Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Cb4cfa5rNDdRd5D9p54sv3uqewA.roa
File: Cb4cfa5rNDdRd5D9p54sv3uqewA.roa (raw, json)
Hash identifier: bFx1xP2z2wGCcgPS8WI6nobHEu3UtV+to0gGbreURuY=
Subject key identifier: 09:BE:1C:7D:AE:6B:34:37:51:77:90:FD:A7:9E:2C:BF:7B:AA:7B:00
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEDED2B4BB69F56830F8A5D0A52C34
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Cb4cfa5rNDdRd5D9p54sv3uqewA.roa
Signing time: Tue 26 Nov 2024 13:35:10 +0000
ROA not before: Tue 26 Nov 2024 13:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20431
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:de:d2:b4:bb:69:f5:68:30:f8:a5:d0:a5:2c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09be1c7dae6b3437517790fda79e2cbf7baa7b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:46:d9:1a:c0:13:60:1a:c9:3f:71:05:9b:d5:
db:75:9c:89:89:c9:44:d1:5d:33:85:1e:f5:ca:4e:
c1:8a:eb:70:fb:d4:c8:d7:78:34:b3:e5:b1:49:3c:
77:1f:14:a2:06:79:bd:35:01:8a:3e:0e:5e:43:b8:
c2:ca:52:77:cc:e6:d1:ad:a0:69:02:df:17:b4:be:
6f:aa:bd:2c:12:ce:2f:68:b9:44:29:26:8d:2f:b7:
64:67:48:44:14:d3:c0:c3:ec:71:71:bf:8a:8e:7a:
b9:0b:3e:3b:d2:2d:84:36:df:eb:83:ae:02:1b:55:
ce:fb:e5:2c:2e:78:ae:61:5b:c3:00:8a:30:fe:cd:
1c:a9:7f:73:c4:ce:73:72:36:89:99:1e:83:8d:57:
c5:e3:98:53:5c:1c:ac:fb:af:63:f6:07:27:67:92:
58:29:99:72:4b:43:53:fc:94:87:7e:81:e2:4e:9e:
b6:9a:14:2a:76:ce:41:ec:dd:cf:f8:04:4b:d0:11:
90:7e:bf:62:47:27:01:10:84:6e:ae:2b:6e:5b:5d:
28:70:ba:92:2f:7f:7a:2c:25:17:38:4d:ac:87:e5:
e3:3a:ad:cb:dc:91:f7:04:44:e1:2f:6f:19:2f:cf:
86:16:86:84:ef:ad:37:7e:c1:8a:f8:b6:3d:f6:6c:
5c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BE:1C:7D:AE:6B:34:37:51:77:90:FD:A7:9E:2C:BF:7B:AA:7B:00
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Cb4cfa5rNDdRd5D9p54sv3uqewA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
53:e2:1a:aa:24:24:ae:3b:15:87:cd:12:2a:d3:05:91:76:43:
2a:23:f6:62:0f:c7:5a:5d:36:8b:49:6d:44:73:54:bb:39:f9:
13:8f:50:16:29:ff:ac:b3:4c:70:ea:6e:e7:83:9c:f9:f8:30:
6b:6f:67:54:2b:5d:a6:4d:61:b0:fc:c5:7f:95:77:82:e4:4c:
79:ec:f3:51:19:cc:43:56:08:40:f0:00:e5:8b:7d:a4:71:f8:
1f:04:a0:bb:98:9c:34:ab:7b:d4:b6:8d:3d:dc:21:37:09:d2:
69:0e:c9:95:6c:c1:5f:d4:7f:d8:50:61:64:e8:77:9e:84:5a:
ca:c4:39:89:96:a6:f6:66:d2:f6:c2:fd:fb:10:ac:01:a2:f6:
8b:d6:8c:2b:6c:89:01:48:e0:44:ad:72:3e:b7:a4:09:5e:9a:
6e:5c:76:32:4e:05:c1:f9:f4:66:e9:73:fa:df:4a:36:f8:cf:
06:94:7f:42:4a:43:1d:0b:76:1e:2b:38:a5:b9:3c:ed:a7:21:
8d:47:f7:03:62:83:b7:f2:98:1e:d8:f5:db:0d:26:26:b7:ab:
ee:88:5b:40:2a:0d:40:2a:b8:ea:9c:b0:12:5a:ba:bd:4f:a1:
32:b1:8c:03:f5:ab:de:86:5f:d8:83:0b:4d:56:7d:a3:03:ad:
5b:2a:59:72
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNort7StLtp9Wgw+KXQpSw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWJlMWM3ZGFlNmIzNDM3NTE3NzkwZmRhNzllMmNiZjdiYWE3YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0bZGsATYBrJP3EFm9XbdZyJiclE
0V0zhR71yk7Biutw+9TI13g0s+WxSTx3HxSiBnm9NQGKPg5eQ7jCylJ3zObRraBp
At8XtL5vqr0sEs4vaLlEKSaNL7dkZ0hEFNPAw+xxcb+Kjnq5Cz470i2ENt/rg64C
G1XO++UsLniuYVvDAIow/s0cqX9zxM5zcjaJmR6DjVfF45hTXBys+69j9gcnZ5JY
KZlyS0NT/JSHfoHiTp62mhQqds5B7N3P+ARL0BGQfr9iRycBEIRurituW10ocLqS
L396LCUXOE2sh+XjOq3L3JH3BEThL28ZL8+GFoaE7603fsGK+LY99mxckQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAm+HH2uazQ3UXeQ/aeeLL97qnsAMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvQ2I0Y2ZhNXJORGRSZDVEOXA1NHN2M3VxZXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAFPiGqokJK47FYfNEirTBZF2Qyoj9mIP
x1pdNotJbURzVLs5+ROPUBYp/6yzTHDqbueDnPn4MGtvZ1QrXaZNYbD8xX+Vd4Lk
THns81EZzENWCEDwAOWLfaRx+B8EoLuYnDSre9S2jT3cITcJ0mkOyZVswV/Uf9hQ
YWTod56EWsrEOYmWpvZm0vbC/fsQrAGi9ovWjCtsiQFI4EStcj63pAlemm5cdjJO
BcH59Gbpc/rfSjb4zwaUf0JKQx0Ldh4rOKW5PO2nIY1H9wNig7fymB7Y9dsNJia3
q+6IW0AqDUAquOqcsBJaur1PoTKxjAP1q96GX9iDC01WfaMDrVsqWXI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:31 2025 by rpki-client