Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/RagL9xR8zPuzJWTb-nM8k2-D00Q.roa
File: RagL9xR8zPuzJWTb-nM8k2-D00Q.roa (raw, json)
Hash identifier: LgOVeBaRcIzaUSCysIa568NhMArmX3gmlde5MjxHBO4=
Subject key identifier: 45:A8:0B:F7:14:7C:CC:FB:B3:25:64:DB:FA:73:3C:93:6F:83:D3:44
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 018CCA2A3AEE8C7502BCFCF05E650B0C3166
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/RagL9xR8zPuzJWTb-nM8k2-D00Q.roa
Signing time: Tue 02 Jan 2024 12:33:34 +0000
ROA not before: Tue 02 Jan 2024 12:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.91.67.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 10:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3a:ee:8c:75:02:bc:fc:f0:5e:65:0b:0c:31:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jan 2 12:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45a80bf7147cccfbb32564dbfa733c936f83d344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:aa:ed:23:13:8e:69:fc:16:38:61:f4:1e:87:
c5:28:e5:2d:2d:5c:c1:e2:51:75:8b:9f:94:4d:2d:
86:1a:b9:c7:14:82:39:cb:66:99:86:87:85:28:7c:
18:f0:91:a1:61:91:bc:3b:5c:39:6c:a0:37:59:f9:
06:c6:8a:7c:4e:a6:2a:56:95:36:78:f6:93:2d:46:
ff:16:a2:07:99:17:53:63:3b:08:b3:f2:b6:29:f7:
de:6a:fb:a0:10:a4:b3:be:62:1a:0f:7e:6b:a7:2d:
15:80:b3:ec:ad:96:64:0e:56:f2:ad:81:b0:5a:e1:
de:c8:b7:27:4e:a5:c6:90:2e:84:64:fb:e1:99:d8:
bc:77:85:45:b0:9c:d8:62:08:9c:7b:9f:93:3e:3a:
fe:e9:87:e8:ec:65:7a:a6:ed:b7:95:9d:d5:93:44:
03:a3:b1:73:36:29:0c:07:d5:2e:ec:34:eb:86:ec:
cd:b2:8b:95:c9:fa:86:7f:7a:da:5b:b8:01:43:8e:
79:21:6e:96:d1:e6:50:16:5d:2c:a6:2e:69:ec:0f:
13:21:6e:b3:66:15:eb:98:2c:fb:f8:6e:76:b5:7e:
0b:3d:3b:2b:fc:e7:1a:3e:21:f1:be:f6:06:bb:d9:
9c:88:e7:ba:68:84:88:e0:2a:50:f4:b1:d5:7c:bd:
6a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A8:0B:F7:14:7C:CC:FB:B3:25:64:DB:FA:73:3C:93:6F:83:D3:44
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/RagL9xR8zPuzJWTb-nM8k2-D00Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.67.0/24
91.200.148.0/24
91.200.150.0/23
Signature Algorithm: sha256WithRSAEncryption
63:d9:ec:94:a6:8a:de:44:bc:98:64:b8:ff:d9:cb:54:67:9b:
c1:a3:be:06:cc:ef:a4:77:76:54:dd:bb:df:9f:c9:97:e2:cd:
be:ef:34:5d:cd:23:5f:36:af:99:10:71:2a:07:d1:04:9c:04:
8e:1d:98:a6:5e:63:71:39:b1:4c:0c:66:07:ad:6e:df:70:3b:
b6:94:ef:bd:0f:3a:ab:b0:62:66:a7:8f:50:43:0f:72:86:b9:
5f:78:c2:04:f8:32:ee:cd:85:89:35:3d:7d:a7:08:ba:bd:d7:
0b:76:78:f8:9e:09:44:de:27:74:3f:13:a4:2f:e0:ae:50:32:
02:05:f0:cf:48:cb:26:c1:47:d7:4e:89:6b:fb:a3:3f:e1:6b:
ee:a1:88:55:91:9e:d1:d1:9b:57:7e:71:e9:6f:78:8b:90:4b:
b9:c6:4b:08:79:4a:09:1c:bf:be:23:29:2a:41:57:a1:03:87:
38:63:cf:11:8a:43:8d:13:2a:c4:44:4b:a7:98:ce:14:d9:63:
ca:e4:4d:1b:d9:22:33:01:60:82:7d:0c:02:d9:96:12:df:fa:
c4:37:15:15:9d:d7:a4:4e:b2:b9:ad:2f:36:5c:68:a7:a6:5d:
6c:ab:61:e3:79:d3:25:37:8d:e6:4d:0e:28:d8:21:cf:71:dc:
15:16:09:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKjrujHUCvPzwXmULDDFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwMTAyMTIzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE4MGJmNzE0N2NjY2ZiYjMyNTY0ZGJmYTczM2M5MzZmODNkMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqrtIxOOafwWOGH0HofFKOUtLVzB
4lF1i5+UTS2GGrnHFII5y2aZhoeFKHwY8JGhYZG8O1w5bKA3WfkGxop8TqYqVpU2
ePaTLUb/FqIHmRdTYzsIs/K2KffeavugEKSzvmIaD35rpy0VgLPsrZZkDlbyrYGw
WuHeyLcnTqXGkC6EZPvhmdi8d4VFsJzYYgice5+TPjr+6Yfo7GV6pu23lZ3Vk0QD
o7FzNikMB9Uu7DTrhuzNsouVyfqGf3raW7gBQ455IW6W0eZQFl0spi5p7A8TIW6z
ZhXrmCz7+G52tX4LPTsr/OcaPiHxvvYGu9mciOe6aISI4CpQ9LHVfL1qVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEWoC/cUfMz7syVk2/pzPJNvg9NEMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvUmFnTDl4Ujh6UHV6SldUYi1uTThrMi1EMDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVIOAwQA
LVtDAwQAW8iUAwQBW8iWMA0GCSqGSIb3DQEBCwUAA4IBAQBj2eyUporeRLyYZLj/
2ctUZ5vBo74GzO+kd3ZU3bvfn8mX4s2+7zRdzSNfNq+ZEHEqB9EEnASOHZimXmNx
ObFMDGYHrW7fcDu2lO+9DzqrsGJmp49QQw9yhrlfeMIE+DLuzYWJNT19pwi6vdcL
dnj4nglE3id0PxOkL+CuUDICBfDPSMsmwUfXTolr+6M/4WvuoYhVkZ7R0ZtXfnHp
b3iLkEu5xksIeUoJHL++IykqQVehA4c4Y88RikONEyrEREunmM4U2WPK5E0b2SIz
AWCCfQwC2ZYS3/rENxUVndekTrK5rS82XGinpl1sq2HjedMlN43mTQ4o2CHPcdwV
Fgnu
-----END CERTIFICATE-----
Generated at Thu Apr 4 14:46:20 2024 by rpki-client on console-fra.rpki-client.org