Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OeLwop7zbusM7IBeRs5cH8Lw47U.roa
File: OeLwop7zbusM7IBeRs5cH8Lw47U.roa (raw, json)
Hash identifier: +04ITjbyFvR58qSZvZfzMiLUNrao+RH0COgCJO3ZbuM=
Subject key identifier: 39:E2:F0:A2:9E:F3:6E:EB:0C:EC:80:5E:46:CE:5C:1F:C2:F0:E3:B5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018C3F3D0D52439CFA8D69E84E5054740932
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OeLwop7zbusM7IBeRs5cH8Lw47U.roa
Signing time: Wed 06 Dec 2023 13:06:54 +0000
ROA not before: Wed 06 Dec 2023 13:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 15:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:3d:0d:52:43:9c:fa:8d:69:e8:4e:50:54:74:09:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 6 13:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39e2f0a29ef36eeb0cec805e46ce5c1fc2f0e3b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:40:22:ca:e5:2a:b6:2f:25:41:58:77:ec:63:
01:da:aa:17:e2:80:27:bb:23:8c:1c:8d:ac:c3:36:
f9:19:a9:0f:bf:c7:bf:83:9f:e6:e1:f6:4e:81:94:
5c:74:f0:33:ff:9c:84:36:76:4a:26:d9:96:1c:9a:
1e:7e:d7:a9:bc:ff:cc:4c:7e:63:17:53:59:70:1f:
0a:1e:49:04:a9:16:27:48:50:1b:d3:8a:f0:59:83:
b2:26:87:70:94:50:db:e2:05:47:dc:44:a1:0c:7e:
4e:8e:71:1b:bb:bf:e8:db:f9:42:51:72:34:76:93:
c0:00:70:23:15:f2:99:72:bc:77:2b:c9:ed:c2:ae:
c4:b3:e9:d2:db:76:47:06:ed:bd:40:64:3a:1e:eb:
cb:81:6a:4e:fb:44:cc:90:bb:6d:9d:94:4c:10:22:
dc:aa:b4:c1:20:35:c5:ef:bb:b6:9a:59:96:b0:a5:
33:bf:56:09:93:62:42:f5:f9:15:17:53:97:cb:aa:
9f:fc:23:41:88:34:f2:4e:87:a7:fe:81:41:53:c5:
01:26:f1:a1:c9:06:5d:7a:cf:62:8f:05:f2:ea:23:
9d:d7:fa:3d:5b:96:af:3f:6d:e3:47:4f:f1:a5:6f:
3a:94:92:17:e8:60:4c:6a:66:2e:b4:cc:a6:8c:b8:
1d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E2:F0:A2:9E:F3:6E:EB:0C:EC:80:5E:46:CE:5C:1F:C2:F0:E3:B5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OeLwop7zbusM7IBeRs5cH8Lw47U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.94.171.0/24
77.83.39.0/24
85.209.120.0/23
193.30.241.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c9:d5:4b:1a:60:17:59:c1:ff:ae:cd:02:4d:36:45:86:f4:
03:54:0c:b6:64:54:22:3a:fc:e9:3f:92:50:5e:28:7d:43:80:
48:4b:a6:c1:90:75:df:56:5c:61:55:e5:65:f7:ee:51:d0:4c:
2c:03:ed:bb:2c:60:00:db:7f:56:90:be:17:c7:b0:e6:ea:5b:
c3:27:d5:bd:68:ea:20:32:2f:6d:a3:a0:b3:c4:80:ab:d0:2d:
52:03:ac:1c:3b:08:32:50:fe:73:0b:c9:21:29:ec:cb:55:e7:
f1:59:98:f9:6f:bb:2f:ce:45:58:81:10:b0:9c:39:cb:29:6b:
8c:18:7f:3e:41:a9:11:6e:e8:78:e8:b7:24:c5:1b:66:bf:49:
10:1f:43:49:5e:86:97:da:f3:4a:e6:4d:98:e3:48:9c:d2:aa:
42:95:93:89:de:c9:af:33:c4:a2:1e:87:d9:81:fb:d0:41:9a:
85:44:7c:4f:f4:90:94:8f:2c:12:bb:1d:2d:6e:a9:f9:f7:c9:
6a:b7:3d:3f:82:ef:a5:d5:b8:40:e2:22:e5:ed:11:f5:4b:fa:
eb:a4:45:84:d6:95:71:4b:35:dd:74:41:05:a6:df:13:99:bc:
ad:0b:93:b1:91:bb:4b:4c:0f:4c:86:c6:8b:7f:c5:b0:a8:10:
ec:77:1c:68
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYw/PQ1SQ5z6jWnoTlBUdAkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMjA2MTMwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWUyZjBhMjllZjM2ZWViMGNlYzgwNWU0NmNlNWMxZmMyZjBlM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUAiyuUqti8lQVh37GMB2qoX4oAn
uyOMHI2swzb5GakPv8e/g5/m4fZOgZRcdPAz/5yENnZKJtmWHJoeftepvP/MTH5j
F1NZcB8KHkkEqRYnSFAb04rwWYOyJodwlFDb4gVH3EShDH5OjnEbu7/o2/lCUXI0
dpPAAHAjFfKZcrx3K8ntwq7Es+nS23ZHBu29QGQ6HuvLgWpO+0TMkLttnZRMECLc
qrTBIDXF77u2mlmWsKUzv1YJk2JC9fkVF1OXy6qf/CNBiDTyToen/oFBU8UBJvGh
yQZdes9ijwXy6iOd1/o9W5avP23jR0/xpW86lJIX6GBMamYutMymjLgdUQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDni8KKe827rDOyAXkbOXB/C8OO1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvT2VMd29wN3pidXNNN0lCZVJzNWNIOEx3NDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVFxAwQA
LVFzAwQALViLAwQALV6rAwQATVMnAwQBVdF4AwQAwR7xAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQAwydVLGmAXWcH/rs0CTTZFhvQDVAy2ZFQiOvzpP5JQXih9Q4BI
S6bBkHXfVlxhVeVl9+5R0EwsA+27LGAA239WkL4Xx7Dm6lvDJ9W9aOogMi9to6Cz
xICr0C1SA6wcOwgyUP5zC8khKezLVefxWZj5b7svzkVYgRCwnDnLKWuMGH8+QakR
buh46LckxRtmv0kQH0NJXoaX2vNK5k2Y40ic0qpClZOJ3smvM8SiHofZgfvQQZqF
RHxP9JCUjywSux0tbqn598lqtz0/gu+l1bhA4iLl7RH1S/rrpEWE1pVxSzXddEEF
pt8TmbytC5OxkbtLTA9MhsaLf8WwqBDsdxxo
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org