Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/y4_gI7iKJBw22mp6CWwGieir-f4.roa
File: y4_gI7iKJBw22mp6CWwGieir-f4.roa (raw, json)
Hash identifier: uijhSO6MJCAJ2nxHaWDcupeRiAr5AnI8QqGoqwlavqk=
Subject key identifier: CB:8F:E0:23:B8:8A:24:1C:36:DA:6A:7A:09:6C:06:89:E8:AB:F9:FE
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0191D12AB566FB830539459E05DCFFB55893
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/y4_gI7iKJBw22mp6CWwGieir-f4.roa
Signing time: Sun 08 Sep 2024 10:25:22 +0000
ROA not before: Sun 08 Sep 2024 10:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.140.57.0/24 maxlen: 24
45.149.7.0/24 maxlen: 24
212.81.45.0/24 maxlen: 24
212.81.46.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Sep 2024 09:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d1:2a:b5:66:fb:83:05:39:45:9e:05:dc:ff:b5:58:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Sep 8 10:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb8fe023b88a241c36da6a7a096c0689e8abf9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:ed:d0:7b:75:ab:83:f6:38:01:b0:12:25:
53:e8:d3:b4:a7:96:9f:5c:25:f7:60:b9:1c:36:fb:
3f:63:44:f3:8c:d3:a3:0d:4a:d0:f4:05:e1:b4:f3:
b4:fd:f8:e7:c6:35:5c:38:7c:61:ce:e3:cc:d7:59:
db:4f:43:96:96:7b:4b:b4:56:71:fa:8e:00:12:63:
f3:c2:6f:a5:38:a3:d2:89:b9:f0:75:ec:69:b9:98:
8d:b2:e0:21:4b:38:df:79:e6:5c:25:76:8e:e0:22:
a6:43:c4:3b:49:11:f9:4d:46:66:9b:f1:c4:ea:54:
24:e1:ef:fd:1c:b8:9e:82:08:1c:69:f2:45:91:b5:
12:ae:c1:37:bf:fa:9d:d8:82:a1:a9:bc:b7:39:6d:
d6:aa:0c:5b:10:e2:4d:0c:94:af:4f:76:22:d3:ac:
ba:a4:07:bd:1c:fc:39:d6:45:65:1e:3c:51:d4:7a:
64:aa:72:25:f2:f7:03:c1:31:a6:b4:41:2d:44:59:
34:8e:cf:7b:53:2b:bc:51:5b:86:e4:15:b6:f2:f2:
ef:4c:e4:28:9f:b6:29:6f:6b:53:bf:6e:61:0b:36:
a8:7d:e3:58:f5:40:97:3f:88:31:1b:87:d9:22:cf:
24:90:0f:d4:e8:41:b9:19:21:6b:e7:e6:85:5c:e6:
1a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8F:E0:23:B8:8A:24:1C:36:DA:6A:7A:09:6C:06:89:E8:AB:F9:FE
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/y4_gI7iKJBw22mp6CWwGieir-f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.57.0/24
45.149.7.0/24
212.81.45.0-212.81.47.255
Signature Algorithm: sha256WithRSAEncryption
78:35:68:46:fa:e3:a7:6e:0f:9c:95:00:92:3d:35:03:f4:47:
62:39:c7:ff:8d:10:6b:85:2f:eb:1f:05:1d:ca:62:1c:1a:ef:
02:f5:b2:10:6f:2c:78:ae:99:44:f4:bf:8d:a1:b2:bb:ae:a3:
80:2d:15:21:61:d2:3e:74:6d:1c:44:28:c0:b9:72:91:5b:14:
02:42:f0:40:0f:48:5e:f3:43:23:56:14:52:5b:a7:46:37:33:
fa:37:bd:ad:9f:df:d4:43:4b:36:e9:c0:4b:33:69:46:9e:eb:
60:14:44:6f:7d:91:37:57:5e:14:b5:51:06:10:30:7d:94:8c:
75:c8:de:12:73:92:b8:ce:00:40:20:9e:4f:fc:d4:54:bd:cf:
90:69:29:05:6b:28:7b:42:c6:e6:97:30:03:cb:84:00:8a:7b:
4d:a8:59:3e:8f:f9:53:0b:2a:cd:4a:31:bf:a1:a3:af:03:d6:
c1:35:52:b9:cd:5a:cc:2d:89:0b:9a:20:d2:dc:e1:7b:08:20:
4f:53:28:e7:f0:59:92:b5:88:69:00:86:f3:18:67:1f:42:6d:
5f:a7:b5:f2:ac:85:75:04:56:b3:6d:1a:8e:3d:a8:8f:90:6c:
b0:55:13:de:1c:88:a3:2f:79:9e:8b:10:87:52:48:66:f2:21:
4d:07:c0:3e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZHRKrVm+4MFOUWeBdz/tViTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQwOTA4MTAyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhmZTAyM2I4OGEyNDFjMzZkYTZhN2EwOTZjMDY4OWU4YWJmOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWXt0Ht1q4P2OAGwEiVT6NO0p5af
XCX3YLkcNvs/Y0TzjNOjDUrQ9AXhtPO0/fjnxjVcOHxhzuPM11nbT0OWlntLtFZx
+o4AEmPzwm+lOKPSibnwdexpuZiNsuAhSzjfeeZcJXaO4CKmQ8Q7SRH5TUZmm/HE
6lQk4e/9HLiegggcafJFkbUSrsE3v/qd2IKhqby3OW3WqgxbEOJNDJSvT3Yi06y6
pAe9HPw51kVlHjxR1HpkqnIl8vcDwTGmtEEtRFk0js97Uyu8UVuG5BW28vLvTOQo
n7Ypb2tTv25hCzaofeNY9UCXP4gxG4fZIs8kkA/U6EG5GSFr5+aFXOYaDwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMuP4CO4iiQcNtpqeglsBonoq/n+MB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEveTRfZ0k3aUtKQncyMm1wNkNXd0dpZWlyLWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALYw5AwQA
LZUHMAwDBADUUS0DBATUUSAwDQYJKoZIhvcNAQELBQADggEBAHg1aEb646duD5yV
AJI9NQP0R2I5x/+NEGuFL+sfBR3KYhwa7wL1shBvLHiumUT0v42hsruuo4AtFSFh
0j50bRxEKMC5cpFbFAJC8EAPSF7zQyNWFFJbp0Y3M/o3va2f39RDSzbpwEszaUae
62AURG99kTdXXhS1UQYQMH2UjHXI3hJzkrjOAEAgnk/81FS9z5BpKQVrKHtCxuaX
MAPLhACKe02oWT6P+VMLKs1KMb+ho68D1sE1UrnNWswtiQuaINLc4XsIIE9TKOfw
WZK1iGkAhvMYZx9CbV+ntfKshXUEVrNtGo49qI+QbLBVE94ciKMveZ6LEIdSSGby
IU0HwD4=
-----END CERTIFICATE-----
Generated at Sun Sep 22 10:38:21 2024 by rpki-client on console-ams.rpki-client.org