Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/2Va0mGezggjvh6HzzWUawC54B70.roa
File: 2Va0mGezggjvh6HzzWUawC54B70.roa (raw, json)
Hash identifier: 1S/NXBlUCRTSv2EBolX4HdCSLTMilMXThhtlU6HtnGg=
Subject key identifier: D9:56:B4:98:67:B3:82:08:EF:87:A1:F3:CD:65:1A:C0:2E:78:07:BD
Certificate issuer: /CN=9c8a1876fddc2b63748b457b770b79a7e66e793c
Certificate serial: 01856DE679C7CDB044EFB116394245A477DB
Authority key identifier: 9C:8A:18:76:FD:DC:2B:63:74:8B:45:7B:77:0B:79:A7:E6:6E:79:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nIoYdv3cK2N0i0V7dwt5p-ZueTw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/2Va0mGezggjvh6HzzWUawC54B70.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204053
IP address blocks: 185.115.172.0/22 maxlen: 32
45.143.16.0/22 maxlen: 32
193.16.97.0/24 maxlen: 32
91.198.78.0/24 maxlen: 32
185.203.92.0/22 maxlen: 32
45.152.152.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:79:c7:cd:b0:44:ef:b1:16:39:42:45:a4:77:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c8a1876fddc2b63748b457b770b79a7e66e793c
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d956b49867b38208ef87a1f3cd651ac02e7807bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:5b:73:3b:2e:41:d9:05:79:27:35:1d:f2:
81:b1:78:31:a1:47:aa:83:cb:8c:e7:32:12:da:18:
b0:01:59:c2:65:69:2a:94:29:c8:e3:fc:b5:7f:c3:
32:66:96:44:99:35:93:98:84:cf:17:43:68:71:ea:
e7:d4:4c:7b:cd:6c:52:3a:55:a2:d4:e6:6e:8b:a7:
2c:98:2d:1b:77:68:5d:2e:8f:22:db:90:d9:42:38:
a4:9b:30:82:53:4c:6c:41:2c:4a:33:c5:dc:53:d5:
a6:2b:35:c0:eb:24:e8:2e:f6:72:e8:7b:c8:c7:44:
98:95:ba:18:56:b1:19:27:8a:92:1e:86:4c:6d:5e:
71:1d:a3:b1:51:ac:03:08:50:a4:4c:f6:8c:9c:03:
40:5c:9c:1c:8c:53:e7:2f:15:fb:38:e0:d1:84:0b:
1d:82:92:be:3d:db:4f:e8:1d:bb:a3:ce:16:e5:b1:
dc:8a:88:1f:c8:f0:a1:c5:d2:fd:49:31:fe:54:d3:
d0:8c:f9:87:92:48:f0:ff:45:54:bc:3d:c1:aa:5e:
e1:3f:67:97:c8:43:54:57:49:d0:f6:2a:e8:ab:7d:
5a:ca:11:4e:04:2f:c5:81:b7:e8:91:bd:b5:66:74:
2f:3b:16:6c:aa:32:5d:19:4e:39:94:46:4b:4e:09:
9c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:56:B4:98:67:B3:82:08:EF:87:A1:F3:CD:65:1A:C0:2E:78:07:BD
X509v3 Authority Key Identifier:
keyid:9C:8A:18:76:FD:DC:2B:63:74:8B:45:7B:77:0B:79:A7:E6:6E:79:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nIoYdv3cK2N0i0V7dwt5p-ZueTw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/2Va0mGezggjvh6HzzWUawC54B70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9ea68f-743d-47da-b71c-709fbe84cdfb/1/nIoYdv3cK2N0i0V7dwt5p-ZueTw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.16.0/22
45.152.152.0/22
91.198.78.0/24
185.115.172.0/22
185.203.92.0/22
193.16.97.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:6d:c6:75:e6:6e:c1:f2:a9:3f:26:17:74:11:c3:28:cd:60:
fc:2e:a6:61:60:c8:c5:fd:d5:e1:a2:fb:7c:2d:fd:23:f2:3f:
98:9e:dc:97:53:da:d1:72:87:18:50:0a:95:61:98:9b:f6:1e:
63:91:eb:f1:af:09:48:c3:ea:e9:7e:18:87:6b:48:b4:6c:9c:
9c:b5:5f:3b:58:3a:fc:5f:63:98:3c:d5:99:29:ca:b6:b2:6f:
24:79:d3:a5:7e:e7:27:d9:60:ad:59:cc:20:ab:0c:a1:be:e1:
85:d9:aa:c1:65:bd:66:c6:96:ee:46:d6:d5:e2:b6:ed:4a:b1:
83:42:6d:80:7f:e3:68:fb:48:c9:ba:31:91:0b:d3:0b:98:7c:
7d:8b:2f:4f:2e:2e:9c:0b:6c:6c:5f:6c:39:8d:76:90:b4:ab:
f3:fe:ed:04:b1:88:ce:50:70:3c:5f:99:01:64:b8:87:3f:ec:
a6:8c:8e:bc:36:c1:3a:f3:3d:81:72:a1:a1:c4:d7:8d:e1:6b:
37:35:b0:c9:4a:4f:c7:c5:6e:a7:8f:bd:4c:55:7a:b2:51:e8:
72:5f:51:35:ec:34:30:71:12:db:5c:7e:1f:0d:45:0b:30:b7:
b6:f8:21:f6:11:3c:d4:be:58:c9:5b:79:94:b2:eb:13:b5:82:
1e:d4:4b:bc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVt5nnHzbBE77EWOUJFpHfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljOGExODc2ZmRkYzJiNjM3NDhiNDU3Yjc3MGI3OWE3ZTY2
ZTc5M2MwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU2YjQ5ODY3YjM4MjA4ZWY4N2ExZjNjZDY1MWFjMDJlNzgwN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozRbczsuQdkFeSc1HfKBsXgxoUeq
g8uM5zIS2hiwAVnCZWkqlCnI4/y1f8MyZpZEmTWTmITPF0Nocern1Ex7zWxSOlWi
1OZui6csmC0bd2hdLo8i25DZQjikmzCCU0xsQSxKM8XcU9WmKzXA6yToLvZy6HvI
x0SYlboYVrEZJ4qSHoZMbV5xHaOxUawDCFCkTPaMnANAXJwcjFPnLxX7OODRhAsd
gpK+PdtP6B27o84W5bHciogfyPChxdL9STH+VNPQjPmHkkjw/0VUvD3Bql7hP2eX
yENUV0nQ9iroq31ayhFOBC/Fgbfokb21ZnQvOxZsqjJdGU45lEZLTgmcyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNlWtJhns4II74eh881lGsAueAe9MB8GA1UdIwQY
MBaAFJyKGHb93CtjdItFe3cLeafmbnk8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbklvWWR2M2NLMk4waTBWN2R3dDVwLVp1ZVR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy85ZWE2OGYtNzQzZC00N2RhLWI3MWMt
NzA5ZmJlODRjZGZiLzEvMlZhMG1HZXpnZ2p2aDZIenpXVWF3QzU0QjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy85ZWE2OGYtNzQzZC00N2RhLWI3MWMtNzA5ZmJlODRjZGZi
LzEvbklvWWR2M2NLMk4waTBWN2R3dDVwLVp1ZVR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLY8QAwQC
LZiYAwQAW8ZOAwQCuXOsAwQCuctcAwQAwRBhMA0GCSqGSIb3DQEBCwUAA4IBAQBf
bcZ15m7B8qk/Jhd0EcMozWD8LqZhYMjF/dXhovt8Lf0j8j+YntyXU9rRcocYUAqV
YZib9h5jkevxrwlIw+rpfhiHa0i0bJyctV87WDr8X2OYPNWZKcq2sm8kedOlfucn
2WCtWcwgqwyhvuGF2arBZb1mxpbuRtbV4rbtSrGDQm2Af+No+0jJujGRC9MLmHx9
iy9PLi6cC2xsX2w5jXaQtKvz/u0EsYjOUHA8X5kBZLiHP+ymjI68NsE68z2BcqGh
xNeN4Ws3NbDJSk/HxW6nj71MVXqyUehyX1E17DQwcRLbXH4fDUULMLe2+CH2ETzU
vljJW3mUsusTtYIe1Eu8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:32 2024 by rpki-client on console-fra.rpki-client.org