Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ab9cI3M4l7k4eMvOg6IKvaikSuE.roa
File: Ab9cI3M4l7k4eMvOg6IKvaikSuE.roa (raw, json)
Hash identifier: Pn7OB95UCqusDfxkMDasshW9DWDXuXsY1VNOudD+YYI=
Subject key identifier: 01:BF:5C:23:73:38:97:B9:38:78:CB:CE:83:A2:0A:BD:A8:A4:4A:E1
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019205BC73CB8AFC9518843B177B31EE7833
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ab9cI3M4l7k4eMvOg6IKvaikSuE.roa
Signing time: Wed 18 Sep 2024 15:24:49 +0000
ROA not before: Wed 18 Sep 2024 15:24:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215163
IP address blocks: 5.180.194.0/24 maxlen: 24
94.247.43.0/24 maxlen: 24
2a00:f826:8::/48 maxlen: 48
2a09:e1c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:bc:73:cb:8a:fc:95:18:84:3b:17:7b:31:ee:78:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Sep 18 15:24:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01bf5c23733897b93878cbce83a20abda8a44ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:55:e9:9d:dc:51:39:35:6e:43:f8:b3:6c:
8a:ff:eb:47:a8:39:da:ca:a8:9f:f0:51:65:77:be:
c3:a0:79:f9:6f:b5:77:ea:68:d3:69:da:1d:3f:fa:
d1:cd:76:67:04:a6:8c:11:92:d7:3c:9f:18:28:0f:
0e:5e:d5:05:c6:00:85:77:46:d2:23:e0:b7:1c:74:
c9:81:ad:f3:82:84:4b:1b:2b:55:78:01:a8:15:5e:
d1:33:70:62:1c:b1:84:60:33:d9:42:3b:c9:1c:17:
bf:62:6f:0c:62:0f:06:20:07:73:26:4f:7e:ca:17:
c6:62:93:eb:01:dc:30:76:cd:5d:98:cc:15:34:cc:
da:ba:76:c4:fe:88:24:b9:81:9b:c7:df:a9:ce:a0:
97:c6:6b:ab:9e:5c:cb:29:85:3a:53:32:ae:50:53:
10:9c:74:3b:f2:ca:bf:a9:b0:d6:16:1e:b5:eb:73:
3c:17:65:cc:9e:f1:21:59:77:9a:7b:60:b6:37:9c:
24:10:b5:29:ae:61:ce:51:e9:fa:60:4f:50:39:24:
b6:f5:dd:5c:6a:69:78:00:39:47:c3:e6:26:13:0b:
b7:1e:e1:0f:9e:fe:af:fa:66:8a:5a:77:12:f7:26:
57:34:a1:db:55:51:b9:01:c6:92:97:ee:f0:d9:c1:
b4:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BF:5C:23:73:38:97:B9:38:78:CB:CE:83:A2:0A:BD:A8:A4:4A:E1
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Ab9cI3M4l7k4eMvOg6IKvaikSuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.194.0/24
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a09:e1c2::/32
Signature Algorithm: sha256WithRSAEncryption
24:a7:d9:3c:92:7b:f6:b0:4f:b9:74:e1:b4:65:68:e2:d6:6d:
40:9f:92:dd:76:f7:ab:25:6c:2b:d1:77:8b:cd:1c:8c:4b:4f:
a1:87:d4:1d:ff:19:3e:1a:fd:86:d3:09:50:18:76:52:a3:0b:
8f:db:9d:6f:54:bd:72:00:80:9e:61:db:0a:e4:82:92:fa:05:
db:24:77:f2:95:57:c4:73:55:e3:8f:c3:e8:d7:1a:22:23:41:
28:b5:fa:ee:95:55:14:ad:78:75:83:3d:14:ff:ea:f6:e3:a1:
71:d7:ed:49:50:c5:4c:77:2f:ef:a5:7b:10:ab:5b:78:aa:23:
40:56:73:be:32:bc:19:0d:6c:9c:bb:ad:d9:15:35:33:cd:57:
73:8d:8c:81:e2:6e:ba:a4:66:aa:70:0a:fc:47:4c:14:8a:e5:
08:0e:01:68:4c:d9:9e:85:df:e1:75:29:df:bd:39:26:7d:40:
3d:73:2f:0e:88:49:7d:39:38:5a:00:21:d2:bb:21:37:f8:39:
c2:42:5a:3f:f2:88:38:3c:8b:ab:c6:6a:1b:6a:1e:66:33:4e:
55:4c:62:e6:44:f4:d4:95:45:02:3c:7a:04:ee:bf:51:67:44:
3c:ee:56:b5:7c:cc:8f:df:52:ab:33:d7:e1:01:40:2b:21:76:
49:ad:da:bb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIFvHPLivyVGIQ7F3sx7ngzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwOTE4MTUyNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJmNWMyMzczMzg5N2I5Mzg3OGNiY2U4M2EyMGFiZGE4YTQ0YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGtV6Z3cUTk1bkP4s2yK/+tHqDna
yqif8FFld77DoHn5b7V36mjTadodP/rRzXZnBKaMEZLXPJ8YKA8OXtUFxgCFd0bS
I+C3HHTJga3zgoRLGytVeAGoFV7RM3BiHLGEYDPZQjvJHBe/Ym8MYg8GIAdzJk9+
yhfGYpPrAdwwds1dmMwVNMzaunbE/ogkuYGbx9+pzqCXxmurnlzLKYU6UzKuUFMQ
nHQ78sq/qbDWFh6163M8F2XMnvEhWXeae2C2N5wkELUprmHOUen6YE9QOSS29d1c
aml4ADlHw+YmEwu3HuEPnv6v+maKWncS9yZXNKHbVVG5AcaSl+7w2cG00QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAG/XCNzOJe5OHjLzoOiCr2opErhMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvQWI5Y0kzTTRsN2s0ZU12T2c2SUt2YWlrU3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQABbTCAwQA
XvcrMBYEAgACMBADBwAqAPgmAAgDBQAqCeHCMA0GCSqGSIb3DQEBCwUAA4IBAQAk
p9k8knv2sE+5dOG0ZWji1m1An5LddverJWwr0XeLzRyMS0+hh9Qd/xk+Gv2G0wlQ
GHZSowuP251vVL1yAICeYdsK5IKS+gXbJHfylVfEc1Xjj8Po1xoiI0EotfrulVUU
rXh1gz0U/+r246Fx1+1JUMVMdy/vpXsQq1t4qiNAVnO+MrwZDWycu63ZFTUzzVdz
jYyB4m66pGaqcAr8R0wUiuUIDgFoTNmehd/hdSnfvTkmfUA9cy8OiEl9OThaACHS
uyE3+DnCQlo/8og4PIurxmobah5mM05VTGLmRPTUlUUCPHoE7r9RZ0Q87la1fMyP
31KrM9fhAUArIXZJrdq7
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:43:44 2025 by rpki-client