Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Mk3uZUbwKd8tezs_l5rzVMx-w1E.roa
File: Mk3uZUbwKd8tezs_l5rzVMx-w1E.roa (raw, json)
Hash identifier: wSwg1BRWFyAZdymz5xTLQGMIuhe1ICww0xk5UWf/FO8=
Subject key identifier: 32:4D:EE:65:46:F0:29:DF:2D:7B:3B:3F:97:9A:F3:54:CC:7E:C3:51
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188BFAAD5EB829FACE582D5125AA7732114
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Mk3uZUbwKd8tezs_l5rzVMx-w1E.roa
Signing time: Thu 15 Jun 2023 15:27:04 +0000
ROA not before: Thu 15 Jun 2023 15:27:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Jun 2023 07:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:aa:d5:eb:82:9f:ac:e5:82:d5:12:5a:a7:73:21:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 15 15:27:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=324dee6546f029df2d7b3b3f979af354cc7ec351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:68:66:7f:70:59:8a:e0:e1:49:39:41:c1:f4:
9c:d9:66:91:5d:bd:27:29:f1:26:0e:7e:5f:75:33:
bd:82:c4:03:04:79:68:17:8b:56:bb:94:98:b6:c3:
af:97:cf:79:ee:30:e0:3f:17:ec:19:4c:12:89:03:
96:9b:99:cd:b1:31:9f:65:a0:27:8c:84:ec:49:8e:
10:25:0a:cd:f3:97:fc:07:0c:02:bc:3d:56:0a:9b:
bb:51:ef:d4:66:4f:ca:d0:42:d8:b1:5b:ff:47:58:
01:f3:00:bd:2d:54:63:62:3d:09:9c:17:28:f7:c5:
d0:8f:b5:75:8e:9e:c1:74:98:a6:c9:76:1f:2f:8c:
18:38:02:e2:a3:b9:20:8a:24:da:10:c7:c9:af:8e:
f1:90:d6:4f:fb:16:bc:da:dc:87:48:05:57:29:5d:
f3:17:7c:f2:12:80:56:65:d8:19:08:1f:01:3b:69:
33:ec:4d:59:bd:1d:38:1b:79:b1:b6:54:80:f1:51:
c0:79:5a:08:72:10:00:72:cd:b0:08:01:52:f0:17:
51:52:67:55:d4:56:d6:a7:a6:a1:b5:19:fc:47:de:
d4:f6:2d:48:51:11:16:fe:b2:f8:44:48:72:90:bd:
90:f8:5c:2f:49:14:ac:49:c7:bc:05:7a:6d:b0:08:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4D:EE:65:46:F0:29:DF:2D:7B:3B:3F:97:9A:F3:54:CC:7E:C3:51
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Mk3uZUbwKd8tezs_l5rzVMx-w1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:2d:c3:3c:d3:64:9a:41:e3:35:69:f7:ef:b7:16:64:73:d6:
3c:51:98:5d:15:3d:bb:cc:9a:f4:c7:4d:3c:91:5a:cc:2b:f1:
a7:39:1e:3b:74:68:91:79:10:7d:39:08:db:2b:a8:54:55:1a:
6c:9f:48:6c:5a:1e:7a:b8:60:10:b4:47:ec:18:98:f7:da:0e:
ff:a3:db:0f:f7:33:45:d5:ff:da:c5:33:b2:31:e6:92:a5:e5:
8c:f0:52:78:d1:b0:f8:7c:d7:a6:00:70:f8:59:2c:86:60:05:
a0:39:95:f2:09:77:34:29:3f:ae:00:3d:d9:6a:b1:b1:1c:fa:
38:5e:6d:0b:a7:09:04:8c:4b:df:6b:5e:47:20:c7:9d:9b:a8:
f6:e5:6a:85:80:5a:99:16:51:97:e7:c6:70:ae:ed:51:2a:d7:
dc:cc:35:b4:8d:67:22:12:fa:31:03:ee:29:2d:fd:83:94:91:
32:b9:b8:20:08:b8:8b:21:0a:e4:dc:12:16:2d:c3:d1:c6:e6:
01:d6:da:f4:ca:8d:3b:ea:e8:0d:8e:45:9e:3f:4b:57:16:60:
bd:64:a3:43:ff:3f:43:c9:b7:91:e0:9e:4c:52:9a:1f:05:d2:
65:49:85:73:34:21:9a:a7:a6:9c:eb:df:9b:59:de:6a:e7:1f:
f4:42:ed:d4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYi/qtXrgp+s5YLVElqncyEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE1MTUyNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRkZWU2NTQ2ZjAyOWRmMmQ3YjNiM2Y5NzlhZjM1NGNjN2VjMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ghmf3BZiuDhSTlBwfSc2WaRXb0n
KfEmDn5fdTO9gsQDBHloF4tWu5SYtsOvl8957jDgPxfsGUwSiQOWm5nNsTGfZaAn
jITsSY4QJQrN85f8BwwCvD1WCpu7Ue/UZk/K0ELYsVv/R1gB8wC9LVRjYj0JnBco
98XQj7V1jp7BdJimyXYfL4wYOALio7kgiiTaEMfJr47xkNZP+xa82tyHSAVXKV3z
F3zyEoBWZdgZCB8BO2kz7E1ZvR04G3mxtlSA8VHAeVoIchAAcs2wCAFS8BdRUmdV
1FbWp6ahtRn8R97U9i1IUREW/rL4REhykL2Q+FwvSRSsSce8BXptsAgyNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDJN7mVG8CnfLXs7P5ea81TMfsNRMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTWszdVpVYndLZDh0ZXpzX2w1cnpWTXgtdzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQkeAwQA
LViJAwQALYS0AwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQC1LcM802SaQeM1affv
txZkc9Y8UZhdFT27zJr0x008kVrMK/GnOR47dGiReRB9OQjbK6hUVRpsn0hsWh56
uGAQtEfsGJj32g7/o9sP9zNF1f/axTOyMeaSpeWM8FJ40bD4fNemAHD4WSyGYAWg
OZXyCXc0KT+uAD3ZarGxHPo4Xm0LpwkEjEvfa15HIMedm6j25WqFgFqZFlGX58Zw
ru1RKtfczDW0jWciEvoxA+4pLf2DlJEyubggCLiLIQrk3BIWLcPRxuYB1tr0yo07
6ugNjkWeP0tXFmC9ZKND/z9DybeR4J5MUpofBdJlSYVzNCGap6ac69+bWd5q5x/0
Qu3U
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org