Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/acbqJjTILibJSj4Kt-kFFD8s-So.roa
File: acbqJjTILibJSj4Kt-kFFD8s-So.roa (raw, json)
Hash identifier: 9pOiFOQ1F6jvrA4Nyqdg5JdQi3pADwc7FZXTaXoqn0s=
Subject key identifier: 69:C6:EA:26:34:C8:2E:26:C9:4A:3E:0A:B7:E9:05:14:3F:2C:F9:2A
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0192191AF099A0C24E05E8A3CE982B6BBB61
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/acbqJjTILibJSj4Kt-kFFD8s-So.roa
Signing time: Sun 22 Sep 2024 09:40:48 +0000
ROA not before: Sun 22 Sep 2024 09:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.149.7.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
212.81.46.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 17:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:19:1a:f0:99:a0:c2:4e:05:e8:a3:ce:98:2b:6b:bb:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Sep 22 09:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69c6ea2634c82e26c94a3e0ab7e905143f2cf92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c7:d1:f1:b3:26:b2:c2:7f:aa:f3:26:4b:4f:
e8:04:bf:69:a5:8e:5b:9d:41:42:95:3a:a7:81:2d:
0f:ab:dd:b8:95:bb:8a:1f:d3:be:3e:ae:33:97:a1:
a5:68:e2:89:38:81:e3:66:a8:19:8e:61:36:30:df:
20:1c:c5:dc:93:3c:5f:30:59:93:f0:7e:87:31:e7:
d0:78:de:9c:84:31:fc:76:a2:3a:15:b6:d8:43:6c:
0e:21:c2:cd:72:9f:d8:95:ac:35:c4:28:e7:52:bc:
1d:ac:b6:95:e7:32:72:9d:15:59:9e:e2:78:58:24:
20:ef:b3:2e:69:b8:46:97:ea:7e:d8:9b:5a:ec:f3:
b0:a6:47:84:0c:ed:21:97:8e:f4:c0:5f:dc:8a:31:
3a:08:58:7e:e4:e4:df:c5:32:a8:d1:fc:df:62:cd:
2f:28:14:af:82:09:ea:4a:66:ea:fe:fe:84:2b:1d:
39:e5:c8:d2:d0:82:0b:4b:9d:c9:e8:7e:bf:a0:ab:
71:b5:05:e7:ab:2d:f3:47:e5:cd:c4:6f:55:78:d7:
fe:a2:d0:67:60:41:b8:64:ac:af:25:39:81:7e:93:
93:34:82:8d:1d:10:c6:82:60:5b:cc:aa:0e:86:16:
77:45:39:28:80:d1:30:1a:8c:5f:b0:2f:70:c6:5b:
e7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C6:EA:26:34:C8:2E:26:C9:4A:3E:0A:B7:E9:05:14:3F:2C:F9:2A
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/acbqJjTILibJSj4Kt-kFFD8s-So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.7.0/24
212.81.45.0-212.81.47.255
Signature Algorithm: sha256WithRSAEncryption
05:2b:7f:f9:f6:1e:59:04:a6:ef:a4:1a:01:6a:80:b0:7d:b8:
3d:1a:7a:41:38:76:bc:d6:ee:b1:5e:73:9d:bb:61:58:9b:6a:
a4:39:94:d9:c4:a5:bb:ee:3c:65:06:8a:d2:a9:73:ed:88:2b:
4c:e1:0a:d8:30:15:35:cb:8d:b1:35:05:9c:61:ea:5c:f5:fe:
03:04:d5:39:95:a8:d2:8d:e9:73:8f:44:6b:de:1a:a6:ea:3f:
eb:cb:50:0d:f9:e6:1c:a6:08:f2:3d:9c:e3:f8:ba:3a:38:98:
a7:4c:61:e0:6a:d9:8a:d3:77:a9:8d:84:d4:1e:73:18:dd:6a:
7b:36:28:25:47:7b:79:cd:24:9e:23:d1:0a:71:af:d0:23:ce:
8d:aa:4b:65:fc:9d:49:3c:f6:07:b4:49:e6:a3:85:a8:30:cc:
e8:a1:38:6e:d6:3b:47:a8:f7:41:f6:ea:12:9b:b4:7c:34:bb:
b6:07:82:fd:50:10:8f:b0:1b:ec:ac:5a:8c:33:1b:e5:41:b0:
24:28:8e:22:91:79:35:15:e8:07:cd:b3:e5:57:1b:fb:41:79:
24:88:86:67:83:33:7a:36:ed:e7:66:ac:d8:de:08:d3:c9:85:
cc:c7:e4:3b:79:d5:7b:52:ec:2e:f3:3b:8c:3a:64:2e:61:d4:
fc:c0:f0:b5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZIZGvCZoMJOBeijzpgra7thMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwOTIyMDk0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM2ZWEyNjM0YzgyZTI2Yzk0YTNlMGFiN2U5MDUxNDNmMmNmOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMfR8bMmssJ/qvMmS0/oBL9ppY5b
nUFClTqngS0Pq924lbuKH9O+Pq4zl6GlaOKJOIHjZqgZjmE2MN8gHMXckzxfMFmT
8H6HMefQeN6chDH8dqI6FbbYQ2wOIcLNcp/Ylaw1xCjnUrwdrLaV5zJynRVZnuJ4
WCQg77MuabhGl+p+2Jta7POwpkeEDO0hl470wF/cijE6CFh+5OTfxTKo0fzfYs0v
KBSvggnqSmbq/v6EKx055cjS0IILS53J6H6/oKtxtQXnqy3zR+XNxG9VeNf+otBn
YEG4ZKyvJTmBfpOTNIKNHRDGgmBbzKoOhhZ3RTkogNEwGoxfsC9wxlvnIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGnG6iY0yC4myUo+CrfpBRQ/LPkqMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvYWNicUpqVElMaWJKU2o0S3Qta0ZGRDhzLVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALZUHMAwD
BADUUS0DBATUUSAwDQYJKoZIhvcNAQELBQADggEBAAUrf/n2HlkEpu+kGgFqgLB9
uD0aekE4drzW7rFec527YVibaqQ5lNnEpbvuPGUGitKpc+2IK0zhCtgwFTXLjbE1
BZxh6lz1/gME1TmVqNKN6XOPRGveGqbqP+vLUA355hymCPI9nOP4ujo4mKdMYeBq
2YrTd6mNhNQecxjdans2KCVHe3nNJJ4j0Qpxr9Ajzo2qS2X8nUk89ge0Seajhagw
zOihOG7WO0eo90H26hKbtHw0u7YHgv1QEI+wG+ysWowzG+VBsCQojiKReTUV6AfN
s+VXG/tBeSSIhmeDM3o27edmrNjeCNPJhczH5Dt51XtS7C7zO4w6ZC5h1PzA8LU=
Generated at Tue Sep 24 20:31:13 2024 by rpki-client on console-fra.rpki-client.org