Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Cr2DzoQelxaxUAgjwvJ19aEHk0o.roa
File: Cr2DzoQelxaxUAgjwvJ19aEHk0o.roa (raw, json)
Hash identifier: IriGsjMGCV3naWh5yJS09YW4Ts3/FOq2/G+zx5Q4qLo=
Subject key identifier: 0A:BD:83:CE:84:1E:97:16:B1:50:08:23:C2:F2:75:F5:A1:07:93:4A
Certificate issuer: /CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Certificate serial: 019294FB05E253BD4A8390A6CA947F54372F
Authority key identifier: 7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Cr2DzoQelxaxUAgjwvJ19aEHk0o.roa
Signing time: Wed 16 Oct 2024 10:58:51 +0000
ROA not before: Wed 16 Oct 2024 10:58:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 5.42.199.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
79.133.180.0/24 maxlen: 24
89.191.234.0/24 maxlen: 24
176.119.141.0/24 maxlen: 24
194.113.153.0/24 maxlen: 24
195.226.194.0/24 maxlen: 24
195.245.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 20:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:fb:05:e2:53:bd:4a:83:90:a6:ca:94:7f:54:37:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Validity
Not Before: Oct 16 10:58:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0abd83ce841e9716b1500823c2f275f5a107934a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:52:20:12:b2:96:5b:d9:73:51:c2:f9:b9:2f:
c4:44:88:b3:90:df:07:9c:76:dc:48:d2:8d:69:e8:
c1:7b:35:00:14:04:8d:15:b7:6b:92:45:ef:b5:05:
cd:57:38:83:b8:ca:1a:ed:e6:e7:81:82:08:92:72:
73:a0:ff:2c:5a:87:14:4d:5d:2e:2f:02:1e:10:38:
82:41:50:20:72:c3:3a:68:f6:04:db:06:05:5c:cd:
7f:48:2e:24:a3:58:3d:16:97:e3:86:fe:1a:8e:36:
49:c5:75:06:5f:6b:72:74:8a:38:5c:62:52:2b:51:
43:79:56:34:22:63:21:39:fb:94:d9:e6:29:b6:8f:
7a:ea:7e:b9:e2:86:6d:50:c1:b8:2e:db:74:27:56:
47:99:14:69:9c:1c:3c:ba:97:10:6c:39:3d:be:a0:
5d:96:73:bd:7a:89:07:7c:61:77:84:16:5f:e4:8e:
1b:a6:e2:3e:bd:0a:32:de:83:02:aa:a4:2d:7e:71:
3c:62:06:d8:e5:62:4c:42:3f:08:fb:71:1c:27:24:
26:d3:9e:35:0c:d6:e4:90:c0:e6:b1:38:c2:ed:96:
99:b2:25:e0:ea:91:d1:fa:56:59:00:90:12:4c:89:
bf:ab:c5:fe:09:8f:09:81:72:c3:f6:d4:b0:9d:56:
6f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BD:83:CE:84:1E:97:16:B1:50:08:23:C2:F2:75:F5:A1:07:93:4A
X509v3 Authority Key Identifier:
keyid:7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Cr2DzoQelxaxUAgjwvJ19aEHk0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.199.0/24
5.253.63.0/24
79.133.180.0/24
89.191.234.0/24
176.119.141.0/24
194.113.153.0/24
195.226.194.0/24
195.245.239.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ce:02:5b:27:7e:a8:6f:79:da:81:c1:a0:6e:8a:a0:df:0a:
04:6b:04:e9:9d:a4:df:2e:2d:13:4c:53:46:95:8a:ba:59:95:
20:8e:5b:18:14:49:7c:57:5b:85:48:d7:56:ab:c5:35:1f:1f:
9c:29:95:d7:0a:34:96:36:8e:2a:8c:be:d8:e9:7b:e2:31:c4:
07:4d:b4:c3:a0:87:ce:9c:ca:49:7d:55:1b:41:c1:7c:87:b1:
9e:69:0c:38:a8:5c:54:93:07:bf:e0:11:e2:8f:22:d0:10:f6:
97:7f:02:d5:3f:36:8c:45:8a:a8:9c:4e:eb:1d:7a:6f:e0:5f:
f1:1d:a3:48:d0:06:ea:ad:ba:0a:11:c5:b1:97:5f:9a:93:51:
f7:1f:8d:43:7a:c1:46:41:af:46:2a:d4:53:45:69:57:e1:73:
8a:3e:80:c9:85:af:56:08:cf:f1:4e:05:ca:de:22:56:23:94:
9e:e6:dd:8d:f9:42:6f:d1:9d:16:c5:ce:54:1b:73:5f:a0:4a:
0a:e8:09:b3:b4:92:f1:62:f9:5f:44:42:bc:21:02:ca:51:46:
73:44:b4:ff:64:2e:81:6f:bd:75:27:24:71:82:d4:2d:18:7f:
c4:e8:fe:f9:a6:43:7f:5b:d3:a6:3f:22:fd:db:77:14:14:86:
9f:02:fa:92
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZKU+wXiU71Kg5CmypR/VDcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmVhM2VjYWQ1YTQwMmI4ZmU1YTJhNjEzOGFmNjZhYWMy
NTdmZjkwHhcNMjQxMDE2MTA1ODUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJkODNjZTg0MWU5NzE2YjE1MDA4MjNjMmYyNzVmNWExMDc5MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFIgErKWW9lzUcL5uS/ERIizkN8H
nHbcSNKNaejBezUAFASNFbdrkkXvtQXNVziDuMoa7ebngYIIknJzoP8sWocUTV0u
LwIeEDiCQVAgcsM6aPYE2wYFXM1/SC4ko1g9Fpfjhv4ajjZJxXUGX2tydIo4XGJS
K1FDeVY0ImMhOfuU2eYpto966n654oZtUMG4Ltt0J1ZHmRRpnBw8upcQbDk9vqBd
lnO9eokHfGF3hBZf5I4bpuI+vQoy3oMCqqQtfnE8YgbY5WJMQj8I+3EcJyQm0541
DNbkkMDmsTjC7ZaZsiXg6pHR+lZZAJASTIm/q8X+CY8JgXLD9tSwnVZvXQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAq9g86EHpcWsVAII8LydfWhB5NKMB8GA1UdIwQY
MBaAFH0uo+ytWkArj+WiphOK9mqsJX/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgt
YjkxYjkyZDRkODAxLzEvQ3IyRHpvUWVseGF4VUFnand2SjE5YUVIazBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgtYjkxYjkyZDRkODAx
LzEvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABSrHAwQA
Bf0/AwQAT4W0AwQAWb/qAwQAsHeNAwQAwnGZAwQAw+LCAwQAw/XvMA0GCSqGSIb3
DQEBCwUAA4IBAQCBzgJbJ36ob3nagcGgboqg3woEawTpnaTfLi0TTFNGlYq6WZUg
jlsYFEl8V1uFSNdWq8U1Hx+cKZXXCjSWNo4qjL7Y6XviMcQHTbTDoIfOnMpJfVUb
QcF8h7GeaQw4qFxUkwe/4BHijyLQEPaXfwLVPzaMRYqonE7rHXpv4F/xHaNI0Abq
rboKEcWxl1+ak1H3H41DesFGQa9GKtRTRWlX4XOKPoDJha9WCM/xTgXK3iJWI5Se
5t2N+UJv0Z0Wxc5UG3NfoEoK6AmztJLxYvlfREK8IQLKUUZzRLT/ZC6Bb711JyRx
gtQtGH/E6P75pkN/W9OmPyL923cUFIafAvqS
-----END CERTIFICATE-----
Generated at Thu Nov 7 21:35:34 2024 by rpki-client on console-fra.rpki-client.org