Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/u0RyfXIH82vDOCNTR2Rds5MDqQI.roa
File: u0RyfXIH82vDOCNTR2Rds5MDqQI.roa (raw, json)
Hash identifier: yne2lvb6GQP53y1s1YzjvCDEejBC9R8yGmby3IbAJEE=
Subject key identifier: BB:44:72:7D:72:07:F3:6B:C3:38:23:53:47:64:5D:B3:93:03:A9:02
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0190DA8C314FCF0DFC28FBB89033C3791A22
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/u0RyfXIH82vDOCNTR2Rds5MDqQI.roa
Signing time: Mon 22 Jul 2024 13:05:39 +0000
ROA not before: Mon 22 Jul 2024 13:05:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216234
IP address blocks: 45.9.74.0/24 maxlen: 24
193.109.85.0/24 maxlen: 24
194.67.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 11:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:8c:31:4f:cf:0d:fc:28:fb:b8:90:33:c3:79:1a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 22 13:05:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb44727d7207f36bc338235347645db39303a902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:83:5f:ab:d3:91:b2:df:5b:c3:24:22:6d:bd:
c9:28:66:2b:fe:bb:d7:3e:62:22:6c:60:ab:f7:51:
01:2a:67:4c:61:a1:bd:1d:21:a3:8c:d2:27:fc:db:
a6:90:69:99:ae:11:d2:06:03:0e:b8:21:a3:e6:ed:
49:9b:f7:fd:10:0a:24:36:1a:5b:b8:a6:9d:a1:e9:
e8:65:c4:b6:f9:09:da:8f:04:74:a2:cf:2f:5a:60:
cf:47:cc:70:76:37:5b:fe:ee:d3:0d:dc:70:ad:ac:
fb:1b:67:0a:5f:6a:a4:f1:68:b9:e5:fa:f1:08:96:
10:c9:d0:80:a7:fe:95:66:c0:1d:ac:26:3f:22:08:
7c:99:63:cb:9a:08:c4:5e:a6:66:88:1a:8d:a8:ec:
2d:9a:66:a4:1e:c2:98:a6:e2:67:33:5e:d0:74:ce:
a1:83:e9:a3:a4:8b:bc:be:23:61:e1:60:58:9a:5a:
bb:49:85:b3:a1:28:af:68:12:57:ba:31:ee:27:2d:
2e:15:d0:c5:61:4e:6b:e4:fb:8f:b8:6c:a4:be:e0:
91:39:05:d8:56:ff:9a:70:e2:0a:5d:6a:60:8e:81:
ce:92:91:12:54:9b:bf:e6:39:41:b1:6a:06:30:1d:
dd:83:0e:81:31:d1:9d:08:27:08:31:c7:78:4c:3e:
59:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:44:72:7D:72:07:F3:6B:C3:38:23:53:47:64:5D:B3:93:03:A9:02
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/u0RyfXIH82vDOCNTR2Rds5MDqQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.74.0/24
193.109.85.0/24
194.67.193.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2e:7b:19:f8:72:0f:e8:98:c5:6e:36:2a:ad:ef:d8:fe:52:
60:3d:7d:09:df:b2:5b:b1:2c:76:61:2e:bc:1e:33:33:12:5e:
b9:61:7d:e6:75:e3:03:89:26:e1:aa:28:b8:7e:1f:78:f1:25:
57:ac:69:ab:b1:f9:f2:8e:51:43:c7:9a:2f:a7:50:d4:af:e6:
ed:76:b0:c6:5a:5a:67:5a:ed:2a:e7:97:7a:b2:0e:a7:fd:9a:
d7:65:f7:e0:d3:03:e9:a1:1b:bf:70:d8:04:9c:3d:df:9f:8b:
5d:be:85:a5:a6:8b:1d:39:38:7c:2e:ae:dc:e9:ad:1c:e0:4b:
ee:7a:4f:32:ed:6b:22:07:db:50:2e:fb:6a:19:f9:81:78:8c:
9f:74:34:cb:04:09:f0:99:13:fa:21:ee:70:ec:1c:b9:3c:f8:
d4:46:65:90:23:03:84:35:7c:c3:f7:87:51:fe:bc:77:39:09:
32:41:e2:a9:9d:87:b5:2e:77:71:9e:15:09:6d:d2:c6:4b:d9:
ed:49:23:46:9a:66:8b:41:c0:06:88:f2:2b:65:de:aa:34:2b:
08:e7:e3:15:5f:3e:a0:65:43:f9:6f:c1:66:58:c5:1d:c7:00:
e9:49:6b:8c:d6:a5:f5:77:a1:2a:42:49:61:f7:92:57:73:4b:
6a:2f:51:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDajDFPzw38KPu4kDPDeRoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNzIyMTMwNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ0NzI3ZDcyMDdmMzZiYzMzODIzNTM0NzY0NWRiMzkzMDNhOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYNfq9ORst9bwyQibb3JKGYr/rvX
PmIibGCr91EBKmdMYaG9HSGjjNIn/NumkGmZrhHSBgMOuCGj5u1Jm/f9EAokNhpb
uKadoenoZcS2+QnajwR0os8vWmDPR8xwdjdb/u7TDdxwraz7G2cKX2qk8Wi55frx
CJYQydCAp/6VZsAdrCY/Igh8mWPLmgjEXqZmiBqNqOwtmmakHsKYpuJnM17QdM6h
g+mjpIu8viNh4WBYmlq7SYWzoSivaBJXujHuJy0uFdDFYU5r5PuPuGykvuCROQXY
Vv+acOIKXWpgjoHOkpESVJu/5jlBsWoGMB3dgw6BMdGdCCcIMcd4TD5ZSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLtEcn1yB/NrwzgjU0dkXbOTA6kCMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdTBSeWZYSUg4MnZET0NOVFIyUmRzNU1EcVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQlKAwQA
wW1VAwQAwkPBMA0GCSqGSIb3DQEBCwUAA4IBAQCYLnsZ+HIP6JjFbjYqre/Y/lJg
PX0J37JbsSx2YS68HjMzEl65YX3mdeMDiSbhqii4fh948SVXrGmrsfnyjlFDx5ov
p1DUr+btdrDGWlpnWu0q55d6sg6n/ZrXZffg0wPpoRu/cNgEnD3fn4tdvoWlposd
OTh8Lq7c6a0c4Evuek8y7WsiB9tQLvtqGfmBeIyfdDTLBAnwmRP6Ie5w7By5PPjU
RmWQIwOENXzD94dR/rx3OQkyQeKpnYe1LndxnhUJbdLGS9ntSSNGmmaLQcAGiPIr
Zd6qNCsI5+MVXz6gZUP5b8FmWMUdxwDpSWuM1qX1d6EqQklh95JXc0tqL1HF
-----END CERTIFICATE-----
Generated at Mon Oct 7 16:59:06 2024 by rpki-client on console-fra.rpki-client.org