Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/JdY9YkpJ6HZP5I2LWYUyE_nPHJc.roa
File: JdY9YkpJ6HZP5I2LWYUyE_nPHJc.roa (raw, json)
Hash identifier: XhlCf+D9RDLTJw0AUE/3DjGcAbs/ap/2wdNHR1UeuLA=
Subject key identifier: 25:D6:3D:62:4A:49:E8:76:4F:E4:8D:8B:59:85:32:13:F9:CF:1C:97
Certificate issuer: /CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Certificate serial: 018FCD6A7FAA6D9F1C156361D63D044DC08E
Authority key identifier: B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/JdY9YkpJ6HZP5I2LWYUyE_nPHJc.roa
Signing time: Fri 31 May 2024 06:50:59 +0000
ROA not before: Fri 31 May 2024 06:50:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50247
IP address blocks: 45.131.33.0/24 maxlen: 24
45.131.34.0/24 maxlen: 24
91.224.142.0/23 maxlen: 23
91.224.142.0/24 maxlen: 24
91.224.143.0/24 maxlen: 24
109.95.88.0/21 maxlen: 21
109.196.80.0/20 maxlen: 20
185.178.236.0/22 maxlen: 22
2a0a:7080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 05 Aug 2024 18:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:6a:7f:aa:6d:9f:1c:15:63:61:d6:3d:04:4d:c0:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Validity
Not Before: May 31 06:50:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25d63d624a49e8764fe48d8b59853213f9cf1c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:76:f9:1c:17:ae:0a:1b:8d:14:1a:b3:fd:
e4:f9:54:38:13:b8:7c:a1:00:78:fb:18:d2:90:2c:
71:1c:f1:2d:43:13:ee:53:ff:74:64:da:66:d5:0a:
09:0b:ef:43:40:ca:72:08:01:43:92:d9:29:fa:cb:
85:42:2f:ca:0b:db:cf:58:e2:73:69:2d:20:f5:b5:
75:82:8b:47:9e:a1:4e:1e:72:18:2c:c6:88:e7:7e:
d7:ba:58:e8:17:67:4c:0b:f2:fd:97:d4:16:4f:cc:
1c:38:90:c0:b0:9a:b9:93:7f:b0:17:1f:db:db:e1:
ef:9d:b8:e6:29:81:18:24:f3:1e:c2:34:e3:15:36:
0d:69:33:b5:f0:15:a0:d0:a7:4d:ac:ad:7b:6f:0d:
6e:fb:2f:c1:2d:32:41:59:fe:85:54:a8:1d:cb:3d:
c2:81:72:a0:dc:a9:14:11:a6:d3:af:56:45:71:88:
9b:1f:b6:76:aa:18:f1:7c:c0:c6:73:e8:c9:0f:5d:
de:45:46:40:dd:e1:c0:ec:56:1c:d1:58:ee:b9:db:
28:73:bf:49:bb:5f:63:fb:fe:8e:7d:e2:ed:4b:b6:
d3:38:30:2c:c4:51:df:15:d9:df:93:22:f4:72:20:
ad:77:2c:63:c8:b5:f8:ba:8b:8f:dc:db:64:39:32:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:3D:62:4A:49:E8:76:4F:E4:8D:8B:59:85:32:13:F9:CF:1C:97
X509v3 Authority Key Identifier:
keyid:B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/JdY9YkpJ6HZP5I2LWYUyE_nPHJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.33.0-45.131.34.255
91.224.142.0/23
109.95.88.0/21
109.196.80.0/20
185.178.236.0/22
IPv6:
2a0a:7080::/29
Signature Algorithm: sha256WithRSAEncryption
73:38:66:64:80:0c:9e:0d:c3:8c:da:28:e3:28:c5:5a:cf:52:
cf:09:c4:66:51:cd:22:0b:e3:f0:a7:21:5d:52:81:78:ba:0c:
f8:40:b7:c4:82:79:03:af:7d:4f:6d:36:5b:12:b8:1e:6b:a3:
bc:8d:a5:e4:18:1e:fd:7c:7c:a6:f3:2e:0b:a5:9a:79:de:60:
cc:af:00:72:f1:b6:b2:fd:dc:c0:22:b8:6b:95:56:70:44:10:
84:4e:bf:c6:f6:eb:80:ba:0c:5f:2a:8d:3b:e6:c0:55:23:f6:
d8:3a:67:f6:ca:68:23:62:cf:cf:7f:70:22:0d:d2:bd:bc:d9:
c3:2a:23:69:de:51:c0:e5:c3:62:af:16:0a:c8:2e:e6:e5:4a:
f3:b8:d8:fd:4b:80:15:fd:75:db:6a:99:e2:6f:6b:ae:e1:33:
d0:87:e8:ee:2f:7c:34:cf:e3:78:ca:1f:69:0a:f1:86:3c:31:
8c:65:a5:e5:b2:0a:6e:6f:58:2c:0e:87:cc:54:7a:dd:6b:0d:
58:07:2a:6e:74:55:04:98:1a:07:e6:ec:88:d5:a8:35:74:38:
c5:78:17:01:42:53:82:65:62:6c:ac:97:82:3a:89:57:3c:c8:
6c:8d:4e:19:af:2b:4e:63:6a:ac:32:fc:29:2f:49:e6:50:a0:
05:af:e5:c4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY/Nan+qbZ8cFWNh1j0ETcCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRjMzc2YTE1OWQwNWUyYWY5NzE3NmEzZWJhODM2MGU2
MGQxNzYwHhcNMjQwNTMxMDY1MDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ2M2Q2MjRhNDllODc2NGZlNDhkOGI1OTg1MzIxM2Y5Y2YxYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7R2+RwXrgobjRQas/3k+VQ4E7h8
oQB4+xjSkCxxHPEtQxPuU/90ZNpm1QoJC+9DQMpyCAFDktkp+suFQi/KC9vPWOJz
aS0g9bV1gotHnqFOHnIYLMaI537XuljoF2dMC/L9l9QWT8wcOJDAsJq5k3+wFx/b
2+HvnbjmKYEYJPMewjTjFTYNaTO18BWg0KdNrK17bw1u+y/BLTJBWf6FVKgdyz3C
gXKg3KkUEabTr1ZFcYibH7Z2qhjxfMDGc+jJD13eRUZA3eHA7FYc0Vjuudsoc79J
u19j+/6OfeLtS7bTODAsxFHfFdnfkyL0ciCtdyxjyLX4uouP3NtkOTLbHwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCXWPWJKSeh2T+SNi1mFMhP5zxyXMB8GA1UdIwQY
MBaAFLS9w3ahWdBeKvlxdqPrqDYOYNF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUt
MjhkMDEwNjAzNTI5LzEvSmRZOVlrcEo2SFpQNUkyTFdZVXlFX25QSEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUtMjhkMDEwNjAzNTI5
LzEvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAAtgyED
BAAtgyIDBAFb4I4DBANtX1gDBARtxFADBAK5suwwDQQCAAIwBwMFAyoKcIAwDQYJ
KoZIhvcNAQELBQADggEBAHM4ZmSADJ4Nw4zaKOMoxVrPUs8JxGZRzSIL4/CnIV1S
gXi6DPhAt8SCeQOvfU9tNlsSuB5ro7yNpeQYHv18fKbzLgulmnneYMyvAHLxtrL9
3MAiuGuVVnBEEIROv8b264C6DF8qjTvmwFUj9tg6Z/bKaCNiz89/cCIN0r282cMq
I2neUcDlw2KvFgrILublSvO42P1LgBX9ddtqmeJva67hM9CH6O4vfDTP43jKH2kK
8YY8MYxlpeWyCm5vWCwOh8xUet1rDVgHKm50VQSYGgfm7IjVqDV0OMV4FwFCU4Jl
Ymysl4I6iVc8yGyNThmvK05jaqwy/CkvSeZQoAWv5cQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:06 2025 by rpki-client