Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9tWWCVPVn8xZfxKRdSgoGAhCGgg.roa
File: 9tWWCVPVn8xZfxKRdSgoGAhCGgg.roa (raw, json)
Hash identifier: Zm4m+aQABJJp1ATKugRwa+sOTQ22E5b3cacFsBtU9LY=
Subject key identifier: F6:D5:96:09:53:D5:9F:CC:59:7F:12:91:75:28:28:18:08:42:1A:08
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D836783B38E1A8C1CE6C161744AD2441A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9tWWCVPVn8xZfxKRdSgoGAhCGgg.roa
Signing time: Wed 07 Feb 2024 11:50:15 +0000
ROA not before: Wed 07 Feb 2024 11:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.124.0/22 maxlen: 22
193.233.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 10:38:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:67:83:b3:8e:1a:8c:1c:e6:c1:61:74:4a:d2:44:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 7 11:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6d5960953d59fcc597f12917528281808421a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:86:79:43:b6:22:a8:4f:a4:ac:8b:48:2f:d5:
93:a2:7b:a5:26:b0:f9:d6:2c:88:ac:2d:56:6d:ce:
93:a5:b1:53:e0:f6:66:52:26:5f:11:ca:f6:b7:de:
34:cd:3e:15:45:a0:92:fd:7f:77:87:ef:6a:b2:51:
67:73:9e:93:d7:e0:4c:3a:6f:e9:cb:53:65:93:24:
db:87:70:00:44:93:e0:46:3d:d7:47:33:fc:52:e8:
6e:a4:3f:6d:ea:ec:d1:d2:df:d5:44:52:ca:5b:1c:
b0:a6:7d:7c:ad:4f:b1:31:e9:df:77:54:5a:b9:e9:
d7:76:88:bc:0f:03:d5:b2:57:94:89:75:47:15:82:
17:8b:05:e3:ae:02:e1:b1:dc:5b:c4:71:aa:16:84:
42:ee:1d:10:75:94:c7:f0:ba:dc:6c:70:a3:99:b1:
4f:f1:a4:b4:f1:ca:3f:1f:bf:78:bc:ab:ab:11:50:
79:8b:d4:af:12:7f:26:4d:56:83:ba:3c:70:28:05:
09:64:05:a0:e4:87:c0:f7:f2:a6:dd:7f:fb:0d:8f:
74:58:9f:61:fa:88:94:51:72:1e:2e:ef:ae:23:4e:
b7:86:f8:80:19:a4:1d:48:25:86:f2:24:18:71:cb:
12:5c:d9:24:ad:7c:86:4b:ef:75:3a:0d:be:0c:74:
5f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D5:96:09:53:D5:9F:CC:59:7F:12:91:75:28:28:18:08:42:1A:08
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/9tWWCVPVn8xZfxKRdSgoGAhCGgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.117.0-147.45.123.255
193.233.60.0/24
193.233.62.0/24
193.233.124.0/22
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:b6:23:97:4c:0b:3b:df:26:5f:1d:60:c9:fc:a2:22:f7:cf:
aa:b6:da:4f:04:19:cb:bb:8e:79:23:1f:7e:a4:4f:76:1e:12:
49:25:fd:41:34:09:01:c5:d3:f9:cb:66:7d:14:ea:c9:c6:3b:
ec:df:cb:87:f7:e6:f6:18:73:fe:0f:c2:3d:d9:82:69:dc:45:
80:61:6c:e6:c3:a2:c9:84:ec:6c:92:08:44:b4:09:17:91:32:
da:9b:14:ab:5a:d2:ca:c4:78:e8:7e:95:0f:1c:27:29:4f:5e:
a2:18:c0:f4:91:30:90:ed:f6:f2:bc:9f:d2:ac:85:99:be:97:
cc:6e:04:02:7d:77:06:64:2c:5c:d8:40:93:cc:c2:24:67:f4:
d7:84:69:e9:00:88:ce:68:28:70:51:66:13:1b:79:75:5c:74:
0a:09:de:e9:24:a6:c5:98:60:a8:4d:75:ce:6e:ec:24:cd:90:
4f:bf:1e:3f:fc:dc:3c:7a:d3:59:4f:c4:69:c8:e3:e9:2a:7d:
27:9e:21:2f:85:36:80:82:e6:e1:28:7c:d3:cc:65:0c:46:6c:
9e:d2:d6:ef:6b:fc:a1:da:bc:d3:a7:6a:69:bd:4c:3d:d8:55:
80:0d:17:4a:07:2e:b0:07:00:4c:bb:fe:30:a3:fd:35:a9:94:
99:f4:96:a6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY2DZ4OzjhqMHObBYXRK0kQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjA3MTE1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ1OTYwOTUzZDU5ZmNjNTk3ZjEyOTE3NTI4MjgxODA4NDIxYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoZ5Q7YiqE+krItIL9WTonulJrD5
1iyIrC1Wbc6TpbFT4PZmUiZfEcr2t940zT4VRaCS/X93h+9qslFnc56T1+BMOm/p
y1NlkyTbh3AARJPgRj3XRzP8UuhupD9t6uzR0t/VRFLKWxywpn18rU+xMenfd1Ra
uenXdoi8DwPVsleUiXVHFYIXiwXjrgLhsdxbxHGqFoRC7h0QdZTH8LrcbHCjmbFP
8aS08co/H794vKurEVB5i9SvEn8mTVaDujxwKAUJZAWg5IfA9/Km3X/7DY90WJ9h
+oiUUXIeLu+uI063hviAGaQdSCWG8iQYccsSXNkkrXyGS+91Og2+DHRfcwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPbVlglT1Z/MWX8SkXUoKBgIQhoIMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOXRXV0NWUFZuOHhaZnhLUmRTZ29HQWhDR2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBACTLXUD
BAKTLXgDBADB6TwDBADB6T4DBALB6XwDBADB6aowDQYJKoZIhvcNAQELBQADggEB
AJy2I5dMCzvfJl8dYMn8oiL3z6q22k8EGcu7jnkjH36kT3YeEkkl/UE0CQHF0/nL
Zn0U6snGO+zfy4f35vYYc/4Pwj3ZgmncRYBhbObDosmE7GySCES0CReRMtqbFKta
0srEeOh+lQ8cJylPXqIYwPSRMJDt9vK8n9KshZm+l8xuBAJ9dwZkLFzYQJPMwiRn
9NeEaekAiM5oKHBRZhMbeXVcdAoJ3ukkpsWYYKhNdc5u7CTNkE+/Hj/83Dx601lP
xGnI4+kqfSeeIS+FNoCC5uEofNPMZQxGbJ7S1u9r/KHavNOnamm9TD3YVYANF0oH
LrAHAEy7/jCj/TWplJn0lqY=
-----END CERTIFICATE-----
Generated at Thu Feb 15 15:57:06 2024 by rpki-client on console-ams.rpki-client.org