Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h3d4Z-YgWxAyZ7A2a61Pup4_nGI.roa
File: h3d4Z-YgWxAyZ7A2a61Pup4_nGI.roa (raw, json)
Hash identifier: pdQ17eXDVyfXjouc2z+/bRFukmBcXCpT824O54akdbo=
Subject key identifier: 87:77:78:67:E6:20:5B:10:32:67:B0:36:6B:AD:4F:BA:9E:3F:9C:62
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018F1033E96D0D6A8DA5D56042552DBA3900
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h3d4Z-YgWxAyZ7A2a61Pup4_nGI.roa
Signing time: Wed 24 Apr 2024 13:03:08 +0000
ROA not before: Wed 24 Apr 2024 13:03:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.88.137.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 15:52:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:33:e9:6d:0d:6a:8d:a5:d5:60:42:55:2d:ba:39:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 24 13:03:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87777867e6205b103267b0366bad4fba9e3f9c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0a:60:f4:9a:eb:f1:f4:95:3d:cf:1b:ce:a8:
d5:4c:ff:a4:2f:d3:c8:1a:fa:a1:4f:56:d1:62:86:
fa:33:df:af:96:b7:ad:6a:56:00:bc:b9:69:0b:fb:
d8:7d:6c:ac:e9:15:5d:a2:eb:af:6a:0d:7f:21:50:
7d:59:d6:b7:8c:95:74:2b:f0:2e:e2:aa:b6:e1:95:
66:46:90:cc:85:48:a3:7e:5f:a9:a6:af:80:54:63:
01:8a:cb:ab:a3:08:02:f1:47:04:2d:88:7a:f6:9b:
5b:e3:23:0d:b0:e4:77:1f:8b:84:5b:2c:01:f3:0d:
39:a9:ee:c7:9d:63:d5:ad:eb:d1:3a:f8:eb:58:4a:
7c:4e:ad:8b:c6:9c:0d:7b:aa:59:ed:54:ed:b2:09:
a9:6b:b6:5d:1d:3e:ed:38:63:d8:34:2a:6e:02:15:
cb:d8:94:b6:8d:9f:44:cc:63:ca:87:6f:1e:42:f9:
43:82:56:c3:44:e5:bd:0b:ce:42:e1:09:42:bf:ce:
5b:3c:67:ed:12:c8:70:0f:bd:09:00:84:60:03:46:
a0:9d:ad:40:0b:09:8c:c4:e5:be:05:0e:aa:ef:40:
69:8c:d0:a8:a8:dd:7a:7c:e2:05:33:74:e7:82:4f:
42:90:0a:4b:23:14:4a:c2:bd:b6:a3:bc:b4:3d:b6:
e4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:77:78:67:E6:20:5B:10:32:67:B0:36:6B:AD:4F:BA:9E:3F:9C:62
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/h3d4Z-YgWxAyZ7A2a61Pup4_nGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.137.0/24
45.132.180.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
36:c5:1c:17:d9:71:36:4a:05:53:72:9c:3e:e7:6d:76:8d:f1:
16:c0:07:d7:2e:04:2c:c8:bc:90:3f:17:69:04:a0:47:82:20:
45:26:ab:02:fa:25:f0:ad:80:2d:78:76:23:b2:91:1d:70:b6:
d0:cf:43:4c:0d:79:1d:fe:2b:f9:f1:ac:88:4b:a6:1f:15:67:
92:0e:19:29:1c:21:b4:fe:84:bd:93:46:06:0d:85:e0:a0:78:
06:43:fe:97:89:13:0d:98:e9:13:67:ec:6b:23:79:b8:6c:ff:
00:22:6d:d9:f3:fa:70:65:b8:b9:93:d6:7e:73:74:d1:42:30:
90:28:67:4a:82:c7:e8:34:42:02:c6:a5:59:0f:33:98:ae:e9:
97:95:f0:de:d2:4d:6b:97:68:8e:9b:f0:fd:67:01:dd:ab:fe:
eb:e1:76:8f:5e:9d:61:98:96:8d:3c:2b:5b:06:32:16:dd:ae:
d4:70:6c:ce:b9:3b:31:5c:02:de:e0:2f:6f:2c:9b:13:3b:e5:
f4:88:77:57:66:b4:5e:fd:c8:0e:06:5e:31:f8:a5:ea:8e:19:
ff:05:6e:83:1f:fe:a4:7f:bc:55:b4:fd:fa:74:89:53:2c:77:
58:7c:ac:28:56:11:eb:03:c0:46:c5:19:2f:a6:30:a1:ab:0e:
07:7e:b4:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8QM+ltDWqNpdVgQlUtujkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDI0MTMwMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc3Nzg2N2U2MjA1YjEwMzI2N2IwMzY2YmFkNGZiYTllM2Y5YzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigpg9Jrr8fSVPc8bzqjVTP+kL9PI
GvqhT1bRYob6M9+vlretalYAvLlpC/vYfWys6RVdouuvag1/IVB9Wda3jJV0K/Au
4qq24ZVmRpDMhUijfl+ppq+AVGMBisurowgC8UcELYh69ptb4yMNsOR3H4uEWywB
8w05qe7HnWPVrevROvjrWEp8Tq2LxpwNe6pZ7VTtsgmpa7ZdHT7tOGPYNCpuAhXL
2JS2jZ9EzGPKh28eQvlDglbDROW9C85C4QlCv85bPGftEshwD70JAIRgA0agna1A
CwmMxOW+BQ6q70BpjNCoqN16fOIFM3Tngk9CkApLIxRKwr22o7y0Pbbk6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFId3eGfmIFsQMmewNmutT7qeP5xiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaDNkNFotWWdXeEF5WjdBMmE2MVB1cDRfbkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALViJAwQA
LYS0AwQAwz4YMA0GCSqGSIb3DQEBCwUAA4IBAQA2xRwX2XE2SgVTcpw+5212jfEW
wAfXLgQsyLyQPxdpBKBHgiBFJqsC+iXwrYAteHYjspEdcLbQz0NMDXkd/iv58ayI
S6YfFWeSDhkpHCG0/oS9k0YGDYXgoHgGQ/6XiRMNmOkTZ+xrI3m4bP8AIm3Z8/pw
Zbi5k9Z+c3TRQjCQKGdKgsfoNEICxqVZDzOYrumXlfDe0k1rl2iOm/D9ZwHdq/7r
4XaPXp1hmJaNPCtbBjIW3a7UcGzOuTsxXALe4C9vLJsTO+X0iHdXZrRe/cgOBl4x
+KXqjhn/BW6DH/6kf7xVtP36dIlTLHdYfKwoVhHrA8BGxRkvpjChqw4HfrSY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org