Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/CNItINm3f3XwJrtYXC-x9CW6a_w.roa
File: CNItINm3f3XwJrtYXC-x9CW6a_w.roa (raw, json)
Hash identifier: JHydncpecp44CcH5vCKlmp6LbGT3iKIJx4BMDJfWY9g=
Subject key identifier: 08:D2:2D:20:D9:B7:7F:75:F0:26:BB:58:5C:2F:B1:F4:25:BA:6B:FC
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 018C8782145F0C720A3FC82D096B4E862791
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/CNItINm3f3XwJrtYXC-x9CW6a_w.roa
Signing time: Wed 20 Dec 2023 13:54:58 +0000
ROA not before: Wed 20 Dec 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201454
IP address blocks: 45.140.0.0/22 maxlen: 22
185.73.24.0/22 maxlen: 22
185.112.24.0/22 maxlen: 22
188.94.216.0/21 maxlen: 21
2a05:3f00::/29 maxlen: 29
2a01:6f80::/32 maxlen: 32
2a02:c340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:82:14:5f:0c:72:0a:3f:c8:2d:09:6b:4e:86:27:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Dec 20 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d22d20d9b77f75f026bb585c2fb1f425ba6bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d8:e8:1c:0f:77:c7:6b:26:15:30:ce:0a:0e:
48:be:8d:2f:01:11:62:6f:a2:27:0e:15:89:56:3f:
57:50:a7:67:8d:b7:47:97:cc:fb:96:8d:a1:4e:aa:
b5:89:86:c5:b7:3f:34:91:92:05:3e:56:f9:fb:46:
18:67:df:ff:af:34:7e:7e:85:76:15:ff:32:98:e6:
30:55:52:0a:2f:0d:dc:ab:1b:ab:1a:41:96:0d:c2:
63:f6:bf:94:a0:1c:1c:59:ab:8b:95:9f:0c:b5:1e:
90:88:38:eb:5a:2a:4a:05:c8:8b:10:a7:b9:43:80:
9b:e0:16:65:6a:0f:9c:85:4d:95:aa:23:38:f3:11:
a4:3d:ba:01:99:0f:ac:d5:37:78:8a:d7:e3:36:eb:
47:3f:d0:70:50:fd:1a:2d:95:0e:cf:59:ed:7c:63:
ef:37:dd:20:4c:e5:6f:af:9b:2e:f5:14:6d:89:98:
40:05:02:f4:25:8e:b7:bb:08:15:4f:c8:9d:b4:7b:
c1:b6:33:7d:65:4e:cd:d6:7c:77:5b:92:d7:42:ce:
00:e9:be:ac:fd:a2:0a:a7:c1:b2:ae:17:57:58:c0:
3c:23:0a:60:fe:ec:f5:34:14:b6:0b:80:19:ee:0f:
10:c9:b5:0f:0a:a2:50:ee:4d:56:40:75:25:14:43:
68:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D2:2D:20:D9:B7:7F:75:F0:26:BB:58:5C:2F:B1:F4:25:BA:6B:FC
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/CNItINm3f3XwJrtYXC-x9CW6a_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.0.0/22
185.73.24.0/22
185.112.24.0/22
188.94.216.0/21
IPv6:
2a01:6f80::/32
2a02:c340::/29
2a05:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
01:78:9b:8c:93:55:e2:80:1b:eb:ad:32:58:35:a3:9f:41:cb:
b2:cc:46:1c:bc:b6:63:7a:8f:7c:2e:cb:4d:3a:01:60:9f:36:
60:58:e4:78:35:53:6a:c6:ec:36:a7:aa:05:29:d6:38:97:25:
c9:9b:e0:68:cd:d6:c6:26:1c:59:9e:04:54:a0:39:42:84:17:
0a:7e:61:a5:3b:eb:d3:99:02:48:9c:89:9b:e0:8e:10:a1:3a:
2e:ec:19:ce:03:06:e7:43:e0:aa:5f:8d:f3:a5:7f:40:b8:84:
91:9a:c6:3e:33:2e:b3:23:97:c5:2b:d1:dc:f4:70:c8:b3:5a:
19:b8:97:5c:fd:ce:2f:e8:10:20:3e:44:b4:90:d4:7b:88:1f:
5d:b4:cf:0e:cd:da:de:30:96:db:ab:a6:e7:b9:60:4c:90:58:
fe:08:86:52:79:93:60:8d:e3:6a:29:da:ac:e6:b1:fa:c9:97:
09:17:b1:38:ca:59:41:9f:05:ea:01:46:49:fc:e9:fd:37:07:
d1:07:48:af:3a:dc:40:b2:34:00:77:1d:f7:e5:eb:a0:2e:ff:
d7:48:92:0a:6f:fe:56:89:32:2c:ec:af:9f:81:89:70:f2:19:
ca:31:4d:ac:bd:bc:62:8f:16:4c:dd:b1:99:b3:22:9e:bc:08:
6f:84:df:a6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYyHghRfDHIKP8gtCWtOhieRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjMxMjIwMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQyMmQyMGQ5Yjc3Zjc1ZjAyNmJiNTg1YzJmYjFmNDI1YmE2YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudjoHA93x2smFTDOCg5Ivo0vARFi
b6InDhWJVj9XUKdnjbdHl8z7lo2hTqq1iYbFtz80kZIFPlb5+0YYZ9//rzR+foV2
Ff8ymOYwVVIKLw3cqxurGkGWDcJj9r+UoBwcWauLlZ8MtR6QiDjrWipKBciLEKe5
Q4Cb4BZlag+chU2VqiM48xGkPboBmQ+s1Td4itfjNutHP9BwUP0aLZUOz1ntfGPv
N90gTOVvr5su9RRtiZhABQL0JY63uwgVT8idtHvBtjN9ZU7N1nx3W5LXQs4A6b6s
/aIKp8GyrhdXWMA8Iwpg/uz1NBS2C4AZ7g8QybUPCqJQ7k1WQHUlFENoywIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFAjSLSDZt3918Ca7WFwvsfQlumv8MB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvQ05JdElObTNmM1h3SnJ0WVhDLXg5Q1c2YV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLYwAAwQC
uUkYAwQCuXAYAwQDvF7YMBsEAgACMBUDBQAqAW+AAwUDKgLDQAMFAyoFPwAwDQYJ
KoZIhvcNAQELBQADggEBAAF4m4yTVeKAG+utMlg1o59By7LMRhy8tmN6j3wuy006
AWCfNmBY5Hg1U2rG7DanqgUp1jiXJcmb4GjN1sYmHFmeBFSgOUKEFwp+YaU769OZ
AkiciZvgjhChOi7sGc4DBudD4KpfjfOlf0C4hJGaxj4zLrMjl8Ur0dz0cMizWhm4
l1z9zi/oECA+RLSQ1HuIH120zw7N2t4wlturpue5YEyQWP4IhlJ5k2CN42op2qzm
sfrJlwkXsTjKWUGfBeoBRkn86f03B9EHSK863ECyNAB3Hffl66Au/9dIkgpv/laJ
Mizsr5+BiXDyGcoxTay9vGKPFkzdsZmzIp68CG+E36Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:15 2024 by rpki-client on console-fra.rpki-client.org