Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1tnKqjPcKesL1UOArOzMqI3HdtE.roa
File: 1tnKqjPcKesL1UOArOzMqI3HdtE.roa (raw, json)
Hash identifier: Su2cJWS2O2jefxVcHUDwbiKy7ARUuFwXUduiT6CPRYM=
Subject key identifier: D6:D9:CA:AA:33:DC:29:EB:0B:D5:43:80:AC:EC:CC:A8:8D:C7:76:D1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0191F48A975453AD527852D6DACA232BD381
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1tnKqjPcKesL1UOArOzMqI3HdtE.roa
Signing time: Sun 15 Sep 2024 07:16:48 +0000
ROA not before: Sun 15 Sep 2024 07:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 45.141.234.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 08:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:8a:97:54:53:ad:52:78:52:d6:da:ca:23:2b:d3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Sep 15 07:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6d9caaa33dc29eb0bd54380aceccca88dc776d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cf:98:03:37:f3:c5:30:72:ad:e4:42:ea:10:
cc:79:e9:1f:59:f9:ac:8d:28:16:8e:09:6f:fe:a3:
75:61:c7:31:72:19:0e:0a:0b:9f:ef:54:4d:ce:30:
bc:e4:63:54:d1:5e:60:3b:9c:eb:41:62:73:ee:d5:
63:06:59:b8:49:08:cf:71:67:8b:0d:a3:2d:d7:7b:
0a:8f:4b:14:26:0b:d3:d6:83:81:73:d4:d1:0a:7c:
bf:44:d1:27:72:b8:37:4e:ba:51:55:1f:65:b5:c4:
d6:d6:ac:ba:0b:66:a6:e3:9c:9c:8f:1e:8f:67:c6:
cf:fb:c7:7d:98:95:52:9c:e1:f3:dc:94:b7:87:57:
d0:2c:58:f4:be:74:8d:cb:2d:bd:ae:a6:4f:c9:44:
e5:8c:1c:07:0e:e9:0b:9c:bb:07:77:55:3c:12:59:
fd:04:5d:e4:bf:5d:cc:30:d0:f6:98:bf:d0:4f:ed:
b6:4c:d1:9c:a3:71:ba:dd:d9:48:54:27:86:ba:77:
3c:70:2f:3f:b8:09:8f:e6:c0:bd:4a:2d:bc:19:91:
29:25:48:96:b8:c3:3a:51:e7:3e:e0:68:c9:9a:b4:
94:f1:d6:6d:f1:a0:3b:ec:8f:91:25:05:3e:a4:29:
fb:c6:bc:b9:2b:69:d6:78:4d:a9:65:9c:30:0a:05:
c5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D9:CA:AA:33:DC:29:EB:0B:D5:43:80:AC:EC:CC:A8:8D:C7:76:D1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1tnKqjPcKesL1UOArOzMqI3HdtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.234.0/24
91.92.35.0/24
93.152.207.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:fa:6c:af:7d:52:2d:b5:6f:67:b8:42:cf:ad:5f:c8:fd:c0:
f7:e8:cc:cf:16:c5:90:2b:28:e0:39:7e:af:40:b9:0e:6d:bd:
64:d5:71:68:b6:3b:95:5a:7c:16:55:12:d2:a3:bd:4d:23:bd:
3f:74:e4:0b:c8:80:a2:d2:85:43:ce:c0:bd:56:bf:00:31:a0:
0a:6b:f5:35:bd:53:f8:16:c9:10:68:54:07:8e:ba:d0:54:3f:
35:32:f5:4b:0d:02:61:4c:12:67:c4:04:bd:21:82:7f:9f:16:
a9:32:1c:10:68:b3:b2:e5:aa:7d:05:16:97:f2:cc:28:ab:25:
4d:c0:44:9d:8d:de:3d:5f:47:35:3b:09:cf:b7:ab:57:2f:67:
ed:2f:d6:f5:60:eb:7b:62:59:a3:45:03:2f:bf:25:65:01:20:
1d:67:20:3d:0d:61:bd:bd:65:2b:f3:e3:c1:12:4d:bd:83:f7:
9a:90:45:b5:5e:28:29:2e:ae:04:f8:6c:4d:0a:5f:bd:e9:d1:
5c:75:a7:c4:89:2f:4a:b2:5f:27:6e:92:5c:0d:32:6b:4b:c2:
76:53:b0:1f:ce:81:d1:91:d4:c2:22:68:db:a1:59:82:8e:f8:
6e:42:c9:ad:05:94:4a:26:f3:75:d1:d0:75:ed:a8:a1:af:b8:
a7:ff:1b:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH0ipdUU61SeFLW2sojK9OBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwOTE1MDcxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ5Y2FhYTMzZGMyOWViMGJkNTQzODBhY2VjY2NhODhkYzc3NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58+YAzfzxTByreRC6hDMeekfWfms
jSgWjglv/qN1YccxchkOCguf71RNzjC85GNU0V5gO5zrQWJz7tVjBlm4SQjPcWeL
DaMt13sKj0sUJgvT1oOBc9TRCny/RNEncrg3TrpRVR9ltcTW1qy6C2am45ycjx6P
Z8bP+8d9mJVSnOHz3JS3h1fQLFj0vnSNyy29rqZPyUTljBwHDukLnLsHd1U8Eln9
BF3kv13MMND2mL/QT+22TNGco3G63dlIVCeGunc8cC8/uAmP5sC9Si28GZEpJUiW
uMM6Uec+4GjJmrSU8dZt8aA77I+RJQU+pCn7xry5K2nWeE2pZZwwCgXFFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNbZyqoz3CnrC9VDgKzszKiNx3bRMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMXRuS3FqUGNLZXNMMVVPQXJPek1xSTNIZHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY3qAwQA
W1wjAwQAXZjPAwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQA/+myvfVIttW9nuELP
rV/I/cD36MzPFsWQKyjgOX6vQLkObb1k1XFotjuVWnwWVRLSo71NI70/dOQLyICi
0oVDzsC9Vr8AMaAKa/U1vVP4FskQaFQHjrrQVD81MvVLDQJhTBJnxAS9IYJ/nxap
MhwQaLOy5ap9BRaX8swoqyVNwESdjd49X0c1OwnPt6tXL2ftL9b1YOt7YlmjRQMv
vyVlASAdZyA9DWG9vWUr8+PBEk29g/eakEW1XigpLq4E+GxNCl+96dFcdafEiS9K
sl8nbpJcDTJrS8J2U7AfzoHRkdTCImjboVmCjvhuQsmtBZRKJvN10dB17aihr7in
/xsK
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:03 2025 by rpki-client