:3e:bc:f0:21:4d:a5:8b:58:98:45:e2:40:a1:33:ed:88:c0:
71:22:4b:7f:0e:14:1c:63:41:ac:ad:bb:0b:f9:fc:11:0e:69:
6b:80:9a:e4:9c:ac:0b:01:c2:e6:80:2a:d0:54:d2:9e:04:f5:
82:bd:75:b0:ae:1d:b5:91:5c:6b:2b:bb:dd:c0:17:8a:7f:06:
71:4a:8d:76:b7:c9:83:07:02:27:81:62:3d:9b:e8:fd:f1:2a:
c1:42:b3:d7:d5:4f:8d:d9:22:9e:3c:c5:81:d7:0a:57:26:97:
43:8e:96:6e:b5:95:f2:7b:06:01:10:9f:6d:56:86:31:5a:c6:
8c:06:01:2d:27:2d:6d:c8:a9:48:7a:81:6a:a2:d8:41:90:ef:
80:b6:0c:ba:ad:6c:45:56:a0:bf:10:90:ae:38:bf:45:f6:5a:
b2:89:ab:74:79:80:36:91:c3:ea:3e:3e:20:d8:90:9d:b3:2b:
e7:59:a9:d4:92:21:ae:c2:e0:71:6b:c0:4c:1a:e6:15:b7:00:
bb:b6:26:0f:60:0e:4e:28:69:c7:be:25:c2:86:05:7d:59:6d:
6c:4c:ae:54:96:45:15:d0:84:79:42:40:0a:20:be:9d:26:09:
26:04:5f:47
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZMZ1+21q7A/JsJh3x/RpcJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZmY0NWU2ZGU0OGJmYzAzOTdkYWNhZDgzYTg0ODMxZGI3
OTUyZDEwHhcNMjQxMTExMDYxMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRlNjczYjBiNmNjNmExNmUwMDhkNzc4NWNiNGYzNmE3Mjc2NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ey+fbNKpFNWWNQcmUCqcm84G6D3
z7/2tvn0rmU/rkKg2eBqzJ4LWQ4g67/8zkJCIo8x8pHgFRuSPm7JTJc4AUsZ6dTU
couQlhnF1SENVQE+bVZSQ6QL0lQiROFDLvk7Gmz3w8W8iRbYgFQa55KOQnF1xSdF
DkeTq2OI5Iiog6L7/YDjDem/PsoEHN0nidzbUEV6hc+uHs7YzxiqlxzICvrWxpy+
iw0a62G8QK1bYlQz/RqFy2uvUw4geV+CZwm9hNLSvwdPSsXH0xBRmbS6W5aRVYD8
lc6mTDphUmeGRIxH0xuiWOTTIlRQ3vukO5Bme29qOKhP2e9qIJo9YkinfQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPneZzsLbMahbgCNd4XLTzanJ2X/MB8GA1UdIwQY
MBaAFJb/RebeSL/AOX2srYOoSDHbeVLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHY5RjV0NUl2OEE1ZmF5dGc2aElNZHQ1VXRFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82YzdiMjgtZjJjZS00NDVmLThmOTAt
MGY1ZDM3OTdhMzI1LzEvMS1kNW5Pd3RzeHFGdUFJMTNoY3RQTnFjblpmOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmEvNmM3YjI4LWYyY2UtNDQ1Zi04ZjkwLTBmNWQzNzk3YTMy
NS8xL2x2OUY1dDVJdjhBNWZheXRnNmhJTWR0NVV0RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAS2JcAME
AC2JcwMEAMGPQAMEAtTpVDANBgkqhkiG9w0BAQsFAAOCAQEA2Y3oZlWA3rSl6wj6
D7WihP+pCj688CFNpYtYmEXiQKEz7YjAcSJLfw4UHGNBrK27C/n8EQ5pa4Ca5Jys
CwHC5oAq0FTSngT1gr11sK4dtZFcayu73cAXin8GcUqNdrfJgwcCJ4FiPZvo/fEq
wUKz19VPjdkinjzFgdcKVyaXQ46WbrWV8nsGARCfbVaGMVrGjAYBLSctbcipSHqB
aqLYQZDvgLYMuq1sRVagvxCQrji/RfZasomrdHmANpHD6j4+INiQnbMr51mp1JIh
rsLgcWvATBrmFbcAu7YmD2AOTihpx74lwoYFfVltbEyuVJZFFdCEeUJACiC+nSYJ
JgRfRw==
-----END CERTIFICATE-----
Generated at Tue Nov 19 09:21:15 2024 by rpki-client on console-fra.rpki-client.org