Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/ERfjjQZa1_TARuEaFskNfberSYk.roa
File: ERfjjQZa1_TARuEaFskNfberSYk.roa (raw, json)
Hash identifier: 0DYlIgYx5UnJsNizcrLGL9knZgR18DpuotKAboTF+Mc=
Subject key identifier: 11:17:E3:8D:06:5A:D7:F4:C0:46:E1:1A:16:C9:0D:7D:B7:AB:49:89
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018A4BC2410444B097948A01E5D5A5BB4DCD
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/ERfjjQZa1_TARuEaFskNfberSYk.roa
Signing time: Thu 31 Aug 2023 13:22:16 +0000
ROA not before: Thu 31 Aug 2023 13:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
31.193.240.0/22 maxlen: 24
45.84.114.0/23 maxlen: 24
31.193.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Sep 2023 11:32:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:c2:41:04:44:b0:97:94:8a:01:e5:d5:a5:bb:4d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Aug 31 13:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1117e38d065ad7f4c046e11a16c90d7db7ab4989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:55:02:06:5b:bf:ce:5e:67:79:28:81:31:
aa:78:de:42:3f:44:93:9f:33:43:ac:68:1e:8e:3b:
a5:2d:10:38:08:e9:9a:0d:65:cf:c4:1f:4f:a2:51:
ea:be:8f:8b:fc:08:a0:f0:75:e0:ac:b1:75:73:98:
db:b9:24:49:29:cd:c6:e8:7d:5a:0a:06:03:73:9d:
50:42:00:55:c1:4d:b0:b9:da:4b:3f:32:b4:a7:c6:
08:69:82:7a:0c:8f:07:19:4c:72:8e:e2:b9:d8:c1:
bf:34:8f:f3:55:76:c6:a7:0d:4c:94:f9:51:3b:6f:
03:e2:8a:1a:ae:21:e6:8b:5b:de:29:ba:27:71:8f:
ab:8a:d9:13:80:e5:ac:b5:81:a5:21:8c:1b:90:03:
b4:2c:68:61:d3:9f:5c:ed:a7:0e:30:8c:4d:46:d0:
41:4e:33:32:66:c3:eb:15:dc:6e:b3:ae:5b:f5:d5:
3b:8a:81:48:c1:65:b1:61:d3:51:08:2c:3e:ee:cf:
d1:38:00:09:63:89:ff:37:cd:41:b5:6a:16:a5:22:
a3:8f:83:63:61:31:0d:ea:86:41:53:0f:ab:91:65:
af:14:3a:c8:c8:26:b8:0e:0d:d9:ca:84:55:85:ad:
b0:84:42:70:d0:f4:43:90:56:43:2a:2f:dc:92:28:
8f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:17:E3:8D:06:5A:D7:F4:C0:46:E1:1A:16:C9:0D:7D:B7:AB:49:89
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/ERfjjQZa1_TARuEaFskNfberSYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
45.84.112.0/22
Signature Algorithm: sha256WithRSAEncryption
01:f7:22:20:b7:fa:80:1a:2e:43:c1:32:bc:c9:41:b0:3b:c2:
2e:1f:bf:a2:75:2d:f9:34:c9:2e:8a:65:f8:75:05:ef:fc:00:
0b:a1:c6:2b:1f:6a:ae:c8:e3:b5:f3:d4:ea:48:f7:e8:15:d1:
73:0c:c4:02:0e:ff:f4:cc:fe:01:6b:14:68:05:1e:10:99:e1:
6e:3a:6c:f8:6f:69:e2:00:a0:3b:ed:18:2a:7b:e1:96:6b:70:
4e:0d:50:25:59:59:8b:58:09:05:84:22:04:b6:20:3f:7d:f4:
5b:0b:c0:6b:68:96:1a:a3:bf:ba:ea:d9:c7:b9:37:19:22:6b:
d9:c2:3e:00:7c:55:16:7e:7b:6b:0b:08:e1:92:30:e2:4b:4f:
ef:a3:2b:59:3f:5b:8c:2b:9f:d1:8e:5a:91:ce:53:df:19:93:
ae:d3:09:1c:fa:be:2b:9d:6a:36:1f:cd:8f:42:8f:9d:4a:f9:
5d:ca:6e:37:d1:24:cf:ba:aa:66:31:31:37:2f:61:88:6e:a1:
0b:68:49:8d:59:fe:3d:5e:ab:c1:a1:e8:a4:3f:18:18:68:59:
f7:cb:de:83:ad:93:da:1c:24:35:35:45:38:63:99:4f:99:62:
f1:c3:60:f8:47:b2:e2:b9:8e:33:15:95:68:fc:6b:8c:70:55:
5e:14:60:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpLwkEERLCXlIoB5dWlu03NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjMwODMxMTMyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTE3ZTM4ZDA2NWFkN2Y0YzA0NmUxMWExNmM5MGQ3ZGI3YWI0OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfJVAgZbv85eZ3kogTGqeN5CP0ST
nzNDrGgejjulLRA4COmaDWXPxB9PolHqvo+L/Aig8HXgrLF1c5jbuSRJKc3G6H1a
CgYDc51QQgBVwU2wudpLPzK0p8YIaYJ6DI8HGUxyjuK52MG/NI/zVXbGpw1MlPlR
O28D4ooariHmi1veKboncY+ritkTgOWstYGlIYwbkAO0LGhh059c7acOMIxNRtBB
TjMyZsPrFdxus65b9dU7ioFIwWWxYdNRCCw+7s/ROAAJY4n/N81BtWoWpSKjj4Nj
YTEN6oZBUw+rkWWvFDrIyCa4Dg3ZyoRVha2whEJw0PRDkFZDKi/ckiiPlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBEX440GWtf0wEbhGhbJDX23q0mJMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvRVJmampRWmExX1RBUnVFYUZza05mYmVyU1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH8HwAwQC
LVRwMA0GCSqGSIb3DQEBCwUAA4IBAQAB9yIgt/qAGi5DwTK8yUGwO8IuH7+idS35
NMkuimX4dQXv/AALocYrH2quyOO189TqSPfoFdFzDMQCDv/0zP4BaxRoBR4QmeFu
Omz4b2niAKA77Rgqe+GWa3BODVAlWVmLWAkFhCIEtiA/ffRbC8BraJYao7+66tnH
uTcZImvZwj4AfFUWfntrCwjhkjDiS0/voytZP1uMK5/RjlqRzlPfGZOu0wkc+r4r
nWo2H82PQo+dSvldym430STPuqpmMTE3L2GIbqELaEmNWf49XqvBoeikPxgYaFn3
y96DrZPaHCQ1NUU4Y5lPmWLxw2D4R7LiuY4zFZVo/GuMcFVeFGDt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org