Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yifZgHHie257Fk_vu_oR2k47LSU.roa
File: yifZgHHie257Fk_vu_oR2k47LSU.roa (raw, json)
Hash identifier: giQdCp6kFIa8cHKSPWEcm31np9GC6npCWVmgk16I0xc=
Subject key identifier: CA:27:D9:80:71:E2:7B:6E:7B:16:4F:EF:BB:FA:11:DA:4E:3B:2D:25
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018DA8D92EA5AAA8A80FF4CB262FBCA47968
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yifZgHHie257Fk_vu_oR2k47LSU.roa
Signing time: Wed 14 Feb 2024 18:20:22 +0000
ROA not before: Wed 14 Feb 2024 18:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 16:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:d9:2e:a5:aa:a8:a8:0f:f4:cb:26:2f:bc:a4:79:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 14 18:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca27d98071e27b6e7b164fefbbfa11da4e3b2d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:0b:a8:43:48:28:ec:40:60:f8:b8:34:43:
6b:61:a3:d2:25:56:fc:9d:e4:d1:a1:4a:9f:e3:06:
62:f9:f9:bd:87:71:2d:aa:b6:4e:a4:8e:54:4a:e5:
9c:12:09:dd:ab:61:fe:57:95:2f:8b:b4:4f:46:78:
49:22:2c:91:95:45:66:16:08:29:3b:e7:42:02:ce:
70:5f:d7:ec:b4:09:0a:4e:a0:25:99:9e:c5:d3:26:
22:6e:fa:2d:a5:a0:c4:ab:19:a0:af:e4:34:5c:1d:
a5:3c:af:b5:5f:61:fb:48:56:a5:b0:ab:b4:ea:bb:
ef:96:42:25:1a:42:0a:6b:18:43:58:80:cb:0e:00:
60:d1:71:7f:61:74:23:5c:4a:37:77:70:81:f4:80:
23:54:fe:6a:34:60:65:97:16:94:72:40:4f:12:35:
30:35:61:ed:e4:d6:35:81:e5:93:60:16:ef:15:0b:
41:ec:1b:9a:5c:46:fc:ff:20:5c:5e:ad:48:cd:3f:
59:32:a1:55:6c:8d:74:9d:f1:56:a4:02:3a:6a:fc:
22:60:eb:dd:cc:73:dc:e1:44:1b:51:eb:a8:f0:63:
00:99:72:59:5f:4d:df:ea:4d:b0:a9:24:64:d4:fa:
4b:33:77:d9:37:be:37:91:f6:7f:de:24:a3:3b:7f:
98:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:27:D9:80:71:E2:7B:6E:7B:16:4F:EF:BB:FA:11:DA:4E:3B:2D:25
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yifZgHHie257Fk_vu_oR2k47LSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e8:f3:5a:ee:93:69:f2:54:48:22:20:35:71:37:00:70:29:
1c:9e:cc:15:cb:90:ce:90:64:d9:7e:fe:e6:b7:af:ba:b9:4c:
97:35:0d:3f:2e:44:6d:4e:95:88:1f:21:67:1c:ae:9d:2f:10:
fd:7a:61:e8:85:27:7a:d8:cf:44:05:eb:77:f9:5c:bc:97:bd:
7c:bd:23:81:8c:73:8a:56:57:24:b9:73:0a:a6:f6:3b:66:74:
f2:e0:56:ed:c7:76:81:b2:42:ec:e7:40:ac:b6:21:1b:ad:fa:
a5:97:0e:7d:db:8f:18:c6:fa:78:e7:19:41:ad:fa:31:cf:d1:
ea:84:b8:a0:6b:2b:1a:11:21:19:46:c5:c8:fd:7c:c0:f1:c2:
04:2b:fb:a5:e7:d9:7e:14:17:f3:f9:b2:32:5b:e1:1a:7b:f3:
88:20:21:c2:c1:f2:2c:7d:68:53:98:d7:f6:c6:8e:ae:d5:ac:
f2:e7:f2:77:70:1b:89:97:d8:1f:26:43:6f:9f:25:fb:d2:ba:
6b:bc:89:d9:9e:6f:44:7a:b1:99:f5:59:8b:27:90:c3:9d:1b:
09:14:01:f1:07:3a:13:ed:71:93:af:0a:a4:3e:e8:3e:59:a2:
3e:79:72:ae:33:cd:38:e1:e1:70:85:a8:2e:b7:ec:37:f6:3e:
85:b5:b6:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2o2S6lqqioD/TLJi+8pHloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjE0MTgyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI3ZDk4MDcxZTI3YjZlN2IxNjRmZWZiYmZhMTFkYTRlM2IyZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvULqENIKOxAYPi4NENrYaPSJVb8
neTRoUqf4wZi+fm9h3EtqrZOpI5USuWcEgndq2H+V5Uvi7RPRnhJIiyRlUVmFggp
O+dCAs5wX9fstAkKTqAlmZ7F0yYibvotpaDEqxmgr+Q0XB2lPK+1X2H7SFalsKu0
6rvvlkIlGkIKaxhDWIDLDgBg0XF/YXQjXEo3d3CB9IAjVP5qNGBllxaUckBPEjUw
NWHt5NY1geWTYBbvFQtB7BuaXEb8/yBcXq1IzT9ZMqFVbI10nfFWpAI6avwiYOvd
zHPc4UQbUeuo8GMAmXJZX03f6k2wqSRk1PpLM3fZN743kfZ/3iSjO3+YiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMon2YBx4ntuexZP77v6EdpOOy0lMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveWlmWmdISGllMjU3RmtfdnVfb1IyazQ3TFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQB
LV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQCG6PNa7pNp8lRIIiA1cTcAcCkcnswVy5DOkGTZfv7mt6+6uUyXNQ0/LkRt
TpWIHyFnHK6dLxD9emHohSd62M9EBet3+Vy8l718vSOBjHOKVlckuXMKpvY7ZnTy
4Fbtx3aBskLs50CstiEbrfqllw59248Yxvp45xlBrfoxz9HqhLigaysaESEZRsXI
/XzA8cIEK/ul59l+FBfz+bIyW+Eae/OIICHCwfIsfWhTmNf2xo6u1azy5/J3cBuJ
l9gfJkNvnyX70rprvInZnm9EerGZ9VmLJ5DDnRsJFAHxBzoT7XGTrwqkPug+WaI+
eXKuM8044eFwhagut+w39j6FtbZI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org