Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/DeITZMOI8ngbtXZTsJCmYncRzFE.roa
File: DeITZMOI8ngbtXZTsJCmYncRzFE.roa (raw, json)
Hash identifier: 6qvvekBMsFtkfSgEcS6jyAHMFU3+lZh2B0B724ulwIQ=
Subject key identifier: 0D:E2:13:64:C3:88:F2:78:1B:B5:76:53:B0:90:A6:62:77:11:CC:51
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 01919CFFEA24EC5B9015D3A5CDED9ECECDA3
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/DeITZMOI8ngbtXZTsJCmYncRzFE.roa
Signing time: Thu 29 Aug 2024 07:18:22 +0000
ROA not before: Thu 29 Aug 2024 07:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.140.57.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
212.81.46.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Sep 2024 10:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9c:ff:ea:24:ec:5b:90:15:d3:a5:cd:ed:9e:ce:cd:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Aug 29 07:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0de21364c388f2781bb57653b090a6627711cc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:56:25:5c:07:ce:b5:69:18:ec:b3:16:0d:27:
30:f7:4c:94:78:d1:bf:3d:b0:76:61:cf:60:34:96:
38:6a:e1:a4:fb:45:bd:fe:33:2e:52:2e:cb:94:dc:
c1:95:68:ec:ae:99:df:57:b1:e4:51:ac:fd:db:f0:
cf:77:b6:ec:0b:c6:d0:0a:64:ba:1e:fa:14:7c:72:
a1:d5:3f:dd:30:09:02:4f:9b:74:9c:b8:be:c2:c2:
11:8f:47:5f:f9:4c:a5:d8:20:d2:c2:39:de:f8:3d:
bb:76:24:37:46:4b:fd:dd:fa:78:13:12:4b:fa:04:
8c:5e:aa:0d:99:13:40:78:98:eb:7c:03:27:09:44:
79:48:c5:4f:a0:4f:b5:af:bc:69:42:3d:bd:45:1c:
92:39:07:bd:85:cc:6c:38:c9:d8:e1:95:f7:b2:51:
9b:67:9e:19:0e:49:f3:8e:6b:98:7b:53:a5:27:34:
0a:8b:d6:d2:f8:d7:12:d4:9f:8a:64:62:e5:73:66:
71:aa:9f:43:c3:f9:93:11:11:57:16:61:08:ce:7f:
57:3f:c1:d7:ab:53:be:1e:fa:56:88:6d:94:30:8a:
10:8b:04:89:80:ab:0d:a4:e1:da:7a:8c:9b:ca:d9:
de:52:74:9d:9f:5b:63:a0:00:65:94:1e:28:f3:c7:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E2:13:64:C3:88:F2:78:1B:B5:76:53:B0:90:A6:62:77:11:CC:51
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/DeITZMOI8ngbtXZTsJCmYncRzFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.57.0/24
212.81.45.0-212.81.47.255
Signature Algorithm: sha256WithRSAEncryption
1d:19:6b:5a:3f:8d:14:af:ec:3f:3e:7f:a9:4a:b6:db:aa:1f:
a4:fa:5b:bb:4a:78:78:70:a4:86:b4:09:a6:dd:22:60:08:b9:
a7:9d:65:0b:85:cf:20:4a:3f:83:84:8b:9d:b5:3c:47:21:48:
e0:e6:a1:b1:8e:c1:fb:cd:4f:8a:09:76:b4:f5:2a:0b:49:89:
2e:b7:67:b9:48:3a:fa:c5:23:bb:7a:fe:73:4b:e2:d6:e9:d0:
99:c6:9d:e2:eb:5e:40:42:0b:59:be:90:2a:2a:25:c7:99:f9:
94:90:5b:f5:bc:1d:34:35:c5:dd:bb:45:bd:0d:0c:78:66:71:
ea:7c:73:74:8f:8c:83:4a:69:13:e9:dd:be:6e:c6:68:37:bd:
ac:8a:5e:eb:53:fc:fe:2f:5e:d0:a7:b9:e0:73:09:fc:d4:73:
49:98:b6:4e:90:a5:e4:52:c1:32:e8:08:2d:f3:b4:36:08:f1:
5b:e1:e7:31:cd:60:e6:7e:e4:95:c9:94:43:a1:f5:77:14:23:
64:18:8f:0c:25:1b:da:a5:92:22:cc:5b:0f:76:30:fc:3f:d3:
5a:d8:ef:03:d9:82:e1:2c:2c:ec:30:f2:53:86:82:a8:f3:15:
83:57:55:2d:71:19:bc:0f:1b:a7:32:e8:67:e1:03:85:c9:18:
5a:c5:2e:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZGc/+ok7FuQFdOlze2ezs2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwODI5MDcxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUyMTM2NGMzODhmMjc4MWJiNTc2NTNiMDkwYTY2Mjc3MTFjYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51YlXAfOtWkY7LMWDScw90yUeNG/
PbB2Yc9gNJY4auGk+0W9/jMuUi7LlNzBlWjsrpnfV7HkUaz92/DPd7bsC8bQCmS6
HvoUfHKh1T/dMAkCT5t0nLi+wsIRj0df+Uyl2CDSwjne+D27diQ3Rkv93fp4ExJL
+gSMXqoNmRNAeJjrfAMnCUR5SMVPoE+1r7xpQj29RRySOQe9hcxsOMnY4ZX3slGb
Z54ZDknzjmuYe1OlJzQKi9bS+NcS1J+KZGLlc2Zxqp9Dw/mTERFXFmEIzn9XP8HX
q1O+HvpWiG2UMIoQiwSJgKsNpOHaeoybytneUnSdn1tjoABllB4o88dYjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA3iE2TDiPJ4G7V2U7CQpmJ3EcxRMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvRGVJVFpNT0k4bmdidFhaVHNKQ21ZbmNSekZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALYw5MAwD
BADUUS0DBATUUSAwDQYJKoZIhvcNAQELBQADggEBAB0Za1o/jRSv7D8+f6lKttuq
H6T6W7tKeHhwpIa0CabdImAIuaedZQuFzyBKP4OEi521PEchSODmobGOwfvNT4oJ
drT1KgtJiS63Z7lIOvrFI7t6/nNL4tbp0JnGneLrXkBCC1m+kCoqJceZ+ZSQW/W8
HTQ1xd27Rb0NDHhmcep8c3SPjINKaRPp3b5uxmg3vayKXutT/P4vXtCnueBzCfzU
c0mYtk6QpeRSwTLoCC3ztDYI8Vvh5zHNYOZ+5JXJlEOh9XcUI2QYjwwlG9qlkiLM
Ww92MPw/01rY7wPZguEsLOww8lOGgqjzFYNXVS1xGbwPG6cy6GfhA4XJGFrFLqo=
-----END CERTIFICATE-----
Generated at Sun Sep 8 11:35:53 2024 by rpki-client on console-fra.rpki-client.org