Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1I7jP5tRkli0BPSepdNGi6zMp3A.roa
File: 1I7jP5tRkli0BPSepdNGi6zMp3A.roa (raw, json)
Hash identifier: NAwwFMPbssLjyok3ItRR0oq67QFLtfWWb59rGmYrEAw=
Subject key identifier: D4:8E:E3:3F:9B:51:92:58:B4:04:F4:9E:A5:D3:46:8B:AC:CC:A7:70
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BAAE9EAE1750BC7B61F382198195B8F11
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1I7jP5tRkli0BPSepdNGi6zMp3A.roa
Signing time: Tue 07 Nov 2023 17:52:18 +0000
ROA not before: Tue 07 Nov 2023 17:52:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 45.151.2.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Nov 2023 15:06:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:e9:ea:e1:75:0b:c7:b6:1f:38:21:98:19:5b:8f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 7 17:52:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48ee33f9b519258b404f49ea5d3468baccca770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:9c:82:a9:53:75:21:6f:c6:24:7c:91:60:
57:ec:ea:a5:b9:ed:4b:ed:04:1c:74:06:9a:27:c2:
ac:45:48:d8:e7:b6:22:ba:b2:40:04:33:00:23:91:
a7:92:a3:82:b3:25:10:e5:c9:bb:e2:d3:05:10:9a:
58:f2:7f:17:3c:24:0d:4d:a1:26:e5:2c:ba:06:21:
10:19:3d:bb:7e:99:25:d0:97:22:f5:59:b5:ea:00:
38:5e:77:cf:7d:05:3e:07:d2:88:5c:eb:7c:83:37:
0b:78:4f:52:a6:bb:75:79:88:1c:48:86:57:4d:40:
2f:6e:12:8c:bf:3e:9c:fb:82:e8:9b:ed:26:22:d7:
c7:7f:a8:f7:25:5b:d0:be:89:a6:ad:68:c9:3b:6f:
bd:04:e8:bf:da:e6:55:a3:72:e1:c0:96:aa:dc:3e:
fd:b9:6f:b3:a4:73:45:9b:e7:f9:8e:ed:19:99:68:
e8:82:3a:92:c8:38:12:70:67:86:fa:70:80:fc:d5:
6d:04:47:3a:8d:ef:fd:4b:3b:50:d1:a9:ee:98:bc:
25:94:27:09:8c:56:39:00:15:69:4d:76:40:8f:49:
69:c0:0c:34:6a:0b:fa:48:56:5c:d9:3f:54:09:60:
cb:b5:99:ca:06:71:cf:e7:d6:76:aa:98:60:30:2f:
b6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8E:E3:3F:9B:51:92:58:B4:04:F4:9E:A5:D3:46:8B:AC:CC:A7:70
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1I7jP5tRkli0BPSepdNGi6zMp3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.144.213.0-45.144.214.255
45.151.2.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:6d:29:df:98:6b:36:6a:f4:8d:86:6b:d0:6d:88:d2:7a:f9:
a6:bb:5e:43:d0:2f:9f:ec:59:d8:1b:41:f1:15:ad:27:20:6b:
5f:bb:ed:0c:a4:ab:0d:0b:50:7b:2b:61:55:b1:6e:c1:7f:cb:
81:2f:cc:02:45:57:c8:95:e8:f5:89:e4:3c:a3:18:d3:15:e9:
bb:c2:7c:3c:a4:10:dc:96:0b:be:42:1d:00:c7:44:93:14:eb:
5d:3b:f0:30:17:49:ae:6a:6c:df:1d:d6:51:84:3c:8f:b3:0c:
0e:5b:16:53:c2:9d:3a:27:22:b1:bc:43:cd:ed:b6:dd:6a:62:
9f:9b:54:48:57:ce:df:21:bf:0a:7b:83:23:18:61:d2:e9:ba:
72:08:b2:22:d6:1e:cd:2c:ee:cd:da:a6:ad:b0:4c:af:01:86:
3d:84:0d:e8:8a:db:40:ce:8d:e8:55:55:8b:3f:f6:ce:1c:6b:
22:4e:4f:f3:ae:c5:9a:9e:2a:1b:03:c8:5c:0f:ee:72:5e:8e:
01:10:7a:8c:33:94:8c:d3:0d:42:14:dd:90:b7:e8:7e:b1:6b:
06:8b:21:ea:bc:a2:8d:8f:f9:f6:50:74:fa:8e:bb:ee:1a:90:
f0:73:39:53:ae:a0:3a:de:10:17:0d:19:1c:b8:11:2c:fc:4d:
85:19:33:c3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuq6erhdQvHth84IZgZW48RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTA3MTc1MjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhlZTMzZjliNTE5MjU4YjQwNGY0OWVhNWQzNDY4YmFjY2NhNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+ucgqlTdSFvxiR8kWBX7Oqlue1L
7QQcdAaaJ8KsRUjY57YiurJABDMAI5GnkqOCsyUQ5cm74tMFEJpY8n8XPCQNTaEm
5Sy6BiEQGT27fpkl0Jci9Vm16gA4XnfPfQU+B9KIXOt8gzcLeE9Sprt1eYgcSIZX
TUAvbhKMvz6c+4Lom+0mItfHf6j3JVvQvommrWjJO2+9BOi/2uZVo3LhwJaq3D79
uW+zpHNFm+f5ju0ZmWjogjqSyDgScGeG+nCA/NVtBEc6je/9SztQ0anumLwllCcJ
jFY5ABVpTXZAj0lpwAw0agv6SFZc2T9UCWDLtZnKBnHP59Z2qphgMC+2CwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNSO4z+bUZJYtAT0nqXTRouszKdwMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMUk3alA1dFJrbGkwQlBTZXBkTkdpNnpNcDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALViKMAwD
BAAtkNUDBAAtkNYDBAAtlwIDBADCDzQwDQYJKoZIhvcNAQELBQADggEBAK1tKd+Y
azZq9I2Ga9BtiNJ6+aa7XkPQL5/sWdgbQfEVrScga1+77Qykqw0LUHsrYVWxbsF/
y4EvzAJFV8iV6PWJ5DyjGNMV6bvCfDykENyWC75CHQDHRJMU61078DAXSa5qbN8d
1lGEPI+zDA5bFlPCnTonIrG8Q83ttt1qYp+bVEhXzt8hvwp7gyMYYdLpunIIsiLW
Hs0s7s3apq2wTK8Bhj2EDeiK20DOjehVVYs/9s4cayJOT/OuxZqeKhsDyFwP7nJe
jgEQeowzlIzTDUIU3ZC36H6xawaLIeq8oo2P+fZQdPqOu+4akPBzOVOuoDreEBcN
GRy4ESz8TYUZM8M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org