Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/pJzin1EWUm8QIXlZVjqUrVA-GpI.roa
File: pJzin1EWUm8QIXlZVjqUrVA-GpI.roa (raw, json)
Hash identifier: fN8Xl0esTeY6r9+dXxPAnnxd5DFNlv2vsrrooLLxJLs=
Subject key identifier: A4:9C:E2:9F:51:16:52:6F:10:21:79:59:56:3A:94:AD:50:3E:1A:92
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0191247C31F97EFD8A022923DAD329890C52
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/pJzin1EWUm8QIXlZVjqUrVA-GpI.roa
Signing time: Mon 05 Aug 2024 21:40:04 +0000
ROA not before: Mon 05 Aug 2024 21:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.149.7.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 07:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:24:7c:31:f9:7e:fd:8a:02:29:23:da:d3:29:89:0c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Aug 5 21:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a49ce29f5116526f10217959563a94ad503e1a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:88:ea:15:b2:57:50:d0:0d:a8:20:81:62:34:
e2:22:00:1e:6c:df:8b:83:26:61:6f:60:ac:1d:a5:
58:2c:e9:ce:76:b3:6b:42:29:5b:b3:23:94:11:3d:
21:24:e0:9e:5c:ad:15:b9:04:86:3d:2a:a3:90:5f:
80:25:f0:58:14:57:e2:bd:b3:5b:51:db:78:aa:e1:
9c:57:1f:4d:46:c8:e1:4c:de:32:c7:85:a9:d7:d3:
77:9f:54:b5:51:87:64:7e:20:f5:2f:03:e5:54:b6:
cd:15:c5:37:5f:23:b0:01:b4:c4:d6:c3:4b:6b:5c:
15:16:92:47:21:53:eb:6d:a6:3a:3f:e3:bf:dc:0c:
70:06:78:b8:5c:f5:16:62:61:42:c1:b5:ed:b3:e3:
a7:f0:33:0d:61:f0:85:ae:d1:c9:17:08:2b:1f:31:
c2:be:49:4a:cd:4b:5f:d2:e4:4f:ac:cd:15:57:b6:
b9:21:72:a8:5d:71:21:7a:43:5a:a7:f4:96:11:d9:
aa:73:53:1f:de:b2:f5:64:23:3f:6a:c6:f2:e2:1d:
07:9d:8a:6a:69:da:4f:61:10:6c:b7:c2:8c:2f:fc:
5c:97:e6:77:d1:78:41:96:37:01:c3:40:d8:a7:4d:
6f:c0:77:47:e2:9c:f4:19:97:b1:e7:f9:6d:de:a4:
4e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9C:E2:9F:51:16:52:6F:10:21:79:59:56:3A:94:AD:50:3E:1A:92
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/pJzin1EWUm8QIXlZVjqUrVA-GpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.7.0/24
212.81.45.0/24
212.81.47.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:8c:ec:59:de:d4:c6:dc:24:b0:f2:7a:a9:bf:ac:4f:80:e3:
a0:eb:de:ec:29:79:1c:2e:a7:ea:b9:09:77:c7:b4:3d:20:f2:
08:92:f2:fc:eb:8c:01:45:e6:de:88:4c:a7:43:c1:97:5b:33:
80:49:b0:21:dc:87:2e:c4:83:c4:00:30:21:f4:6c:dd:8b:af:
5a:4e:37:79:9e:74:4f:de:24:64:ac:25:31:c3:92:a0:52:59:
42:18:a4:4e:b5:e9:01:61:f5:9f:f5:12:b9:9c:66:0a:f2:81:
ca:c3:d3:13:99:d0:94:f4:7d:cb:35:99:aa:12:02:45:d0:b4:
d7:4c:09:c9:a7:ac:b5:73:32:f5:39:10:6e:03:08:e6:d5:39:
61:e9:e7:61:41:43:6f:a9:dc:e7:07:33:83:4a:70:34:bf:5a:
26:2b:44:95:9e:31:2b:a6:a7:15:5b:98:83:69:5a:e8:01:34:
38:b6:18:9d:d1:a5:b5:ce:03:c4:de:59:a3:f9:24:f2:2f:be:
34:fd:6f:2a:f5:a4:30:cb:99:12:40:2c:06:8a:03:e1:e4:5a:
fa:9b:2f:48:d7:0e:65:52:68:ce:7e:20:c7:18:3c:9b:ab:87:
bd:9c:34:ac:3c:7d:13:1f:62:86:6d:03:e7:db:36:3b:0f:fd:
3e:23:8d:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEkfDH5fv2KAikj2tMpiQxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwODA1MjE0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDljZTI5ZjUxMTY1MjZmMTAyMTc5NTk1NjNhOTRhZDUwM2UxYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IjqFbJXUNANqCCBYjTiIgAebN+L
gyZhb2CsHaVYLOnOdrNrQilbsyOUET0hJOCeXK0VuQSGPSqjkF+AJfBYFFfivbNb
Udt4quGcVx9NRsjhTN4yx4Wp19N3n1S1UYdkfiD1LwPlVLbNFcU3XyOwAbTE1sNL
a1wVFpJHIVPrbaY6P+O/3AxwBni4XPUWYmFCwbXts+On8DMNYfCFrtHJFwgrHzHC
vklKzUtf0uRPrM0VV7a5IXKoXXEhekNap/SWEdmqc1Mf3rL1ZCM/asby4h0HnYpq
adpPYRBst8KML/xcl+Z30XhBljcBw0DYp01vwHdH4pz0GZex5/lt3qRODQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKSc4p9RFlJvECF5WVY6lK1QPhqSMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvcEp6aW4xRVdVbThRSVhsWlZqcVVyVkEtR3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZUHAwQA
1FEtAwQA1FEvMA0GCSqGSIb3DQEBCwUAA4IBAQAKjOxZ3tTG3CSw8nqpv6xPgOOg
697sKXkcLqfquQl3x7Q9IPIIkvL864wBRebeiEynQ8GXWzOASbAh3IcuxIPEADAh
9Gzdi69aTjd5nnRP3iRkrCUxw5KgUllCGKROtekBYfWf9RK5nGYK8oHKw9MTmdCU
9H3LNZmqEgJF0LTXTAnJp6y1czL1ORBuAwjm1Tlh6edhQUNvqdznBzODSnA0v1om
K0SVnjErpqcVW5iDaVroATQ4thid0aW1zgPE3lmj+STyL740/W8q9aQwy5kSQCwG
igPh5Fr6my9I1w5lUmjOfiDHGDybq4e9nDSsPH0TH2KGbQPn2zY7D/0+I42O
-----END CERTIFICATE-----
Generated at Tue Aug 27 10:32:41 2024 by rpki-client on console-ams.rpki-client.org