Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/M50QCS72qi7U9T4sgq3Ok43ESyA.roa
File: M50QCS72qi7U9T4sgq3Ok43ESyA.roa (raw, json)
Hash identifier: DLFXGPJCzDqauIhQE4UoulINfgHQ8l36pEdNBfbBx2M=
Subject key identifier: 33:9D:10:09:2E:F6:AA:2E:D4:F5:3E:2C:82:AD:CE:93:8D:C4:4B:20
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E31D4124DA9C31F7274F7CE9699165948
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/M50QCS72qi7U9T4sgq3Ok43ESyA.roa
Signing time: Tue 12 Mar 2024 08:42:45 +0000
ROA not before: Tue 12 Mar 2024 08:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.50.0/24 maxlen: 24
147.45.84.0/24 maxlen: 24
147.45.85.0/24 maxlen: 24
147.45.86.0/24 maxlen: 24
147.45.87.0/24 maxlen: 24
147.45.116.0/24 maxlen: 24
147.45.200.0/23 maxlen: 23
147.45.202.0/23 maxlen: 23
147.45.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 18:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:d4:12:4d:a9:c3:1f:72:74:f7:ce:96:99:16:59:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 12 08:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=339d10092ef6aa2ed4f53e2c82adce938dc44b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:18:bf:3a:df:f1:49:91:79:d4:75:30:76:ee:
26:18:6b:7a:20:b6:01:c0:a6:77:54:07:88:cd:e1:
51:2e:c8:3c:0b:2b:4a:91:7e:26:7e:14:2e:16:c1:
22:46:2f:bb:25:5c:33:4f:2d:26:14:af:c8:60:b6:
7f:04:ec:bb:8a:c0:dd:ab:6c:3a:06:d5:cf:59:c9:
af:f8:d4:b3:89:68:ed:9c:e8:df:47:0a:01:0f:f7:
99:0a:e9:ed:12:e9:30:bf:b5:e4:5b:28:98:3c:ec:
dc:63:38:e4:f7:2b:c5:92:b2:cb:7e:f5:dd:2d:0c:
1c:1e:8c:5f:31:f9:b9:61:f0:50:9c:a7:a7:cc:69:
b4:e3:73:2f:6f:b1:3e:ed:b5:3f:bb:67:dd:10:d5:
8e:6b:73:5f:d1:ab:01:28:44:f1:2e:4d:ea:54:58:
c8:8a:14:55:3e:f9:c8:ea:9f:23:20:c6:71:09:e7:
f6:63:5e:93:25:b0:62:8a:35:cb:bb:75:10:00:c4:
3e:19:5d:6a:2c:7c:99:94:50:46:08:94:fd:96:31:
77:b6:50:ae:e5:76:71:a8:3c:36:0f:ae:d8:46:ae:
04:d7:d8:e2:cf:e2:aa:15:a8:00:76:df:ae:08:56:
a8:6d:fc:02:1f:1a:0e:79:24:8b:2a:e8:7c:6c:0d:
49:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9D:10:09:2E:F6:AA:2E:D4:F5:3E:2C:82:AD:CE:93:8D:C4:4B:20
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/M50QCS72qi7U9T4sgq3Ok43ESyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.50.0/24
147.45.84.0/22
147.45.116.0/24
147.45.200.0-147.45.204.255
Signature Algorithm: sha256WithRSAEncryption
5d:49:5a:9d:81:00:f6:14:e4:1c:1f:e0:3a:00:e8:ae:f3:18:
cd:6c:e6:91:73:b5:c5:d4:2e:7c:2d:cc:3b:21:fb:80:9d:8f:
a0:50:5d:b7:29:db:2d:91:62:58:38:6a:f1:09:8d:c7:b1:4f:
b0:7a:58:05:f5:dd:b5:64:1e:7c:b8:0b:1a:4f:57:fd:dc:14:
6a:56:4b:de:0a:21:d1:07:b0:9c:f2:88:46:59:66:33:5b:64:
03:a6:45:06:db:74:6c:c3:7c:01:9c:2e:ca:61:7a:94:e6:49:
a2:5d:66:f4:25:80:f3:8a:d6:d0:db:01:ca:8a:70:bf:85:9a:
b3:01:94:66:20:72:99:44:2f:56:12:f1:9d:3e:48:b5:43:32:
40:d3:be:03:d6:96:6f:b0:e2:6d:0c:0d:84:14:6c:df:7f:04:
94:3c:17:8b:61:c0:9f:1c:79:46:4b:7b:25:01:3e:3b:c3:5a:
c1:17:4c:00:f9:bc:ed:54:6c:da:31:39:34:71:8e:0c:c1:3e:
cb:f9:61:cf:73:bd:94:e8:ae:25:78:14:06:e5:e9:8b:45:44:
68:99:9e:5e:e9:04:cd:ea:34:68:7c:57:2e:b6:5f:ff:c5:41:
a6:a3:77:59:cd:b8:1d:85:a2:4d:d0:3a:2f:99:dc:26:7e:24:
6d:a5:79:ee
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4x1BJNqcMfcnT3zpaZFllIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzEyMDg0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlkMTAwOTJlZjZhYTJlZDRmNTNlMmM4MmFkY2U5MzhkYzQ0YjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxi/Ot/xSZF51HUwdu4mGGt6ILYB
wKZ3VAeIzeFRLsg8CytKkX4mfhQuFsEiRi+7JVwzTy0mFK/IYLZ/BOy7isDdq2w6
BtXPWcmv+NSziWjtnOjfRwoBD/eZCuntEukwv7XkWyiYPOzcYzjk9yvFkrLLfvXd
LQwcHoxfMfm5YfBQnKenzGm043Mvb7E+7bU/u2fdENWOa3Nf0asBKETxLk3qVFjI
ihRVPvnI6p8jIMZxCef2Y16TJbBiijXLu3UQAMQ+GV1qLHyZlFBGCJT9ljF3tlCu
5XZxqDw2D67YRq4E19jiz+KqFagAdt+uCFaobfwCHxoOeSSLKuh8bA1JSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDOdEAku9qou1PU+LIKtzpONxEsgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTTUwUUNTNzJxaTdVOVQ0c2dxM09rNDNFU3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAky0yAwQC
ky1UAwQAky10MAwDBAOTLcgDBACTLcwwDQYJKoZIhvcNAQELBQADggEBAF1JWp2B
APYU5Bwf4DoA6K7zGM1s5pFztcXULnwtzDsh+4Cdj6BQXbcp2y2RYlg4avEJjcex
T7B6WAX13bVkHny4CxpPV/3cFGpWS94KIdEHsJzyiEZZZjNbZAOmRQbbdGzDfAGc
LsphepTmSaJdZvQlgPOK1tDbAcqKcL+FmrMBlGYgcplEL1YS8Z0+SLVDMkDTvgPW
lm+w4m0MDYQUbN9/BJQ8F4thwJ8ceUZLeyUBPjvDWsEXTAD5vO1UbNoxOTRxjgzB
Psv5Yc9zvZToriV4FAbl6YtFRGiZnl7pBM3qNGh8Vy62X//FQaajd1nNuB2Fok3Q
Oi+Z3CZ+JG2lee4=
-----END CERTIFICATE-----
Generated at Tue Mar 12 21:02:14 2024 by rpki-client on console-fra.rpki-client.org