Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/RM9MLe6k3hCriFMnOrfJkH6crPQ.roa
File: RM9MLe6k3hCriFMnOrfJkH6crPQ.roa (raw, json)
Hash identifier: 8Q9sY6VWIQ3uAEYCkbWCbBowUFgMHS/TVe+6iM6Jra8=
Subject key identifier: 44:CF:4C:2D:EE:A4:DE:10:AB:88:53:27:3A:B7:C9:90:7E:9C:AC:F4
Certificate issuer: /CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Certificate serial: 019092BC5553D985630F386B2227858090E5
Authority key identifier: 53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/RM9MLe6k3hCriFMnOrfJkH6crPQ.roa
Signing time: Mon 08 Jul 2024 14:25:34 +0000
ROA not before: Mon 08 Jul 2024 14:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199570
IP address blocks: 45.143.44.0/22 maxlen: 22
92.243.83.0/24 maxlen: 24
149.62.33.0/24 maxlen: 24
188.213.232.0/24 maxlen: 24
2a13:ad00::/29 maxlen: 29
2a13:ad00::/37 maxlen: 37
2a13:ad00:800::/37 maxlen: 37
2a13:ad04::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:bc:55:53:d9:85:63:0f:38:6b:22:27:85:80:90:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=531d55a869f105af6abcdfa0ca406af1f49b24f1
Validity
Not Before: Jul 8 14:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44cf4c2deea4de10ab8853273ab7c9907e9cacf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:93:e1:63:c2:c0:5a:df:67:c7:6c:b5:16:98:
d9:60:ae:14:66:e6:e4:85:60:39:b5:e8:6c:4c:4e:
a9:f3:c6:f1:4d:87:e5:04:92:d1:a7:59:39:87:00:
d0:9d:84:aa:8d:6c:24:23:cc:36:ff:09:4a:76:a5:
65:e7:ce:0d:7a:70:c8:bb:d0:f4:7c:d3:b4:93:52:
f6:6c:35:66:95:75:85:c3:7a:ee:ae:ff:a7:d6:d8:
90:f0:7e:b9:29:ee:0d:49:87:5b:1e:13:f2:92:b2:
e6:d8:3b:0e:c6:9e:0e:fc:c3:27:86:af:f5:4e:bf:
57:ce:3f:b8:bd:65:dc:49:94:7d:53:1c:6c:13:2d:
5b:dc:e8:73:0b:0e:88:e8:1c:eb:66:50:67:3d:42:
b0:63:6b:a6:ad:25:3a:be:3f:8c:e8:82:54:4c:75:
8c:b9:64:c8:31:64:60:74:6e:58:0b:88:ae:90:8e:
8b:2b:89:e1:98:65:4c:7f:a2:54:dc:f3:af:4c:43:
71:00:44:2a:51:34:41:c7:00:76:00:d6:6d:9a:4d:
88:04:f3:b3:8d:a9:1d:cb:e3:dc:38:19:94:c8:64:
33:36:4a:ce:b2:2d:9c:ba:4b:e6:b3:bd:88:ae:f2:
ee:99:4c:b5:fc:0c:75:fa:9e:35:1e:93:e3:73:63:
39:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CF:4C:2D:EE:A4:DE:10:AB:88:53:27:3A:B7:C9:90:7E:9C:AC:F4
X509v3 Authority Key Identifier:
keyid:53:1D:55:A8:69:F1:05:AF:6A:BC:DF:A0:CA:40:6A:F1:F4:9B:24:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ux1VqGnxBa9qvN-gykBq8fSbJPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/RM9MLe6k3hCriFMnOrfJkH6crPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/eec2cd-36de-4f96-9fb2-4dc1ef89044b/1/Ux1VqGnxBa9qvN-gykBq8fSbJPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.44.0/22
92.243.83.0/24
149.62.33.0/24
188.213.232.0/24
IPv6:
2a13:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:e8:a6:e9:69:c1:33:86:ee:07:cd:80:75:ae:62:6d:2a:03:
56:d8:ac:ea:d4:d9:a5:60:ab:06:6f:84:0e:90:8c:f4:82:71:
fe:81:9d:8d:52:88:77:c5:37:1d:dc:f1:d5:a4:29:0b:e9:f8:
ea:59:19:7c:2c:8a:4c:73:ca:a5:e2:2e:a6:4d:ab:54:88:c0:
0d:1e:3e:30:ee:80:c5:35:85:fc:f7:20:53:c6:ac:0c:14:5c:
3b:16:eb:3f:4e:91:73:fe:d1:af:65:b2:0a:88:59:f4:fa:f9:
da:c0:b0:3e:7b:16:59:28:aa:ee:c3:e2:0e:85:96:f9:8d:2b:
f4:9f:1b:61:ab:67:44:72:78:e7:11:30:56:c9:0c:6e:2e:99:
d2:d0:6e:b8:c4:75:24:6f:e1:76:96:c7:c9:ea:75:1b:3e:cb:
97:ee:2b:19:19:9c:81:16:4f:29:8c:d2:15:c4:a4:9d:fe:d3:
e3:58:7e:12:98:39:e2:1c:07:4e:98:75:f2:a3:8b:9f:23:bd:
b9:fa:db:ad:b1:d7:c8:d7:55:16:dc:1a:0c:30:f3:79:de:d0:
86:48:74:25:c9:b5:d3:c1:6e:ee:3f:2c:de:84:5b:d6:c4:a9:
83:34:22:91:9d:0e:d6:ae:b3:3c:99:39:aa:3a:c9:c7:ee:0b:
d2:21:3c:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZCSvFVT2YVjDzhrIieFgJDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMWQ1NWE4NjlmMTA1YWY2YWJjZGZhMGNhNDA2YWYxZjQ5
YjI0ZjEwHhcNMjQwNzA4MTQyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGNmNGMyZGVlYTRkZTEwYWI4ODUzMjczYWI3Yzk5MDdlOWNhY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpPhY8LAWt9nx2y1FpjZYK4UZubk
hWA5tehsTE6p88bxTYflBJLRp1k5hwDQnYSqjWwkI8w2/wlKdqVl584NenDIu9D0
fNO0k1L2bDVmlXWFw3rurv+n1tiQ8H65Ke4NSYdbHhPykrLm2DsOxp4O/MMnhq/1
Tr9Xzj+4vWXcSZR9UxxsEy1b3OhzCw6I6BzrZlBnPUKwY2umrSU6vj+M6IJUTHWM
uWTIMWRgdG5YC4iukI6LK4nhmGVMf6JU3POvTENxAEQqUTRBxwB2ANZtmk2IBPOz
jakdy+PcOBmUyGQzNkrOsi2cukvms72IrvLumUy1/Ax1+p41HpPjc2M5awIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFETPTC3upN4Qq4hTJzq3yZB+nKz0MB8GA1UdIwQY
MBaAFFMdVahp8QWvarzfoMpAavH0myTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjIt
NGRjMWVmODkwNDRiLzEvUk05TUxlNmszaENyaUZNbk9yZkprSDZjclBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lZWMyY2QtMzZkZS00Zjk2LTlmYjItNGRjMWVmODkwNDRi
LzEvVXgxVnFHbnhCYTlxdk4tZ3lrQnE4ZlNiSlBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLY8sAwQA
XPNTAwQAlT4hAwQAvNXoMA0EAgACMAcDBQMqE60AMA0GCSqGSIb3DQEBCwUAA4IB
AQAs6KbpacEzhu4HzYB1rmJtKgNW2Kzq1NmlYKsGb4QOkIz0gnH+gZ2NUoh3xTcd
3PHVpCkL6fjqWRl8LIpMc8ql4i6mTatUiMANHj4w7oDFNYX89yBTxqwMFFw7Fus/
TpFz/tGvZbIKiFn0+vnawLA+exZZKKruw+IOhZb5jSv0nxthq2dEcnjnETBWyQxu
LpnS0G64xHUkb+F2lsfJ6nUbPsuX7isZGZyBFk8pjNIVxKSd/tPjWH4SmDniHAdO
mHXyo4ufI725+tutsdfI11UW3BoMMPN53tCGSHQlybXTwW7uPyzehFvWxKmDNCKR
nQ7WrrM8mTmqOsnH7gvSITzm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:34 2025 by rpki-client