Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa
File: j_m8-GqklspDtwRkezKmEJg7vns.roa (raw, json)
Hash identifier: 764AEu6BpYRlFNny2bK43noC6fSWJRIZhJkBLZ0T1oQ=
Subject key identifier: 8F:F9:BC:F8:6A:A4:96:CA:43:B7:04:64:7B:32:A6:10:98:3B:BE:7B
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018650B742B332F66D88337C9CAFA7F660AC
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa
Signing time: Tue 14 Feb 2023 16:17:12 +0000
ROA not before: Tue 14 Feb 2023 16:17:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.45.94.0/24 maxlen: 24
171.22.60.0/23 maxlen: 23
5.183.240.0/23 maxlen: 23
92.119.24.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.14.81.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 24 Jun 2023 21:13:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:b7:42:b3:32:f6:6d:88:33:7c:9c:af:a7:f6:60:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Feb 14 16:17:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ff9bcf86aa496ca43b704647b32a610983bbe7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:51:49:19:cc:90:2b:91:8b:fe:09:70:f0:a1:
b9:6b:59:8c:92:ac:37:1f:65:ed:46:40:68:f6:ca:
ff:81:36:23:de:ca:bd:8a:d0:b9:7c:d5:42:d2:ca:
49:2f:b5:6b:01:ee:9c:85:92:ce:cc:4e:5c:c5:c5:
2d:9b:1e:8b:74:dd:5a:83:4c:12:dc:12:7c:5a:94:
0a:05:2a:29:12:f1:f7:45:28:a8:d0:00:63:49:86:
78:f7:eb:dc:ec:49:6c:ae:51:80:37:3d:de:94:87:
22:43:b4:e2:f6:ca:c6:a4:25:c8:47:39:e3:e1:04:
7e:18:ce:23:2e:1e:0e:e7:19:d5:6e:0b:ff:18:e0:
f5:f7:0d:6a:e0:41:70:a6:bf:56:d5:11:6a:89:d8:
79:1d:a9:16:40:64:01:5a:91:4e:d4:77:68:da:1d:
f1:63:81:f9:87:13:15:4f:a0:ad:37:40:3a:1b:5e:
43:68:be:d8:63:47:5c:2a:6a:a5:70:cb:9f:ae:d8:
18:7f:29:7a:31:0f:a7:fe:ea:5c:94:43:aa:ea:9b:
ae:05:37:0a:6b:f9:8f:cb:0c:5a:71:44:fd:ac:64:
44:e8:7e:72:d2:ca:b3:d8:81:09:96:c5:ef:ea:53:
5e:f8:d6:e3:ea:d6:67:ae:9d:3b:be:be:b8:6f:89:
63:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F9:BC:F8:6A:A4:96:CA:43:B7:04:64:7B:32:A6:10:98:3B:BE:7B
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/j_m8-GqklspDtwRkezKmEJg7vns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.240.0/22
45.14.80.0/23
45.86.24.0/22
92.119.24.0/22
171.22.60.0/22
185.45.94.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:61:e5:61:66:7b:9a:5c:20:f6:7b:75:41:72:8a:27:81:3a:
6c:01:25:8e:63:20:df:4f:dd:f0:b7:ef:1f:78:40:a8:0d:35:
ce:e6:fe:ee:7a:84:a0:b0:f3:e4:bc:99:a2:d7:27:89:0c:b2:
32:6b:12:13:25:ac:4d:c3:68:77:86:49:80:b1:fc:26:1f:5b:
7b:63:aa:8c:b8:40:4f:5c:cf:7d:a2:c3:2f:f2:43:97:d7:35:
45:ad:5d:4c:4e:85:09:8d:0c:6d:95:f2:0f:b2:fc:83:62:49:
2f:a5:99:65:79:06:a8:b9:34:03:95:55:a8:66:fe:cc:41:ec:
ef:64:1e:ae:77:f6:23:a0:55:c9:e1:4a:31:90:c8:e4:b6:88:
be:40:63:3c:c1:b0:e3:8b:39:4d:3a:20:0b:86:1b:d1:0b:c5:
ef:cd:fb:41:03:2c:74:b0:de:c8:ee:2c:4d:3a:90:7e:c8:b2:
b6:6f:7d:c3:50:50:00:62:f3:de:7f:ed:81:32:a4:1d:25:82:
bc:2b:82:2b:45:a9:3b:49:01:50:a0:ee:3c:a0:04:5c:b4:25:
cf:2b:43:b2:31:74:44:eb:6b:03:74:11:a8:34:1d:97:31:d3:
09:20:43:07:7b:1e:8e:06:ac:5a:72:1a:0c:43:6e:22:b3:be:
c5:6d:14:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZQt0KzMvZtiDN8nK+n9mCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwMjE0MTYxNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY5YmNmODZhYTQ5NmNhNDNiNzA0NjQ3YjMyYTYxMDk4M2JiZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1FJGcyQK5GL/glw8KG5a1mMkqw3
H2XtRkBo9sr/gTYj3sq9itC5fNVC0spJL7VrAe6chZLOzE5cxcUtmx6LdN1ag0wS
3BJ8WpQKBSopEvH3RSio0ABjSYZ49+vc7ElsrlGANz3elIciQ7Ti9srGpCXIRznj
4QR+GM4jLh4O5xnVbgv/GOD19w1q4EFwpr9W1RFqidh5HakWQGQBWpFO1Hdo2h3x
Y4H5hxMVT6CtN0A6G15DaL7YY0dcKmqlcMufrtgYfyl6MQ+n/upclEOq6puuBTcK
a/mPywxacUT9rGRE6H5y0sqz2IEJlsXv6lNe+Nbj6tZnrp07vr64b4ljzQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI/5vPhqpJbKQ7cEZHsyphCYO757MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEval9tOC1HcWtsc3BEdHdSa2V6S21FSmc3dm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbfwAwQB
LQ5QAwQCLVYYAwQCXHcYAwQCqxY8AwQAuS1eMA0GCSqGSIb3DQEBCwUAA4IBAQB9
YeVhZnuaXCD2e3VBcoongTpsASWOYyDfT93wt+8feECoDTXO5v7ueoSgsPPkvJmi
1yeJDLIyaxITJaxNw2h3hkmAsfwmH1t7Y6qMuEBPXM99osMv8kOX1zVFrV1MToUJ
jQxtlfIPsvyDYkkvpZlleQaouTQDlVWoZv7MQezvZB6ud/YjoFXJ4UoxkMjktoi+
QGM8wbDjizlNOiALhhvRC8XvzftBAyx0sN7I7ixNOpB+yLK2b33DUFAAYvPef+2B
MqQdJYK8K4IrRak7SQFQoO48oARctCXPK0OyMXRE62sDdBGoNB2XMdMJIEMHex6O
BqxachoMQ24is77FbRSQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org