Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pEpu6YAzTuT4FGgj8pJDVi_ocA0.roa
File: pEpu6YAzTuT4FGgj8pJDVi_ocA0.roa (raw, json)
Hash identifier: AMkooZtDq4G/2u95HQlIY5N9c+qhk/0f/HZiJzJz5/M=
Subject key identifier: A4:4A:6E:E9:80:33:4E:E4:F8:14:68:23:F2:92:43:56:2F:E8:70:0D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D7E4A307140E8B84BF57848C686A17199
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pEpu6YAzTuT4FGgj8pJDVi_ocA0.roa
Signing time: Tue 06 Feb 2024 12:00:07 +0000
ROA not before: Tue 06 Feb 2024 12:00:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.131.134.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.225.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 16:36:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:4a:30:71:40:e8:b8:4b:f5:78:48:c6:86:a1:71:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 6 12:00:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a44a6ee980334ee4f8146823f29243562fe8700d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:85:3d:77:c5:e1:ac:68:ca:b5:eb:68:f8:e5:
0a:f6:93:e6:fd:4b:ba:8d:98:85:1e:f9:7c:7c:ac:
c6:87:32:28:ce:f2:06:82:0b:b7:4f:7f:01:a0:ba:
4e:c9:30:ab:78:0f:41:2c:9e:0e:c1:e0:fe:f3:79:
20:82:65:55:22:a0:59:bc:ee:13:99:0f:24:46:55:
98:1d:ec:3f:98:c8:2d:3e:14:00:7f:05:68:0a:c7:
3c:c4:e5:64:57:6e:a1:c5:5b:2c:47:a1:fc:c8:c2:
7f:9f:ca:d3:f8:6a:36:2f:7f:db:6b:a6:a9:4d:0b:
43:cf:70:c2:e5:2d:12:8d:22:52:9a:f0:db:43:f6:
96:25:14:66:55:72:14:d0:9b:82:34:43:24:88:06:
21:27:b4:a9:96:45:ab:59:bd:8c:a6:cc:9d:9f:3a:
3d:e6:b9:a5:14:90:28:fd:ff:e5:69:fa:74:3f:8c:
52:1e:af:f5:27:ab:ca:e0:0f:d3:f2:17:ee:b1:be:
99:64:e4:6a:c7:b0:c5:a7:b4:f8:58:ab:64:7d:e2:
d1:9f:a0:08:22:e2:26:b7:9f:cd:50:35:ca:28:7b:
12:34:c6:1e:84:b2:49:2c:09:d9:39:60:72:21:c8:
d8:f1:b6:dc:5e:4e:81:11:7b:ff:24:a3:84:30:c7:
24:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4A:6E:E9:80:33:4E:E4:F8:14:68:23:F2:92:43:56:2F:E8:70:0D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/pEpu6YAzTuT4FGgj8pJDVi_ocA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.134.0/24
185.209.75.0/24
185.225.1.0/24
Signature Algorithm: sha256WithRSAEncryption
66:0f:40:85:b7:a5:01:17:b8:1a:ac:48:99:6c:fe:02:86:f6:
14:94:4c:93:77:35:05:d5:4b:82:86:17:63:f1:75:8e:63:0c:
0a:8c:f6:b4:3c:12:a3:ff:3d:d5:8a:0e:84:93:20:0c:cd:19:
44:c7:23:cf:c1:78:57:54:be:97:89:a7:e9:29:d6:ef:2a:3a:
af:94:a9:73:6a:69:5d:03:c0:5a:2f:17:2e:29:82:25:61:6f:
59:60:b7:aa:cc:f4:e0:7f:50:fa:de:c9:61:a5:0b:50:ed:de:
e3:ce:04:2b:9c:6f:4e:ef:bf:55:b8:7a:47:6b:7f:d7:d0:4d:
18:20:6a:53:3c:bd:75:c4:c3:02:3d:67:53:ce:08:b2:9d:af:
71:7e:52:6a:27:91:1d:cf:a3:6e:73:dc:5c:68:91:4b:51:37:
63:61:e6:d8:cf:d8:7b:3a:d1:3d:59:be:e6:d8:72:ca:1a:63:
5e:1b:fa:51:36:fa:41:d9:b2:3e:cf:7f:af:93:b3:e4:9a:e3:
25:70:5d:87:03:3b:d9:44:dd:d2:a9:9b:9e:7b:3e:cb:5b:f6:
6c:ee:2e:9e:d3:64:c4:33:f2:b1:25:f6:65:ce:b3:9e:c8:35:
d9:8a:6c:d3:0a:b3:05:51:19:48:ec:91:cb:bf:9d:93:00:fb:
dd:d5:df:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1+SjBxQOi4S/V4SMaGoXGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA2MTIwMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDRhNmVlOTgwMzM0ZWU0ZjgxNDY4MjNmMjkyNDM1NjJmZTg3MDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYU9d8XhrGjKteto+OUK9pPm/Uu6
jZiFHvl8fKzGhzIozvIGggu3T38BoLpOyTCreA9BLJ4OweD+83kggmVVIqBZvO4T
mQ8kRlWYHew/mMgtPhQAfwVoCsc8xOVkV26hxVssR6H8yMJ/n8rT+Go2L3/ba6ap
TQtDz3DC5S0SjSJSmvDbQ/aWJRRmVXIU0JuCNEMkiAYhJ7SplkWrWb2Mpsydnzo9
5rmlFJAo/f/lafp0P4xSHq/1J6vK4A/T8hfusb6ZZORqx7DFp7T4WKtkfeLRn6AI
IuImt5/NUDXKKHsSNMYehLJJLAnZOWByIcjY8bbcXk6BEXv/JKOEMMckEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKRKbumAM07k+BRoI/KSQ1Yv6HANMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcEVwdTZZQXpUdVQ0RkdnajhwSkRWaV9vY0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYOGAwQA
udFLAwQAueEBMA0GCSqGSIb3DQEBCwUAA4IBAQBmD0CFt6UBF7garEiZbP4ChvYU
lEyTdzUF1UuChhdj8XWOYwwKjPa0PBKj/z3Vig6EkyAMzRlExyPPwXhXVL6Xiafp
KdbvKjqvlKlzamldA8BaLxcuKYIlYW9ZYLeqzPTgf1D63slhpQtQ7d7jzgQrnG9O
779VuHpHa3/X0E0YIGpTPL11xMMCPWdTzgiyna9xflJqJ5Edz6Nuc9xcaJFLUTdj
YebYz9h7OtE9Wb7m2HLKGmNeG/pRNvpB2bI+z3+vk7PkmuMlcF2HAzvZRN3SqZue
ez7LW/Zs7i6e02TEM/KxJfZlzrOeyDXZimzTCrMFURlI7JHLv52TAPvd1d9t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org