Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BlQ1n4UtPkn9GFb_TZAzTI10L-E.roa
File: BlQ1n4UtPkn9GFb_TZAzTI10L-E.roa (raw, json)
Hash identifier: IYN8/iRUyixcEPyluFJJNeBezS6YnkUssGGqIDoctq0=
Subject key identifier: 06:54:35:9F:85:2D:3E:49:FD:18:56:FF:4D:90:33:4C:8D:74:2F:E1
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D459F702354011B1851A4D52EA4C8784A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BlQ1n4UtPkn9GFb_TZAzTI10L-E.roa
Signing time: Fri 26 Jan 2024 11:54:53 +0000
ROA not before: Fri 26 Jan 2024 11:54:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 18:39:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:9f:70:23:54:01:1b:18:51:a4:d5:2e:a4:c8:78:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 26 11:54:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0654359f852d3e49fd1856ff4d90334c8d742fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e3:bf:4f:2f:9c:ae:84:52:cc:f9:e4:44:dd:
e0:24:d7:44:73:51:be:b9:6f:5f:3d:cf:09:49:88:
35:2e:ef:e8:94:dc:bb:43:5a:c5:57:33:6d:08:6c:
2f:56:6f:bd:44:82:3b:66:45:be:73:82:52:3a:a6:
ad:10:b1:a9:a3:18:a6:8e:60:d3:2a:da:a9:22:d7:
09:05:a1:6e:4c:44:10:95:b4:eb:9f:86:74:71:c4:
79:c7:e6:b1:1a:5f:cb:02:c3:30:cb:a7:a6:c3:bd:
03:b3:d3:5d:7a:ba:19:1c:d3:50:e4:df:3f:f4:72:
6e:90:2a:44:3f:84:c1:1e:72:cf:25:35:74:61:ef:
ca:9a:2e:9b:ff:0c:0a:ec:fe:c9:7a:ca:34:bc:57:
66:b8:87:75:58:6e:83:1c:99:bb:76:22:69:59:ec:
81:d2:4d:b8:48:b5:54:80:c2:35:c2:5f:62:3b:d1:
2b:87:d0:97:e8:23:68:bd:8c:67:d2:4f:ba:ed:88:
14:34:ad:81:aa:42:19:31:e1:cf:4e:2e:f5:99:59:
6b:d4:f2:94:e9:f5:11:58:f3:e1:67:7d:60:b3:8e:
3d:a7:0d:7a:fe:f6:a9:f7:a5:ca:31:67:ea:df:4a:
41:ea:6d:36:33:11:3c:99:90:98:57:5a:3b:3e:24:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:54:35:9F:85:2D:3E:49:FD:18:56:FF:4D:90:33:4C:8D:74:2F:E1
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/BlQ1n4UtPkn9GFb_TZAzTI10L-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.94.171.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
18:78:41:a7:52:ca:f9:9b:04:d9:2f:e1:37:4a:35:7c:5b:65:
0e:a7:0c:a3:84:e2:19:9b:2d:b0:0a:08:b0:16:0c:90:61:c4:
f8:a2:85:b1:0e:5a:60:0d:a5:90:28:94:0b:03:63:fd:e8:af:
49:70:5a:a2:6c:13:d5:65:86:31:d5:3b:80:78:44:d1:30:cc:
d5:92:47:53:06:93:fc:63:36:2b:ce:be:fb:32:30:b5:05:85:
f9:2a:fa:94:c9:f3:9c:22:bf:5d:7b:eb:2e:6f:f3:e3:08:d8:
c8:c5:48:a3:1d:3b:62:87:53:e2:3f:b8:e0:19:ef:33:3b:fc:
c1:0b:0d:96:03:89:e4:96:92:59:54:cf:fc:40:bd:0d:aa:c5:
85:ef:a7:ed:63:7d:9c:31:c8:5d:25:6b:e2:a3:20:30:71:82:
1e:23:e2:28:cb:5c:9b:fa:90:46:16:8c:17:ae:8a:c6:d8:1b:
d6:45:01:72:d5:17:f8:8d:18:34:e5:53:f8:0d:66:7e:57:28:
51:b9:4d:bc:db:f5:14:c5:15:20:51:04:ec:23:0d:3b:27:9f:
5c:36:c8:c2:2a:c0:13:9f:be:6c:ae:c6:a2:f9:64:4c:a6:4d:
ca:cd:af:87:63:9c:41:74:17:6f:86:be:d3:e8:c4:60:5f:b7:
8b:eb:e1:fa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1Fn3AjVAEbGFGk1S6kyHhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTI2MTE1NDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU0MzU5Zjg1MmQzZTQ5ZmQxODU2ZmY0ZDkwMzM0YzhkNzQyZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeO/Ty+croRSzPnkRN3gJNdEc1G+
uW9fPc8JSYg1Lu/olNy7Q1rFVzNtCGwvVm+9RII7ZkW+c4JSOqatELGpoximjmDT
KtqpItcJBaFuTEQQlbTrn4Z0ccR5x+axGl/LAsMwy6emw70Ds9NderoZHNNQ5N8/
9HJukCpEP4TBHnLPJTV0Ye/Kmi6b/wwK7P7Jeso0vFdmuId1WG6DHJm7diJpWeyB
0k24SLVUgMI1wl9iO9Erh9CX6CNovYxn0k+67YgUNK2BqkIZMeHPTi71mVlr1PKU
6fURWPPhZ31gs449pw16/vap96XKMWfq30pB6m02MxE8mZCYV1o7PiQvZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAZUNZ+FLT5J/RhW/02QM0yNdC/hMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQmxRMW40VXRQa245R0ZiX1RaQXpUSTEwTC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQAY
eEGnUsr5mwTZL+E3SjV8W2UOpwyjhOIZmy2wCgiwFgyQYcT4ooWxDlpgDaWQKJQL
A2P96K9JcFqibBPVZYYx1TuAeETRMMzVkkdTBpP8YzYrzr77MjC1BYX5KvqUyfOc
Ir9de+sub/PjCNjIxUijHTtih1PiP7jgGe8zO/zBCw2WA4nklpJZVM/8QL0NqsWF
76ftY32cMchdJWvioyAwcYIeI+Ioy1yb+pBGFowXrorG2BvWRQFy1Rf4jRg05VP4
DWZ+VyhRuU282/UUxRUgUQTsIw07J59cNsjCKsATn75srsai+WRMpk3Kza+HY5xB
dBdvhr7T6MRgX7eL6+H6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org