Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/13a57c-cc4f-45bc-af9f-9367e42389d9/1/wI1v2qLsfCmsDnIL_j6g-7SFay4.roa
File: wI1v2qLsfCmsDnIL_j6g-7SFay4.roa (raw, json)
Hash identifier: Yl5kTZ+l2EUz306IDin64iKzqtyYZMmIl2324hrl3EY=
Subject key identifier: C0:8D:6F:DA:A2:EC:7C:29:AC:0E:72:0B:FE:3E:A0:FB:B4:85:6B:2E
Certificate issuer: /CN=53ef2884e4a13355db649a3493527c44228973b8
Certificate serial: 018CC795377560D0933ED4746051775F4BAB
Authority key identifier: 53:EF:28:84:E4:A1:33:55:DB:64:9A:34:93:52:7C:44:22:89:73:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U-8ohOShM1XbZJo0k1J8RCKJc7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/13a57c-cc4f-45bc-af9f-9367e42389d9/1/wI1v2qLsfCmsDnIL_j6g-7SFay4.roa
Signing time: Tue 02 Jan 2024 00:31:34 +0000
ROA not before: Tue 02 Jan 2024 00:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202591
IP address blocks: 92.119.28.0/22 maxlen: 22
185.150.184.0/22 maxlen: 22
45.154.164.0/22 maxlen: 22
2a09:b340::/29 maxlen: 29
2a07:7280::/29 maxlen: 29
2a0f:bd00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:37:75:60:d0:93:3e:d4:74:60:51:77:5f:4b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53ef2884e4a13355db649a3493527c44228973b8
Validity
Not Before: Jan 2 00:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c08d6fdaa2ec7c29ac0e720bfe3ea0fbb4856b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:3e:c1:a2:b6:4b:92:1c:1f:ac:5c:60:5c:
5d:88:56:5c:c1:39:82:c5:ee:b6:0e:3b:3e:1d:aa:
03:f1:30:88:65:ed:ec:89:f4:b8:3e:e5:c0:55:6c:
c9:da:36:c2:4e:86:43:73:67:8b:cf:8e:07:22:a5:
a9:af:b2:67:ae:c2:f7:77:72:a5:62:1d:05:d9:54:
62:23:2e:e2:d3:56:2c:fb:33:f7:cc:a7:a3:c3:4b:
cf:18:b8:5a:cc:c8:b3:19:e6:17:1b:de:09:64:aa:
d7:63:54:b6:cd:fa:65:87:14:04:bc:91:91:01:75:
51:e9:ee:ba:64:f0:ef:23:1b:ae:37:c3:db:48:39:
93:79:9c:9c:94:fb:7f:f3:26:d0:8b:de:98:8c:28:
87:ff:f7:40:9f:c5:4a:4f:fd:9f:35:a4:ae:bd:db:
94:19:7c:6e:e4:1d:12:b5:47:89:3e:cd:53:51:49:
83:da:2d:00:49:fe:d0:0a:b1:a3:91:ba:14:cc:e1:
6a:4b:34:6f:fd:49:c7:e7:21:96:32:bd:52:8e:a4:
e7:fb:93:da:5c:f9:43:50:41:37:70:93:b8:aa:cd:
db:b1:a3:c4:7b:eb:9f:2e:a5:df:e1:4b:89:96:4c:
4e:8d:d0:2d:dd:97:32:db:bf:f9:35:53:44:f8:c0:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:8D:6F:DA:A2:EC:7C:29:AC:0E:72:0B:FE:3E:A0:FB:B4:85:6B:2E
X509v3 Authority Key Identifier:
keyid:53:EF:28:84:E4:A1:33:55:DB:64:9A:34:93:52:7C:44:22:89:73:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-8ohOShM1XbZJo0k1J8RCKJc7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/13a57c-cc4f-45bc-af9f-9367e42389d9/1/wI1v2qLsfCmsDnIL_j6g-7SFay4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/13a57c-cc4f-45bc-af9f-9367e42389d9/1/U-8ohOShM1XbZJo0k1J8RCKJc7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.164.0/22
92.119.28.0/22
185.150.184.0/22
IPv6:
2a07:7280::/29
2a09:b340::/29
2a0f:bd00::/29
Signature Algorithm: sha256WithRSAEncryption
ca:b7:6c:ff:bf:77:6d:86:d5:c7:53:c8:fe:91:48:c4:9f:26:
48:ae:54:ad:fd:73:95:7d:34:a6:60:3e:d8:dc:2a:fd:4b:28:
f9:78:05:43:c0:9f:1f:93:0b:03:e6:4d:b8:e7:f3:8f:49:5c:
fe:3c:c8:11:b4:16:6f:b9:59:a0:b8:cc:c5:27:d0:a1:b4:5e:
bc:72:75:04:15:91:2e:ff:27:75:a5:83:ac:61:3b:06:44:f2:
3f:dd:5d:a0:64:65:08:38:56:0b:a6:9f:22:50:70:08:8a:af:
3c:c8:61:cc:c8:ce:22:58:5c:72:41:e8:8c:19:3f:c9:4a:af:
4d:b9:68:fb:4d:d3:6a:a9:63:2a:c4:2e:a7:1e:e7:c9:a5:b6:
ee:22:f0:94:c3:47:7b:57:6a:42:4a:f5:97:28:54:ac:36:1b:
20:6e:be:58:6a:d7:0c:29:dd:d6:d4:c1:18:e0:3d:b9:19:51:
09:c5:ac:aa:87:78:aa:5a:7e:74:1c:a7:cd:59:aa:61:ea:dc:
52:b3:69:ae:e6:2d:65:2f:6c:73:35:8a:97:77:7c:ec:e4:98:
2a:7c:f5:57:f9:f7:3b:c2:db:9d:66:bd:bd:9c:13:97:f0:d4:
e8:53:ae:bf:76:90:84:43:41:5c:0e:1c:f8:51:49:0a:fd:a4:
c6:29:be:59
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzHlTd1YNCTPtR0YFF3X0urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZWYyODg0ZTRhMTMzNTVkYjY0OWEzNDkzNTI3YzQ0MjI4
OTczYjgwHhcNMjQwMTAyMDAzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhkNmZkYWEyZWM3YzI5YWMwZTcyMGJmZTNlYTBmYmI0ODU2YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpg+waK2S5IcH6xcYFxdiFZcwTmC
xe62Djs+HaoD8TCIZe3sifS4PuXAVWzJ2jbCToZDc2eLz44HIqWpr7JnrsL3d3Kl
Yh0F2VRiIy7i01Ys+zP3zKejw0vPGLhazMizGeYXG94JZKrXY1S2zfplhxQEvJGR
AXVR6e66ZPDvIxuuN8PbSDmTeZyclPt/8ybQi96YjCiH//dAn8VKT/2fNaSuvduU
GXxu5B0StUeJPs1TUUmD2i0ASf7QCrGjkboUzOFqSzRv/UnH5yGWMr1SjqTn+5Pa
XPlDUEE3cJO4qs3bsaPEe+ufLqXf4UuJlkxOjdAt3Zcy27/5NVNE+MDN3QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMCNb9qi7HwprA5yC/4+oPu0hWsuMB8GA1UdIwQY
MBaAFFPvKITkoTNV22SaNJNSfEQiiXO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS04b2hPU2hNMVhiWkpvMGsxSjhSQ0tKYzdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xM2E1N2MtY2M0Zi00NWJjLWFmOWYt
OTM2N2U0MjM4OWQ5LzEvd0kxdjJxTHNmQ21zRG5JTF9qNmctN1NGYXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xM2E1N2MtY2M0Zi00NWJjLWFmOWYtOTM2N2U0MjM4OWQ5
LzEvVS04b2hPU2hNMVhiWkpvMGsxSjhSQ0tKYzdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZqkAwQC
XHccAwQCuZa4MBsEAgACMBUDBQMqB3KAAwUDKgmzQAMFAyoPvQAwDQYJKoZIhvcN
AQELBQADggEBAMq3bP+/d22G1cdTyP6RSMSfJkiuVK39c5V9NKZgPtjcKv1LKPl4
BUPAnx+TCwPmTbjn849JXP48yBG0Fm+5WaC4zMUn0KG0XrxydQQVkS7/J3Wlg6xh
OwZE8j/dXaBkZQg4VgumnyJQcAiKrzzIYczIziJYXHJB6IwZP8lKr025aPtN02qp
YyrELqce58mltu4i8JTDR3tXakJK9ZcoVKw2GyBuvlhq1wwp3dbUwRjgPbkZUQnF
rKqHeKpafnQcp81ZqmHq3FKzaa7mLWUvbHM1ipd3fOzkmCp89Vf59zvC251mvb2c
E5fw1OhTrr92kIRDQVwOHPhRSQr9pMYpvlk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:05 2025 by rpki-client