Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/0AXT7f7-NQ9-44lyWFZs1vCKQqA.roa
File: 0AXT7f7-NQ9-44lyWFZs1vCKQqA.roa (raw, json)
Hash identifier: 6K4a1SdHWqoMFClTiGqTfIkg/Yi0UBCF+fewKzUBR/A=
Subject key identifier: D0:05:D3:ED:FE:FE:35:0F:7E:E3:89:72:58:56:6C:D6:F0:8A:42:A0
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019252125FE921379B4530C1EF458045C09B
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/0AXT7f7-NQ9-44lyWFZs1vCKQqA.roa
Signing time: Thu 03 Oct 2024 11:09:48 +0000
ROA not before: Thu 03 Oct 2024 11:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.141.234.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 14:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:12:5f:e9:21:37:9b:45:30:c1:ef:45:80:45:c0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 3 11:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d005d3edfefe350f7ee3897258566cd6f08a42a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d5:95:24:ee:15:fb:d1:60:fb:da:a3:a8:f7:
94:4b:71:a3:88:ee:f7:86:7d:fa:dd:59:39:81:52:
8c:03:4b:cf:f2:c7:b3:aa:f0:63:54:8b:70:d6:cc:
34:29:f2:c1:75:49:cf:be:ae:22:5c:f2:c7:af:32:
83:06:2f:f3:9d:8d:c3:9a:23:cb:66:08:5d:7e:44:
2c:d8:20:44:ce:19:19:5f:da:d0:9d:7e:70:c1:8d:
8f:db:b4:92:23:8e:42:25:1c:3f:6d:b6:8f:cd:ea:
70:73:95:99:f0:c5:59:02:73:a4:c8:a2:51:87:c1:
fb:ea:6c:1b:a7:58:e9:d4:f6:83:b4:f7:af:42:1f:
18:c4:6c:c1:f4:06:32:42:b2:9e:e3:6d:76:ec:f0:
4f:5d:e9:bc:3b:c8:b0:2b:2e:0a:79:c1:b1:cd:2b:
91:9e:89:ac:cb:ed:ea:16:51:07:15:52:01:2a:52:
9e:ee:1d:1a:1e:e9:6e:25:ac:d4:1f:87:d5:b2:71:
31:da:06:9f:96:7f:71:50:9b:b6:1f:f4:23:5b:7a:
f7:3d:aa:81:69:26:0e:d6:96:59:92:35:e5:7b:45:
b7:8d:d3:c2:1a:4d:e3:d1:30:fc:27:99:31:ae:b1:
5d:a5:8c:07:82:a6:e5:6c:04:94:c4:be:1d:54:b5:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:05:D3:ED:FE:FE:35:0F:7E:E3:89:72:58:56:6C:D6:F0:8A:42:A0
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/0AXT7f7-NQ9-44lyWFZs1vCKQqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
93.152.207.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:5c:6c:76:1e:a7:1a:e5:b3:8b:18:32:07:d7:c8:2d:c6:31:
b9:af:72:50:64:3d:72:bd:58:3e:33:86:47:8f:f2:cc:e0:e4:
b5:80:c4:5b:4c:77:6d:6e:02:10:be:43:00:a1:ae:06:69:40:
f6:62:60:b5:3b:69:4c:1f:de:75:cb:af:28:cf:58:59:c9:b4:
17:30:f3:3e:b8:cc:6b:ef:ea:bf:81:65:16:df:dc:f4:11:95:
a7:89:12:3b:c1:b9:7b:79:c2:15:a9:97:a0:df:99:35:39:e5:
d1:98:93:61:31:5c:9a:2d:0b:84:cf:fe:c4:a4:c0:1f:0d:3a:
ae:90:66:5b:15:6d:67:2e:86:b5:23:93:d6:1f:b4:03:9d:fb:
9a:8d:b8:21:7c:6b:b7:a1:43:0a:07:78:74:9c:07:d4:80:5f:
93:d7:93:5d:d0:08:11:45:ea:78:0d:8b:1e:b2:c1:22:26:0f:
34:d0:bd:28:33:f9:71:4d:f1:93:45:16:b8:b5:0d:5e:2b:2c:
f8:2e:4f:9a:71:26:96:56:12:a3:be:f5:5f:08:3b:94:c5:b6:
f7:19:bf:ac:b0:5c:c3:20:90:a5:7f:a9:f8:c3:ba:95:08:f0:
5e:10:d8:66:8e:ad:2d:04:64:a2:46:73:a8:df:85:c2:83:bc:
44:d5:1a:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJSEl/pITebRTDB70WARcCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQxMDAzMTEwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDA1ZDNlZGZlZmUzNTBmN2VlMzg5NzI1ODU2NmNkNmYwOGE0MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNWVJO4V+9Fg+9qjqPeUS3GjiO73
hn363Vk5gVKMA0vP8sezqvBjVItw1sw0KfLBdUnPvq4iXPLHrzKDBi/znY3DmiPL
ZghdfkQs2CBEzhkZX9rQnX5wwY2P27SSI45CJRw/bbaPzepwc5WZ8MVZAnOkyKJR
h8H76mwbp1jp1PaDtPevQh8YxGzB9AYyQrKe42127PBPXem8O8iwKy4KecGxzSuR
nomsy+3qFlEHFVIBKlKe7h0aHuluJazUH4fVsnEx2gafln9xUJu2H/QjW3r3PaqB
aSYO1pZZkjXle0W3jdPCGk3j0TD8J5kxrrFdpYwHgqblbASUxL4dVLWeiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNAF0+3+/jUPfuOJclhWbNbwikKgMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMEFYVDdmNy1OUTktNDRseVdGWnMxdkNLUXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY3qAwQA
XZjPMA0GCSqGSIb3DQEBCwUAA4IBAQCxXGx2Hqca5bOLGDIH18gtxjG5r3JQZD1y
vVg+M4ZHj/LM4OS1gMRbTHdtbgIQvkMAoa4GaUD2YmC1O2lMH951y68oz1hZybQX
MPM+uMxr7+q/gWUW39z0EZWniRI7wbl7ecIVqZeg35k1OeXRmJNhMVyaLQuEz/7E
pMAfDTqukGZbFW1nLoa1I5PWH7QDnfuajbghfGu3oUMKB3h0nAfUgF+T15Nd0AgR
Rep4DYsessEiJg800L0oM/lxTfGTRRa4tQ1eKyz4Lk+acSaWVhKjvvVfCDuUxbb3
Gb+ssFzDIJClf6n4w7qVCPBeENhmjq0tBGSiRnOo34XCg7xE1Rol
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:39:21 2024 by rpki-client on console-fra.rpki-client.org