Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/uG9rnPYjIFcHFmiAe5zsNO5qklE.roa
File: uG9rnPYjIFcHFmiAe5zsNO5qklE.roa (raw, json)
Hash identifier: FS53qH/yCD5PgGYYet7G3dptgptN1NMxO5FN2i2Qsjw=
Subject key identifier: B8:6F:6B:9C:F6:23:20:57:07:16:68:80:7B:9C:EC:34:EE:6A:92:51
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 018C1C951589EEA0FA674F79F31309A842D7
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/uG9rnPYjIFcHFmiAe5zsNO5qklE.roa
Signing time: Wed 29 Nov 2023 19:36:21 +0000
ROA not before: Wed 29 Nov 2023 19:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48551
IP address blocks: 195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1c:95:15:89:ee:a0:fa:67:4f:79:f3:13:09:a8:42:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Nov 29 19:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b86f6b9cf6232057071668807b9cec34ee6a9251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:39:62:4b:f9:4f:aa:05:63:15:fc:5d:c5:ff:
94:ec:b8:e9:59:a8:b7:2f:fe:7c:f7:40:4c:3b:6d:
29:23:9c:0e:fa:40:14:2e:8e:8e:8d:ce:d7:00:07:
50:a5:b2:ae:6b:7c:a0:d1:88:c8:2d:bc:0d:6d:29:
42:10:26:c5:10:a6:b5:6e:cf:86:c0:1c:3c:ea:fc:
a6:94:11:dc:77:d5:51:c0:35:8e:74:b1:ac:6d:ea:
de:41:de:bf:46:bb:be:9c:be:09:18:8b:90:61:6a:
4f:55:f4:ab:f8:5d:bd:98:8a:27:6e:a4:cf:24:ba:
ed:24:d8:93:63:da:8d:13:5c:17:bf:12:80:2e:c4:
eb:4c:b6:36:a2:a1:9a:5b:9d:9c:74:4e:b5:59:cc:
c4:d1:db:08:6a:ed:ba:1a:a6:f8:d5:8d:77:22:2f:
75:3f:ce:1b:85:a2:c9:ad:90:62:e9:4b:c8:9c:c7:
c0:d7:90:c2:1a:24:91:be:8b:68:43:02:4a:d0:f6:
c1:15:29:c0:60:ae:28:26:c5:da:bc:a8:c0:e7:6f:
92:cd:b6:73:d1:7a:52:a5:4a:d0:5f:c0:6c:da:18:
c8:f8:0a:aa:4e:45:1f:07:17:a5:bf:e2:07:95:e5:
b9:b8:2b:da:fd:dc:8d:85:65:42:b8:ac:c5:3c:11:
54:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6F:6B:9C:F6:23:20:57:07:16:68:80:7B:9C:EC:34:EE:6A:92:51
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/uG9rnPYjIFcHFmiAe5zsNO5qklE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.159.196.0/22
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.86.180.0/23
185.236.36.0/22
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
5e:ae:16:77:6c:48:75:0c:44:ef:c7:c3:a9:50:9b:90:19:6a:
23:28:a2:a1:88:77:2f:96:8c:ee:01:67:7f:41:e0:8a:42:61:
bc:39:10:20:6a:15:14:3d:89:5f:13:76:6d:ac:d4:05:ac:dd:
76:7e:a8:9a:cc:f6:09:8b:34:fa:af:10:0f:d3:cd:70:1f:05:
5b:d9:c0:2b:68:4a:41:66:b4:92:5f:47:c9:fc:7a:d0:da:1e:
10:7b:25:54:cf:d2:09:a2:95:8f:a0:6a:c9:7e:f0:ea:96:a7:
97:fa:25:be:ff:d5:9d:16:63:60:c7:c8:57:b4:ed:33:11:72:
ba:5a:2c:d9:f9:b1:bb:cd:a5:7e:42:7d:a3:b3:45:4e:9d:4c:
c1:8a:01:e3:51:71:0a:76:98:33:7a:7b:fa:ba:17:1f:55:75:
1f:b1:b2:0a:15:6b:04:4e:84:0e:c2:db:2d:ff:29:f0:5d:31:
1e:60:7e:fb:a4:8d:42:19:b3:2b:98:14:cf:79:d5:d5:f0:77:
f6:26:6e:b8:11:61:7e:f8:73:20:a8:f6:6a:db:41:c1:41:ba:
28:7d:7d:9c:10:b5:f9:ff:33:77:cc:e0:53:eb:6d:b4:66:b9:
9b:02:4e:38:f8:58:b8:7a:5d:02:67:82:f4:a1:09:97:d9:da:
5a:18:c9:0e
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYwclRWJ7qD6Z0958xMJqELXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjMxMTI5MTkzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZmNmI5Y2Y2MjMyMDU3MDcxNjY4ODA3YjljZWMzNGVlNmE5MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDliS/lPqgVjFfxdxf+U7LjpWai3
L/5890BMO20pI5wO+kAULo6Ojc7XAAdQpbKua3yg0YjILbwNbSlCECbFEKa1bs+G
wBw86vymlBHcd9VRwDWOdLGsbereQd6/Rru+nL4JGIuQYWpPVfSr+F29mIonbqTP
JLrtJNiTY9qNE1wXvxKALsTrTLY2oqGaW52cdE61WczE0dsIau26Gqb41Y13Ii91
P84bhaLJrZBi6UvInMfA15DCGiSRvotoQwJK0PbBFSnAYK4oJsXavKjA52+SzbZz
0XpSpUrQX8Bs2hjI+AqqTkUfBxelv+IHleW5uCva/dyNhWVCuKzFPBFUQwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLhva5z2IyBXBxZogHuc7DTuapJRMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvdUc5cm5QWWpJRmNIRm1pQWU1enNOTzVxa2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQALV78AwQB
LV7+AwQCLZ/EAwQCZ9g8AwQAnXe8AwQBnXe+AwQBuVa0AwQCuewkAwQBw3IEAwQB
w3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEBCwUAA4IBAQBerhZ3bEh1DETv
x8OpUJuQGWojKKKhiHcvlozuAWd/QeCKQmG8ORAgahUUPYlfE3ZtrNQFrN12fqia
zPYJizT6rxAP081wHwVb2cAraEpBZrSSX0fJ/HrQ2h4QeyVUz9IJopWPoGrJfvDq
lqeX+iW+/9WdFmNgx8hXtO0zEXK6WizZ+bG7zaV+Qn2js0VOnUzBigHjUXEKdpgz
env6uhcfVXUfsbIKFWsEToQOwtst/ynwXTEeYH77pI1CGbMrmBTPedXV8Hf2Jm64
EWF++HMgqPZq20HBQboofX2cELX5/zN3zOBT6220ZrmbAk44+Fi4el0CZ4L0oQmX
2dpaGMkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:35 2024 by rpki-client on console-ams.rpki-client.org