Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/9-WL0LydUNgTY-xoKqRoSruR6Ws.roa
File: 9-WL0LydUNgTY-xoKqRoSruR6Ws.roa (raw, json)
Hash identifier: pDIGdS186UI+/SwlEwD5uKWNWTlOmE1N1vMYIgGPLOk=
Subject key identifier: F7:E5:8B:D0:BC:9D:50:D8:13:63:EC:68:2A:A4:68:4A:BB:91:E9:6B
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018B84B917FD08E6D792B6A8D03B257E9D73
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/9-WL0LydUNgTY-xoKqRoSruR6Ws.roa
Signing time: Tue 31 Oct 2023 07:53:24 +0000
ROA not before: Tue 31 Oct 2023 07:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
31.193.240.0/22 maxlen: 24
45.84.114.0/23 maxlen: 24
31.193.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Dec 2023 08:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:b9:17:fd:08:e6:d7:92:b6:a8:d0:3b:25:7e:9d:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Oct 31 07:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7e58bd0bc9d50d81363ec682aa4684abb91e96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:d9:91:8a:57:8e:d1:ce:31:99:0d:5f:f9:
2a:a4:0f:d1:8a:ae:7e:51:30:26:e9:64:7f:dc:86:
37:2e:ea:31:72:69:bf:15:0d:f7:8d:4e:02:9e:56:
ce:91:fa:1a:7d:68:c4:c5:d8:6f:8a:4b:d5:57:57:
d5:03:26:4b:a4:75:c6:ed:be:fd:37:d1:46:b3:74:
4a:e9:b4:d0:c4:b8:a2:0e:61:19:48:a7:3d:75:02:
49:8c:e8:9f:89:b8:0c:01:74:be:8e:85:19:92:f8:
62:81:51:29:fc:42:3f:3a:18:09:6d:c7:9d:13:05:
2c:42:95:e6:d8:ec:5a:b1:42:66:6b:2d:eb:88:ef:
88:7d:7b:44:12:4e:8a:ed:b0:06:f2:81:e2:a7:5f:
e8:92:50:99:3e:62:11:1f:51:a8:79:e1:a5:8e:6a:
98:0f:8b:b4:9a:a8:68:94:fe:9c:1e:4e:d6:ba:e5:
8b:e3:be:61:76:e9:58:f0:2d:8b:ee:8f:0c:18:4f:
f8:69:73:b6:d6:c4:2f:03:34:4c:a5:14:d2:3b:42:
fd:a3:73:cd:9e:19:8e:49:34:5d:23:6b:48:2a:89:
97:50:74:35:d8:6f:cf:5d:2c:a5:e2:49:e0:68:7e:
47:ad:ac:9b:cf:f4:5b:80:7c:9a:a5:c2:5c:83:87:
b9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E5:8B:D0:BC:9D:50:D8:13:63:EC:68:2A:A4:68:4A:BB:91:E9:6B
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/9-WL0LydUNgTY-xoKqRoSruR6Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
45.84.112.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:17:a5:76:c3:cd:12:dd:db:31:d8:37:31:b7:e6:fe:0d:69:
f6:3c:32:fd:5d:ac:3d:ae:af:a6:ff:59:f0:7a:53:1f:5b:91:
ea:49:59:a4:5e:f1:41:30:2c:c5:f6:32:4e:d8:86:de:fb:2d:
fa:dd:5a:27:ef:2b:5f:50:46:6f:52:f0:91:a9:62:a5:08:b4:
5a:22:ca:96:86:e7:8f:9a:16:48:63:da:0a:ba:ba:10:ae:44:
84:93:de:fb:43:c7:90:53:9f:f2:e7:44:80:16:22:0a:1e:8a:
d9:9e:a4:a7:6d:20:aa:96:29:f3:b9:21:cd:b0:5d:1c:63:d8:
4c:7f:42:18:03:54:1f:3a:df:99:62:65:2e:0b:16:dd:98:a2:
54:b6:01:9f:6d:39:d1:ff:f1:31:b7:93:89:59:16:60:f3:b6:
2f:6f:61:e6:9b:aa:be:ba:f8:4a:88:a0:8f:37:d1:4b:0c:25:
65:89:2e:c7:8e:83:74:9c:f3:eb:6c:3f:71:72:fe:61:72:6c:
95:59:54:9f:01:a8:9a:15:08:24:82:c3:63:a2:98:bc:95:0a:
f1:90:44:e0:e5:45:90:c6:3d:31:df:ba:ef:57:98:83:cd:8e:
01:b5:67:4e:7d:b9:0c:2a:db:29:b1:01:25:2f:4e:86:d5:fd:
d0:ea:8b:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuEuRf9CObXkrao0Dslfp1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjMxMDMxMDc1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2U1OGJkMGJjOWQ1MGQ4MTM2M2VjNjgyYWE0Njg0YWJiOTFlOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlovZkYpXjtHOMZkNX/kqpA/Riq5+
UTAm6WR/3IY3Luoxcmm/FQ33jU4CnlbOkfoafWjExdhvikvVV1fVAyZLpHXG7b79
N9FGs3RK6bTQxLiiDmEZSKc9dQJJjOifibgMAXS+joUZkvhigVEp/EI/OhgJbced
EwUsQpXm2OxasUJmay3riO+IfXtEEk6K7bAG8oHip1/oklCZPmIRH1GoeeGljmqY
D4u0mqholP6cHk7WuuWL475hdulY8C2L7o8MGE/4aXO21sQvAzRMpRTSO0L9o3PN
nhmOSTRdI2tIKomXUHQ12G/PXSyl4kngaH5Hraybz/RbgHyapcJcg4e5IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPfli9C8nVDYE2PsaCqkaEq7kelrMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvOS1XTDBMeWRVTmdUWS14b0txUm9TcnVSNldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH8HwAwQC
LVRwMA0GCSqGSIb3DQEBCwUAA4IBAQBMF6V2w80S3dsx2Dcxt+b+DWn2PDL9Xaw9
rq+m/1nwelMfW5HqSVmkXvFBMCzF9jJO2Ibe+y363Von7ytfUEZvUvCRqWKlCLRa
IsqWhuePmhZIY9oKuroQrkSEk977Q8eQU5/y50SAFiIKHorZnqSnbSCqlinzuSHN
sF0cY9hMf0IYA1QfOt+ZYmUuCxbdmKJUtgGfbTnR//Ext5OJWRZg87Yvb2Hmm6q+
uvhKiKCPN9FLDCVliS7HjoN0nPPrbD9xcv5hcmyVWVSfAaiaFQgkgsNjopi8lQrx
kETg5UWQxj0x37rvV5iDzY4BtWdOfbkMKtspsQElL06G1f3Q6osU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org