Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/C9fukGKqk5soOwo-awS4V2FKbFg.roa
File: C9fukGKqk5soOwo-awS4V2FKbFg.roa (raw, json)
Hash identifier: KpTWMFAVHQXv6WACuhYXnOUBGLH7xj6zRYNvMM2/CW8=
Subject key identifier: 0B:D7:EE:90:62:AA:93:9B:28:3B:0A:3E:6B:04:B8:57:61:4A:6C:58
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 01872DF3DCBA522391780C6F9E6E71B01323
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/C9fukGKqk5soOwo-awS4V2FKbFg.roa
Signing time: Wed 29 Mar 2023 15:19:29 +0000
ROA not before: Wed 29 Mar 2023 15:19:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
161.51.64.0/19 maxlen: 24
144.178.108.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jul 2023 08:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:f3:dc:ba:52:23:91:78:0c:6f:9e:6e:71:b0:13:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Mar 29 15:19:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0bd7ee9062aa939b283b0a3e6b04b857614a6c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:31:bc:fa:f3:07:f4:a6:f3:df:4a:4d:bf:86:
a3:0b:8a:46:33:5d:ba:b5:67:2d:be:6c:0c:bd:1d:
b4:d0:2e:92:b4:ed:d7:d9:3d:52:37:05:96:11:0c:
20:c2:88:c2:df:64:3c:23:f7:44:bc:bb:6a:da:31:
00:b7:59:e5:29:7f:f4:6a:4b:9e:7e:74:c7:ef:63:
f2:d4:4e:f0:47:19:d5:29:2a:43:ff:41:6a:e1:bf:
8c:94:7a:6b:07:aa:f4:2b:d1:6d:1a:a4:f6:23:21:
2f:89:11:3a:e4:bb:17:8f:ea:97:5e:a8:16:f6:5a:
bc:86:1c:a7:17:03:a6:93:42:0d:80:de:cb:56:b8:
90:45:e9:04:6e:76:e7:f3:d3:0a:aa:c4:60:a9:03:
1a:9a:bd:1f:7f:e0:00:1a:50:a6:54:6f:c9:78:67:
4e:82:96:78:d2:02:7d:fd:89:f3:f0:ba:1c:7b:86:
46:5e:e5:0b:c2:e6:6f:66:c0:f3:fa:38:66:fb:cd:
f9:ce:f3:92:68:8e:4a:ad:f1:f4:25:ef:c1:a6:0f:
d3:df:56:fa:da:b4:0d:9c:3b:a9:b5:b8:07:66:29:
e0:bd:d1:e7:84:9b:61:6d:85:55:03:30:68:d5:69:
7b:92:8e:ce:fa:cd:ad:29:bd:c1:13:41:5f:ef:19:
50:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D7:EE:90:62:AA:93:9B:28:3B:0A:3E:6B:04:B8:57:61:4A:6C:58
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/C9fukGKqk5soOwo-awS4V2FKbFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.108.0-144.178.115.255
144.178.120.0/21
144.178.192.0-144.178.247.255
161.51.64.0/19
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
33:0c:ca:65:4f:89:d7:cf:d0:2b:21:a1:2d:62:0b:07:61:bb:
8e:2e:d0:ed:58:b5:4b:3b:e4:a9:fe:66:ad:39:3c:35:51:86:
c3:35:ae:48:2d:19:87:98:0c:76:aa:4f:4c:cf:b1:44:92:45:
f4:5c:af:c8:15:99:b1:e5:10:78:4e:bf:3b:26:cc:70:ca:47:
77:0c:4f:98:01:37:fe:38:c5:a2:31:ca:05:12:13:c3:07:e8:
b0:a7:f2:07:86:7c:e0:3f:84:9c:be:00:52:14:a9:20:c0:97:
45:62:b4:0b:31:98:48:db:e8:03:d1:dc:58:9c:88:df:9d:4b:
2e:b0:4a:36:ea:4d:7b:99:b0:ee:d0:c9:de:20:83:62:b1:e0:
fd:25:4d:ba:d2:01:6f:73:35:e2:59:15:12:fb:b7:30:62:16:
90:e5:a4:b7:92:df:f9:39:cd:80:7d:c4:84:d0:39:7c:2b:b9:
96:08:2b:c1:14:30:85:5b:e6:50:b9:5e:c2:55:dd:b4:ff:90:
84:2f:2a:1f:41:ec:86:8e:80:d5:dd:88:90:9c:7d:c1:d4:a6:
86:e6:16:98:b1:12:a8:dd:e1:cc:9b:16:7f:61:4d:5d:37:e1:
d6:71:eb:37:60:4b:ad:15:50:b9:5b:61:02:e1:2b:fc:a6:b1:
50:72:26:e5
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYct89y6UiOReAxvnm5xsBMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjMwMzI5MTUxOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ3ZWU5MDYyYWE5MzliMjgzYjBhM2U2YjA0Yjg1NzYxNGE2YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjG8+vMH9Kbz30pNv4ajC4pGM126
tWctvmwMvR200C6StO3X2T1SNwWWEQwgwojC32Q8I/dEvLtq2jEAt1nlKX/0akue
fnTH72Py1E7wRxnVKSpD/0Fq4b+MlHprB6r0K9FtGqT2IyEviRE65LsXj+qXXqgW
9lq8hhynFwOmk0INgN7LVriQRekEbnbn89MKqsRgqQMamr0ff+AAGlCmVG/JeGdO
gpZ40gJ9/Ynz8Loce4ZGXuULwuZvZsDz+jhm+835zvOSaI5KrfH0Je/Bpg/T31b6
2rQNnDuptbgHZingvdHnhJthbYVVAzBo1Wl7ko7O+s2tKb3BE0Ff7xlQnwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFAvX7pBiqpObKDsKPmsEuFdhSmxYMB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvQzlmdWtHS3FrNXNvT3dvLWF3UzRWMkZLYkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQCLQukAwQF
WRSgAwQDXV/4MAwDBAaQskADBAOQsmAwDAMEApCybAMEApCycAMEA5CyeDAMAwQG
kLLAAwQDkLLwAwQFoTNAAwQCubjMMBQEAgACMA4DBQMqAZvAAwUBKgIP6DANBgkq
hkiG9w0BAQsFAAOCAQEAMwzKZU+J18/QKyGhLWILB2G7ji7Q7Vi1Szvkqf5mrTk8
NVGGwzWuSC0Zh5gMdqpPTM+xRJJF9FyvyBWZseUQeE6/OybMcMpHdwxPmAE3/jjF
ojHKBRITwwfosKfyB4Z84D+EnL4AUhSpIMCXRWK0CzGYSNvoA9HcWJyI351LLrBK
NupNe5mw7tDJ3iCDYrHg/SVNutIBb3M14lkVEvu3MGIWkOWkt5Lf+TnNgH3EhNA5
fCu5lggrwRQwhVvmULlewlXdtP+QhC8qH0Hsho6A1d2IkJx9wdSmhuYWmLESqN3h
zJsWf2FNXTfh1nHrN2BLrRVQuVthAuEr/KaxUHIm5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:34 2024 by rpki-client on console-ams.rpki-client.org