Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/RUrdxdczpTRFrwDDEhWVUAe6PkI.roa
File: RUrdxdczpTRFrwDDEhWVUAe6PkI.roa (raw, json)
Hash identifier: ZNFaWlLbwFKOxdMokPFqCHM/MY5UpjjwAzFylVUa/j4=
Subject key identifier: 45:4A:DD:C5:D7:33:A5:34:45:AF:00:C3:12:15:95:50:07:BA:3E:42
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0192666ACF48F0C868E58263A42DF2F05045
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/RUrdxdczpTRFrwDDEhWVUAe6PkI.roa
Signing time: Mon 07 Oct 2024 09:58:48 +0000
ROA not before: Mon 07 Oct 2024 09:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50436
IP address blocks: 92.206.8.0/21 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.254.0/23 maxlen: 24
217.68.167.0/24 maxlen: 24
2a02:2455:9000::/36 maxlen: 40
Validation: Failed, certificate revoked on Wed 16 Oct 2024 07:52:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:6a:cf:48:f0:c8:68:e5:82:63:a4:2d:f2:f0:50:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Oct 7 09:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=454addc5d733a53445af00c31215955007ba3e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:df:f5:c8:6e:4f:23:2e:ff:fb:fe:a5:0c:ae:
6e:8d:42:02:f5:d1:8d:f5:eb:83:0b:cd:79:7e:86:
34:09:4b:c9:05:18:25:f2:50:8b:70:8f:22:5c:37:
41:cb:6a:5b:de:09:a6:08:2a:10:ef:6a:80:84:64:
62:ca:82:7a:c7:14:1c:70:6c:51:5b:33:db:2a:04:
54:86:4d:35:93:9f:44:a9:a1:21:32:8c:d7:3c:e9:
49:b9:1b:10:ed:9a:0a:f6:c8:fa:f2:60:d3:c0:c2:
3f:ba:a0:a9:e0:c7:78:ff:88:15:e2:15:c4:ce:28:
ba:da:20:13:13:d4:f9:ae:3a:e0:c3:df:3f:88:34:
86:a0:b4:22:a0:b5:54:3b:df:8c:38:0d:75:96:a0:
f0:d5:8b:3d:31:f6:3f:b4:87:9d:43:51:32:e2:12:
d2:27:4f:6f:71:60:3f:e0:5b:00:c7:88:8b:5c:e9:
f1:32:7f:ca:26:1d:e6:a5:61:96:f8:72:21:ca:cc:
3f:e8:96:b2:35:b7:f0:df:29:08:1d:14:f9:a5:12:
52:b2:f8:92:bc:0f:97:06:6e:0b:c2:9b:e6:c9:29:
bc:34:3a:89:5f:f4:46:7b:d4:23:0b:9d:40:5b:12:
da:d2:60:d5:76:3c:be:5a:bf:f2:e6:4d:55:9f:df:
20:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4A:DD:C5:D7:33:A5:34:45:AF:00:C3:12:15:95:50:07:BA:3E:42
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/RUrdxdczpTRFrwDDEhWVUAe6PkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.206.8.0/21
92.206.32.0/19
92.206.209.0/24
92.206.254.0/23
217.68.167.0/24
IPv6:
2a02:2455:9000::/36
Signature Algorithm: sha256WithRSAEncryption
51:3b:df:5f:27:4f:0b:ba:8f:59:41:dc:a1:f6:54:9d:03:bd:
2d:ce:a3:e2:0c:78:0d:b1:a6:de:dd:a2:01:6c:d7:f2:8b:e4:
c9:74:84:68:b6:51:6d:ea:a4:a8:88:bb:5e:d4:2a:dc:2e:b6:
f1:f1:59:dc:e8:97:99:ad:65:79:b8:0a:a0:af:a5:07:da:1c:
38:63:65:60:40:ad:fc:c0:76:c9:5b:44:58:80:42:5c:b0:d3:
10:11:2c:21:a2:dd:65:32:ac:47:d6:ff:c4:39:a0:20:4d:73:
ba:12:27:a4:f3:2b:4c:d8:06:77:81:78:34:b2:46:b0:ba:e7:
57:de:42:e7:81:fe:75:95:27:80:48:8a:01:a9:b8:ee:a6:bb:
89:9c:42:4c:d8:ea:65:ac:8d:40:8c:1b:cc:80:ce:d2:7c:74:
85:f1:57:a8:b2:17:f8:f5:e5:d9:bb:e6:a7:ff:b7:be:8a:96:
bd:83:bd:cb:34:c8:01:52:86:43:3d:da:01:75:69:95:02:a6:
16:5f:0d:01:a4:19:b8:2e:db:5e:9b:7a:ca:0a:21:a4:dc:e6:
ea:30:74:49:82:5b:45:eb:c9:66:6d:d0:a1:35:bf:fd:05:f0:
c4:28:b0:17:d2:97:3d:07:5e:08:27:e8:38:ee:96:22:3c:13:
5f:45:61:0f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZJmas9I8Mho5YJjpC3y8FBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQxMDA3MDk1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRhZGRjNWQ3MzNhNTM0NDVhZjAwYzMxMjE1OTU1MDA3YmEzZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N/1yG5PIy7/+/6lDK5ujUIC9dGN
9euDC815foY0CUvJBRgl8lCLcI8iXDdBy2pb3gmmCCoQ72qAhGRiyoJ6xxQccGxR
WzPbKgRUhk01k59EqaEhMozXPOlJuRsQ7ZoK9sj68mDTwMI/uqCp4Md4/4gV4hXE
zii62iATE9T5rjrgw98/iDSGoLQioLVUO9+MOA11lqDw1Ys9MfY/tIedQ1Ey4hLS
J09vcWA/4FsAx4iLXOnxMn/KJh3mpWGW+HIhysw/6JayNbfw3ykIHRT5pRJSsviS
vA+XBm4LwpvmySm8NDqJX/RGe9QjC51AWxLa0mDVdjy+Wr/y5k1Vn98gAQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEVK3cXXM6U0Ra8AwxIVlVAHuj5CMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvUlVyZHhkY3pwVFJGcndEREVoV1ZVQWU2UGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQDXM4IAwQF
XM4gAwQAXM7RAwQBXM7+AwQA2USnMA4EAgACMAgDBgQqAiRVkDANBgkqhkiG9w0B
AQsFAAOCAQEAUTvfXydPC7qPWUHcofZUnQO9Lc6j4gx4DbGm3t2iAWzX8ovkyXSE
aLZRbeqkqIi7XtQq3C628fFZ3OiXma1lebgKoK+lB9ocOGNlYECt/MB2yVtEWIBC
XLDTEBEsIaLdZTKsR9b/xDmgIE1zuhInpPMrTNgGd4F4NLJGsLrnV95C54H+dZUn
gEiKAam47qa7iZxCTNjqZayNQIwbzIDO0nx0hfFXqLIX+PXl2bvmp/+3voqWvYO9
yzTIAVKGQz3aAXVplQKmFl8NAaQZuC7bXpt6ygohpNzm6jB0SYJbRevJZm3QoTW/
/QXwxCiwF9KXPQdeCCfoOO6WIjwTX0VhDw==
-----END CERTIFICATE-----
Generated at Wed Oct 16 10:45:14 2024 by rpki-client on console-ams.rpki-client.org