Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CeEYWiPRqIGhpQ3n3gBzVE5S94U.roa
File: CeEYWiPRqIGhpQ3n3gBzVE5S94U.roa (raw, json)
Hash identifier: ho4CLO7K9yx8GPsW3hDYnLJ6gNk/DW/BKW2iTffAVyw=
Subject key identifier: 09:E1:18:5A:23:D1:A8:81:A1:A5:0D:E7:DE:00:73:54:4E:52:F7:85
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E1506A83592BCA6D31B0C88A8245A8528
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CeEYWiPRqIGhpQ3n3gBzVE5S94U.roa
Signing time: Wed 06 Mar 2024 18:29:01 +0000
ROA not before: Wed 06 Mar 2024 18:29:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.147.224.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 21:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:06:a8:35:92:bc:a6:d3:1b:0c:88:a8:24:5a:85:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 6 18:29:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09e1185a23d1a881a1a50de7de0073544e52f785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:40:ca:33:42:bb:70:1f:e2:45:ff:17:d1:9a:
e4:93:58:be:12:ae:c1:84:aa:14:b8:14:a9:45:cd:
74:15:ac:1e:6c:8a:87:b5:f3:b3:84:d2:42:8d:76:
db:7e:37:04:82:80:31:9d:6d:05:e5:a8:05:f2:5c:
be:da:65:ec:a7:3c:06:02:45:84:e3:95:de:ab:62:
98:23:e1:74:26:6c:ac:97:8f:0a:54:e0:81:32:f4:
fb:b6:03:93:d3:2d:6a:9f:1c:d7:87:ef:5c:1c:d9:
85:e7:a3:55:7c:4f:fa:c5:c0:0f:3a:04:93:9f:e7:
d1:ff:bf:cf:77:ca:c1:93:06:80:7f:4a:27:d3:e6:
58:8d:db:e5:a4:66:0a:21:03:48:f7:b8:a7:62:f2:
87:5c:bc:75:30:6e:79:e1:e2:94:35:2a:50:b5:06:
62:2d:4e:85:99:2f:4b:20:2c:a7:c0:1f:b8:96:10:
b5:71:ac:f6:00:bf:82:41:82:6e:b0:a4:b4:15:8f:
28:6f:10:71:c6:9d:9d:ee:95:67:5c:44:05:4d:38:
36:5b:a8:d2:83:76:21:d7:8e:93:51:96:ca:7c:7c:
21:d0:51:e0:c3:62:2c:7c:e5:37:48:68:76:43:c8:
b2:a6:5e:14:2d:1e:20:9f:14:d7:0a:53:36:94:15:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E1:18:5A:23:D1:A8:81:A1:A5:0D:E7:DE:00:73:54:4E:52:F7:85
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/CeEYWiPRqIGhpQ3n3gBzVE5S94U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
194.5.67.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:99:fe:53:5f:a1:90:34:de:df:83:c4:c0:6d:63:73:0c:78:
fc:d5:37:77:27:97:f0:46:11:d6:75:50:51:9c:78:4f:a5:4e:
d0:b5:74:7e:1d:39:18:7a:2f:5f:ac:6a:f8:07:50:b8:bf:17:
69:85:48:ef:fa:60:63:8b:93:de:85:f1:c6:5c:2c:6b:bd:c1:
a4:4f:6d:ed:2e:f4:57:46:42:b4:72:8f:ad:3f:12:f0:9d:e9:
d5:f2:f4:8e:5c:5d:d2:ec:d2:76:3f:cb:e8:25:cc:24:64:ee:
ed:ca:4f:54:14:a3:eb:15:ff:18:d9:c3:39:83:44:96:74:a7:
32:13:74:45:2a:64:dc:fd:0b:94:4d:62:36:c0:67:86:42:f0:
fd:6a:b0:e4:8c:ec:b3:fa:47:24:34:90:a1:8a:df:5e:4f:11:
97:9e:cd:63:2c:56:77:16:2c:8b:9b:3c:69:f5:e0:f4:16:66:
39:52:89:27:6d:87:48:90:9b:41:ba:fb:9a:ac:b9:82:82:9f:
38:38:2f:c3:c7:0a:45:ee:ce:78:d0:7b:45:16:34:31:83:a2:
10:25:3d:3d:19:9a:62:ac:58:99:12:d8:f5:4c:8a:48:06:27:
cf:db:64:2c:96:9b:d3:9f:a5:cb:d8:ec:cf:3e:2c:d0:21:92:
12:19:5f:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4VBqg1krym0xsMiKgkWoUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzA2MTgyOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWUxMTg1YTIzZDFhODgxYTFhNTBkZTdkZTAwNzM1NDRlNTJmNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0DKM0K7cB/iRf8X0Zrkk1i+Eq7B
hKoUuBSpRc10FawebIqHtfOzhNJCjXbbfjcEgoAxnW0F5agF8ly+2mXspzwGAkWE
45Xeq2KYI+F0Jmysl48KVOCBMvT7tgOT0y1qnxzXh+9cHNmF56NVfE/6xcAPOgST
n+fR/7/Pd8rBkwaAf0on0+ZYjdvlpGYKIQNI97inYvKHXLx1MG554eKUNSpQtQZi
LU6FmS9LICynwB+4lhC1caz2AL+CQYJusKS0FY8obxBxxp2d7pVnXEQFTTg2W6jS
g3Yh146TUZbKfHwh0FHgw2IsfOU3SGh2Q8iypl4ULR4gnxTXClM2lBULfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAnhGFoj0aiBoaUN594Ac1ROUveFMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQ2VFWVdpUFJxSUdocFEzbjNnQnpWRTVTOTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPgAwQA
ud4eAwQAwgVDAwQAwkysMA0GCSqGSIb3DQEBCwUAA4IBAQCfmf5TX6GQNN7fg8TA
bWNzDHj81Td3J5fwRhHWdVBRnHhPpU7QtXR+HTkYei9frGr4B1C4vxdphUjv+mBj
i5PehfHGXCxrvcGkT23tLvRXRkK0co+tPxLwnenV8vSOXF3S7NJ2P8voJcwkZO7t
yk9UFKPrFf8Y2cM5g0SWdKcyE3RFKmTc/QuUTWI2wGeGQvD9arDkjOyz+kckNJCh
it9eTxGXns1jLFZ3FiyLmzxp9eD0FmY5UoknbYdIkJtBuvuarLmCgp84OC/DxwpF
7s540HtFFjQxg6IQJT09GZpirFiZEtj1TIpIBifP22QslpvTn6XL2OzPPizQIZIS
GV8/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org