Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/_hLlaY5YHCpdKoRKrd7-sd9VAK4.roa
File: _hLlaY5YHCpdKoRKrd7-sd9VAK4.roa (raw, json)
Hash identifier: 94K64+iasW19Eut/2dLVvfoAyFjrrlrC8CqGX4NZVW4=
Subject key identifier: FE:12:E5:69:8E:58:1C:2A:5D:2A:84:4A:AD:DE:FE:B1:DF:55:00:AE
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0190FD65EE5D51A68A07F2B3588EB1226E3D
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/_hLlaY5YHCpdKoRKrd7-sd9VAK4.roa
Signing time: Mon 29 Jul 2024 07:30:34 +0000
ROA not before: Mon 29 Jul 2024 07:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.140.59.0/24 maxlen: 24
45.149.5.0/24 maxlen: 24
45.149.7.0/24 maxlen: 24
212.81.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Aug 2024 11:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:65:ee:5d:51:a6:8a:07:f2:b3:58:8e:b1:22:6e:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jul 29 07:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe12e5698e581c2a5d2a844aaddefeb1df5500ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:db:65:a4:23:2f:6b:b7:43:09:6a:f1:6f:78:
2e:14:c6:db:2c:c7:8a:ab:65:f2:02:7a:bb:e6:94:
b6:89:ba:c3:63:ab:a6:4f:8a:26:0f:fa:b9:30:42:
40:a8:47:f5:d9:7b:98:c5:7e:0c:0c:89:8e:08:f8:
85:4a:a2:69:26:25:7c:ad:e6:9d:36:be:2b:90:30:
56:5d:21:bb:8e:6c:d0:4a:b7:af:d0:db:27:d7:85:
d0:15:d0:2e:12:44:20:5e:65:9a:43:8d:32:0b:2b:
f1:7e:49:ee:f5:9d:aa:a5:8e:1e:a2:40:47:f3:fc:
88:6d:14:71:47:a4:69:4c:1c:1d:8e:d7:36:e5:23:
e9:9c:50:ff:06:54:a5:69:d5:7f:88:44:8a:8c:5e:
c6:2a:a2:17:7a:53:53:7a:32:c4:8e:3d:d8:5d:a0:
e2:a8:14:9e:b3:19:a7:ae:da:6f:03:43:31:7b:2e:
91:d7:bb:f6:e3:44:f8:00:a4:7e:8e:47:ee:7e:a7:
66:e6:52:18:a8:6e:37:d9:48:05:f3:e4:87:b7:5f:
34:58:80:6b:1e:ae:b8:44:4b:43:d6:1c:f1:8e:4f:
d4:37:8d:fe:87:4f:ac:99:f8:2c:b7:33:1e:b4:03:
af:13:b5:b5:76:bd:ee:66:6f:d8:49:06:0b:7d:4f:
5b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:12:E5:69:8E:58:1C:2A:5D:2A:84:4A:AD:DE:FE:B1:DF:55:00:AE
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/_hLlaY5YHCpdKoRKrd7-sd9VAK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.59.0/24
45.149.5.0/24
45.149.7.0/24
212.81.44.0/24
Signature Algorithm: sha256WithRSAEncryption
49:67:6b:87:f1:99:cf:fd:62:de:07:37:2a:22:b0:50:5f:e8:
81:ad:b6:b9:2d:05:e0:be:f2:60:13:2a:bb:f5:ba:e2:31:fe:
54:df:07:6d:43:0d:8a:b5:96:f1:dc:2b:40:c0:93:de:e2:67:
04:85:40:54:7b:3c:98:af:8a:30:e7:be:41:e3:f8:53:9a:8b:
c7:d4:27:6c:b0:83:88:3f:59:bf:ce:e1:2c:99:c2:bb:cf:5f:
94:85:f3:b9:53:80:af:15:f9:b7:db:62:07:b3:91:43:57:bf:
cb:25:b0:a9:83:bf:01:e7:35:a7:74:52:2d:95:7b:1f:36:b3:
11:a4:7b:e4:8e:6c:cc:b3:cb:0f:d9:95:88:08:06:cb:cb:2f:
d5:d3:c5:30:be:0d:ba:e1:cb:2c:ef:d7:dd:d1:e6:fc:53:12:
5b:1d:12:bb:89:e9:4c:06:6f:cd:a7:fc:9d:21:b8:2b:38:b7:
25:85:9e:cc:88:06:58:f6:39:3b:5b:0a:9d:18:16:87:87:0f:
d9:6d:2a:a4:10:bd:c6:09:41:10:59:82:bb:ee:75:4b:45:0b:
2f:f0:2c:8b:92:67:62:bc:3d:7a:21:9a:3a:1a:77:0e:b1:7f:
75:c3:97:0a:42:ba:e7:ed:51:d1:d6:d1:0c:a7:b4:27:60:d4:
86:9c:b9:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZD9Ze5dUaaKB/KzWI6xIm49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwNzI5MDczMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTEyZTU2OThlNTgxYzJhNWQyYTg0NGFhZGRlZmViMWRmNTUwMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dtlpCMva7dDCWrxb3guFMbbLMeK
q2XyAnq75pS2ibrDY6umT4omD/q5MEJAqEf12XuYxX4MDImOCPiFSqJpJiV8read
Nr4rkDBWXSG7jmzQSrev0Nsn14XQFdAuEkQgXmWaQ40yCyvxfknu9Z2qpY4eokBH
8/yIbRRxR6RpTBwdjtc25SPpnFD/BlSladV/iESKjF7GKqIXelNTejLEjj3YXaDi
qBSesxmnrtpvA0Mxey6R17v240T4AKR+jkfufqdm5lIYqG432UgF8+SHt180WIBr
Hq64REtD1hzxjk/UN43+h0+smfgstzMetAOvE7W1dr3uZm/YSQYLfU9b0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP4S5WmOWBwqXSqESq3e/rHfVQCuMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvX2hMbGFZNVlIQ3BkS29SS3JkNy1zZDlWQUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYw7AwQA
LZUFAwQALZUHAwQA1FEsMA0GCSqGSIb3DQEBCwUAA4IBAQBJZ2uH8ZnP/WLeBzcq
IrBQX+iBrba5LQXgvvJgEyq79briMf5U3wdtQw2KtZbx3CtAwJPe4mcEhUBUezyY
r4ow575B4/hTmovH1CdssIOIP1m/zuEsmcK7z1+UhfO5U4CvFfm322IHs5FDV7/L
JbCpg78B5zWndFItlXsfNrMRpHvkjmzMs8sP2ZWICAbLyy/V08Uwvg264css79fd
0eb8UxJbHRK7ielMBm/Np/ydIbgrOLclhZ7MiAZY9jk7WwqdGBaHhw/ZbSqkEL3G
CUEQWYK77nVLRQsv8CyLkmdivD16IZo6GncOsX91w5cKQrrn7VHR1tEMp7QnYNSG
nLkP
-----END CERTIFICATE-----
Generated at Fri Aug 2 13:49:46 2024 by rpki-client on console-fra.rpki-client.org