Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/m9kQpR-isvjwLi4Jp2NeBqHgYYc.roa
File: m9kQpR-isvjwLi4Jp2NeBqHgYYc.roa (raw, json)
Hash identifier: NDp02+nuL44mLZoVhuZglr6jGA3KsAyr8rdF7bWVLMA=
Subject key identifier: 9B:D9:10:A5:1F:A2:B2:F8:F0:2E:2E:09:A7:63:5E:06:A1:E0:61:87
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0192437009326C2A53765E8CC4D06FC76482
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/m9kQpR-isvjwLi4Jp2NeBqHgYYc.roa
Signing time: Mon 30 Sep 2024 14:57:48 +0000
ROA not before: Mon 30 Sep 2024 14:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 45.11.56.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
176.97.120.0/23 maxlen: 23
176.97.125.0/24 maxlen: 24
176.97.126.0/23 maxlen: 23
176.97.126.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.196.0/22 maxlen: 24
194.42.206.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
195.66.212.0/24 maxlen: 24
195.66.213.0/24 maxlen: 24
195.160.220.0/22 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:70:09:32:6c:2a:53:76:5e:8c:c4:d0:6f:c7:64:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Sep 30 14:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bd910a51fa2b2f8f02e2e09a7635e06a1e06187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ad:92:59:32:08:ac:40:5e:50:26:58:aa:78:
e9:85:15:54:b9:67:a0:3b:8b:f5:b6:6b:b7:c4:40:
aa:0e:46:15:14:ab:2c:3c:dc:88:87:45:df:08:1c:
85:88:f2:e5:bc:48:d7:f5:1a:de:cd:5c:6d:7a:66:
e4:5e:d1:08:6a:e9:c6:33:d4:8a:cc:d5:cd:ea:e6:
10:aa:a4:b3:1c:c7:e0:ba:28:0f:b7:5b:ca:1e:7b:
76:04:3a:c4:81:ed:75:26:97:7c:fa:e8:3e:3b:a4:
68:f1:b7:6d:33:13:a9:0c:fb:74:7f:f6:d6:98:07:
22:3e:0b:b2:45:d0:26:7b:27:46:c7:92:03:36:4f:
80:b0:30:16:4f:73:dd:18:e5:80:d5:ed:8c:bc:ca:
7b:a3:55:21:68:c8:26:ac:51:46:c0:69:e0:26:43:
43:b9:ae:79:f3:2d:e8:a1:43:91:f9:f6:c6:37:29:
85:bb:f8:7a:dc:ae:9f:c1:83:fa:1e:08:8f:c1:ab:
17:b5:e8:d0:29:b0:12:90:ea:7f:8f:1c:2a:f0:bf:
f8:89:b4:0b:c7:24:31:25:90:6a:ee:34:ba:17:f6:
22:c7:86:9e:81:0e:dd:2c:11:1d:96:e2:5d:86:23:
b0:77:74:a5:a7:53:71:5d:da:c2:3b:48:17:f7:70:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D9:10:A5:1F:A2:B2:F8:F0:2E:2E:09:A7:63:5E:06:A1:E0:61:87
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/m9kQpR-isvjwLi4Jp2NeBqHgYYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.11.59.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
176.97.120.0/23
176.97.125.0-176.97.127.255
185.254.199.0/24
194.42.196.0/22
194.42.206.0/23
195.26.86.0/23
195.66.212.0/23
195.160.220.0/22
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
50:e7:9a:24:5e:bf:53:e0:df:8a:29:d0:6e:10:5a:92:97:59:
c6:80:03:f4:ba:04:bb:44:b9:36:f6:39:ef:50:08:04:b6:02:
7d:24:78:a5:00:a0:2f:ec:a5:99:27:8b:29:7f:e9:e5:fb:76:
34:e9:ef:d7:29:90:78:2d:b5:b7:c6:5e:a4:68:d6:b3:8b:97:
2f:40:17:1f:40:6d:9f:b0:8f:4c:cb:b6:01:70:a5:db:23:fd:
29:ae:70:f8:63:f7:65:1f:91:d8:c2:e2:0c:89:9a:02:d0:b8:
92:5a:6c:ac:16:f9:5c:c1:9a:31:1c:f8:ad:c9:89:ae:63:0c:
5a:89:ee:eb:cd:27:13:78:6b:96:e6:d3:14:fa:27:96:84:7e:
7a:15:70:21:bf:21:01:84:7b:d5:9e:86:35:55:bf:56:03:b2:
ec:f8:aa:1c:80:6a:8c:1e:11:a7:0e:37:30:28:b4:e2:0f:af:
31:68:fd:8f:87:9d:52:4a:19:7f:7c:0c:45:ea:e7:9e:dd:d7:
5e:fd:4d:0a:7c:e9:80:a3:12:2b:76:ab:28:80:0c:60:ff:9e:
8d:3b:d3:8f:c8:07:bd:b9:36:a0:37:74:98:0e:66:22:25:0b:
9b:78:c7:68:29:30:b4:7e:46:c0:ea:44:5f:4c:13:a2:6c:d8:
37:96:55:3c
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZJDcAkybCpTdl6MxNBvx2SCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwOTMwMTQ1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQ5MTBhNTFmYTJiMmY4ZjAyZTJlMDlhNzYzNWUwNmExZTA2MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq2SWTIIrEBeUCZYqnjphRVUuWeg
O4v1tmu3xECqDkYVFKssPNyIh0XfCByFiPLlvEjX9RrezVxtembkXtEIaunGM9SK
zNXN6uYQqqSzHMfguigPt1vKHnt2BDrEge11Jpd8+ug+O6Ro8bdtMxOpDPt0f/bW
mAciPguyRdAmeydGx5IDNk+AsDAWT3PdGOWA1e2MvMp7o1UhaMgmrFFGwGngJkND
ua558y3ooUOR+fbGNymFu/h63K6fwYP6HgiPwasXtejQKbASkOp/jxwq8L/4ibQL
xyQxJZBq7jS6F/Yix4aegQ7dLBEdluJdhiOwd3Slp1NxXdrCO0gX93CBZQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFJvZEKUforL48C4uCadjXgah4GGHMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvbTlrUXBSLWlzdmp3TGk0SnAyTmVCcUhnWVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQALQs4AwQA
LQs7AwQBLYauAwQCW96sAwQBW+rGAwQBsGF4MAwDBACwYX0DBAewYQADBAC5/scD
BALCKsQDBAHCKs4DBAHDGlYDBAHDQtQDBALDoNwwDQQCAAIwBwMFACoJLcEwDQYJ
KoZIhvcNAQELBQADggEBAFDnmiRev1Pg34op0G4QWpKXWcaAA/S6BLtEuTb2Oe9Q
CAS2An0keKUAoC/spZkniyl/6eX7djTp79cpkHgttbfGXqRo1rOLly9AFx9AbZ+w
j0zLtgFwpdsj/SmucPhj92UfkdjC4gyJmgLQuJJabKwW+VzBmjEc+K3Jia5jDFqJ
7uvNJxN4a5bm0xT6J5aEfnoVcCG/IQGEe9WehjVVv1YDsuz4qhyAaoweEacONzAo
tOIPrzFo/Y+HnVJKGX98DEXq557d1179TQp86YCjEit2qyiADGD/no0704/IB725
NqA3dJgOZiIlC5t4x2gpMLR+RsDqRF9ME6Js2DeWVTw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:13:33 2025 by rpki-client