Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/IfSRoeRmO2DVQqeBOYvYGlHc5BE.roa
File: IfSRoeRmO2DVQqeBOYvYGlHc5BE.roa (raw, json)
Hash identifier: 9ViY87aOvK2mE4eePFB9bBdvWRu5VuWeIr5gnKMYL34=
Subject key identifier: 21:F4:91:A1:E4:66:3B:60:D5:42:A7:81:39:8B:D8:1A:51:DC:E4:11
Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Certificate serial: 01928B0726F7F139815489A1A4C3800AB2B5
Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/IfSRoeRmO2DVQqeBOYvYGlHc5BE.roa
Signing time: Mon 14 Oct 2024 12:35:54 +0000
ROA not before: Mon 14 Oct 2024 12:35:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.81.118.0/24 maxlen: 24
45.85.240.0/24 maxlen: 24
45.85.241.0/24 maxlen: 24
45.85.243.0/24 maxlen: 24
45.145.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 16:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:07:26:f7:f1:39:81:54:89:a1:a4:c3:80:0a:b2:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd
Validity
Not Before: Oct 14 12:35:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21f491a1e4663b60d542a781398bd81a51dce411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:32:07:04:0a:7f:dc:61:58:3e:aa:c4:dd:
42:b5:3c:88:d3:68:fc:c2:c7:97:90:58:2e:fa:87:
0f:19:7a:c8:ed:74:eb:fd:f4:a9:e4:24:fb:b3:9e:
86:55:54:9f:53:e5:3d:80:a9:2d:f7:7d:1e:c8:f7:
f6:db:0c:15:49:49:2e:91:6b:7f:ec:40:0d:a1:00:
13:38:96:5a:52:31:e2:74:87:b2:a8:d7:9d:2e:63:
56:1e:5e:2c:fa:fc:de:e1:a4:fc:b7:c0:7d:20:fc:
10:06:5f:5f:dd:39:3a:f6:46:b2:93:2b:c8:72:c3:
45:14:47:85:0f:b4:c8:10:d0:41:87:18:93:03:2f:
34:1e:09:b3:7e:1f:a3:ca:bd:2b:7c:99:30:ec:eb:
4d:48:63:85:b1:53:dd:af:bd:47:7b:bb:90:bd:c3:
9b:c5:f5:b9:17:4e:74:fa:8a:2a:9f:5e:da:05:40:
ef:24:ed:e2:76:21:36:87:1a:2f:59:f8:38:85:9c:
7b:a8:96:da:e5:89:3a:7c:59:5d:9f:ac:64:a9:64:
a7:2d:76:89:1e:0f:1d:f1:fe:94:d4:a9:cc:a3:a7:
d9:ff:ac:ad:15:d8:24:ed:95:3e:43:80:de:3d:e0:
2e:aa:5b:81:9e:cf:a3:e0:b3:d5:26:a1:e0:68:a8:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F4:91:A1:E4:66:3B:60:D5:42:A7:81:39:8B:D8:1A:51:DC:E4:11
X509v3 Authority Key Identifier:
keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/IfSRoeRmO2DVQqeBOYvYGlHc5BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.118.0/24
45.85.240.0/23
45.85.243.0/24
45.145.216.0/24
Signature Algorithm: sha256WithRSAEncryption
63:16:8b:69:27:52:81:32:a3:05:07:9f:e7:d4:81:13:de:b4:
ac:09:f4:37:22:dc:04:4c:c3:42:e7:7d:0f:bc:0a:bf:72:0d:
bd:9f:24:94:49:93:4a:dc:92:29:71:36:b9:74:0a:04:3a:1a:
ee:41:00:e7:17:1a:65:35:86:0c:f8:f4:a9:23:a6:2e:cf:b3:
40:d5:a8:1e:6b:46:42:dd:a7:f8:5c:5c:ce:3d:9b:d7:56:19:
ac:ca:2b:55:02:4b:2f:9a:70:53:c4:d0:11:3d:91:42:9a:8e:
09:6a:92:d1:cd:34:01:83:11:d9:94:14:bb:8f:39:4e:b5:dd:
e9:eb:b7:a6:21:3a:32:a8:fa:79:80:88:54:e8:a9:10:ce:85:
4d:54:28:33:b7:7e:60:6e:e9:86:a7:69:ac:e0:54:70:05:ca:
39:41:43:a0:a7:e5:7a:0f:ad:80:7e:d5:c6:0d:d9:f8:17:1d:
d2:fd:e5:9d:04:22:7c:f4:28:94:9f:4b:df:47:de:6e:ae:ab:
61:77:60:3e:69:8c:3e:05:bb:f7:e8:1e:12:43:68:25:45:4f:
29:24:d0:b4:e2:ca:dd:14:33:77:16:a5:8a:77:a5:b3:5d:32:
b9:9e:c3:f9:da:83:01:35:d7:2e:1c:d2:aa:0d:e7:b6:d0:63:
2c:f2:91:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKLByb38TmBVImhpMOACrK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy
MDU0ZGQwHhcNMjQxMDE0MTIzNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY0OTFhMWU0NjYzYjYwZDU0MmE3ODEzOThiZDgxYTUxZGNlNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QoyBwQKf9xhWD6qxN1CtTyI02j8
wseXkFgu+ocPGXrI7XTr/fSp5CT7s56GVVSfU+U9gKkt930eyPf22wwVSUkukWt/
7EANoQATOJZaUjHidIeyqNedLmNWHl4s+vze4aT8t8B9IPwQBl9f3Tk69kaykyvI
csNFFEeFD7TIENBBhxiTAy80Hgmzfh+jyr0rfJkw7OtNSGOFsVPdr71He7uQvcOb
xfW5F050+ooqn17aBUDvJO3idiE2hxovWfg4hZx7qJba5Yk6fFldn6xkqWSnLXaJ
Hg8d8f6U1KnMo6fZ/6ytFdgk7ZU+Q4DePeAuqluBns+j4LPVJqHgaKjozQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCH0kaHkZjtg1UKngTmL2BpR3OQRMB8GA1UdIwQY
MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt
ZTQ5NWFhYTBjYWMwLzEvSWZTUm9lUm1PMkRWUXFlQk9ZdllHbEhjNUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw
LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVF2AwQB
LVXwAwQALVXzAwQALZHYMA0GCSqGSIb3DQEBCwUAA4IBAQBjFotpJ1KBMqMFB5/n
1IET3rSsCfQ3ItwETMNC530PvAq/cg29nySUSZNK3JIpcTa5dAoEOhruQQDnFxpl
NYYM+PSpI6Yuz7NA1agea0ZC3af4XFzOPZvXVhmsyitVAksvmnBTxNARPZFCmo4J
apLRzTQBgxHZlBS7jzlOtd3p67emIToyqPp5gIhU6KkQzoVNVCgzt35gbumGp2ms
4FRwBco5QUOgp+V6D62AftXGDdn4Fx3S/eWdBCJ89CiUn0vfR95urqthd2A+aYw+
Bbv36B4SQ2glRU8pJNC04srdFDN3FqWKd6WzXTK5nsP52oMBNdcuHNKqDee20GMs
8pG8
-----END CERTIFICATE-----
Generated at Tue Oct 29 19:20:09 2024 by rpki-client on console-fra.rpki-client.org