Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gURNfOcQxMpvB7zDVIx4moTLVUM.roa
File: gURNfOcQxMpvB7zDVIx4moTLVUM.roa (raw, json)
Hash identifier: QXtiG7wYuJZ6vu1IhL+ySHB+2Lcjh12dzhM702ZBc6s=
Subject key identifier: 81:44:4D:7C:E7:10:C4:CA:6F:07:BC:C3:54:8C:78:9A:84:CB:55:43
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E109012516034AE3EE1A658E792CC9768
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gURNfOcQxMpvB7zDVIx4moTLVUM.roa
Signing time: Tue 05 Mar 2024 21:41:01 +0000
ROA not before: Tue 05 Mar 2024 21:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 147.45.101.0/24 maxlen: 24
147.45.102.0/24 maxlen: 24
147.45.103.0/24 maxlen: 24
147.45.104.0/24 maxlen: 24
147.45.105.0/24 maxlen: 24
147.45.106.0/24 maxlen: 24
147.45.107.0/24 maxlen: 24
147.45.108.0/24 maxlen: 24
147.45.109.0/24 maxlen: 24
147.45.110.0/24 maxlen: 24
147.45.111.0/24 maxlen: 24
147.45.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 23:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:10:90:12:51:60:34:ae:3e:e1:a6:58:e7:92:cc:97:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 5 21:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81444d7ce710c4ca6f07bcc3548c789a84cb5543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1e:f6:bb:16:ee:0a:46:5a:b5:c0:71:c0:5b:
ad:c5:73:b6:e9:20:f8:02:d3:fc:18:26:c6:82:11:
bf:b6:bc:b2:c7:09:23:3a:65:ba:b7:d4:d2:76:b6:
89:8d:cc:e0:f9:c1:a0:e6:b4:66:fa:fe:c0:15:6c:
43:17:61:4d:23:f8:cb:ec:6f:3b:6e:a3:ab:4e:e8:
85:de:03:93:88:26:de:e5:bb:0b:8d:14:38:1e:e1:
ca:a8:72:da:a6:2b:b7:ee:b5:ce:03:dd:5b:31:de:
6f:57:65:8e:4d:48:b5:bd:46:39:0f:79:dd:b0:47:
8d:ce:49:e6:76:a0:77:fb:40:be:36:08:00:97:ce:
3f:83:74:73:a7:32:9a:4b:a2:da:32:48:7a:49:2f:
67:e1:70:1d:08:4e:08:9d:9d:9d:c3:e1:e6:3f:63:
97:f1:fb:9f:a9:ec:f5:a4:a1:0d:1a:cd:05:8a:33:
b7:7c:32:ed:5b:ef:fd:9e:8f:ed:78:7f:e8:fc:88:
c8:03:15:a1:a3:b0:81:3b:e9:36:c1:f9:11:90:0f:
1a:ff:f6:df:90:0a:6b:13:33:c9:e8:43:0d:8c:4e:
46:95:d7:c5:12:56:c9:94:55:a4:37:b6:aa:59:2e:
89:cc:ba:a6:40:c9:55:4d:25:ee:42:d9:89:73:4b:
bc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:44:4D:7C:E7:10:C4:CA:6F:07:BC:C3:54:8C:78:9A:84:CB:55:43
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/gURNfOcQxMpvB7zDVIx4moTLVUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.101.0-147.45.111.255
147.45.144.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:43:8f:f7:d1:cc:1a:fc:9a:dc:2f:d9:55:94:87:f9:7d:49:
c1:56:66:3e:3e:d5:69:b0:ec:b3:b9:92:0d:c7:e4:35:f2:3b:
61:13:5e:e0:d3:31:8f:fd:ac:9b:39:a8:88:0e:6d:8c:6b:be:
74:14:e1:81:bb:b7:4b:c1:58:22:dd:c9:a0:94:8c:c1:fe:07:
f4:23:d9:84:54:38:85:ca:37:38:e6:20:07:53:04:67:2b:dd:
30:85:0c:f8:9b:01:bd:af:8b:ac:ba:af:52:8a:2b:ee:bd:a6:
74:57:b5:61:a5:e3:1c:9a:b7:2b:89:31:fb:de:83:c9:0c:11:
e0:7c:cc:85:1e:8f:a2:cf:6c:9a:75:55:3f:fe:e9:64:b2:36:
bc:aa:94:e4:59:97:b5:16:5a:38:97:f7:a6:fc:87:b9:f1:bf:
4a:79:c1:d3:4e:35:a0:51:e7:19:98:2b:55:d1:36:07:fb:6d:
71:2d:41:74:78:3b:5a:3e:74:8f:a4:c9:b9:5b:57:68:0f:35:
2e:3b:02:02:4d:0f:cd:32:31:ea:3a:d7:10:76:74:1a:06:42:
bc:2a:29:fa:9d:1b:c3:3b:16:82:ee:cf:38:65:0b:ef:7b:d5:
74:b4:71:14:13:60:6c:2e:ff:71:f8:1e:62:72:59:f8:19:5a:
73:69:2b:ae
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY4QkBJRYDSuPuGmWOeSzJdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzA1MjE0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ0NGQ3Y2U3MTBjNGNhNmYwN2JjYzM1NDhjNzg5YTg0Y2I1NTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh72uxbuCkZatcBxwFutxXO26SD4
AtP8GCbGghG/tryyxwkjOmW6t9TSdraJjczg+cGg5rRm+v7AFWxDF2FNI/jL7G87
bqOrTuiF3gOTiCbe5bsLjRQ4HuHKqHLapiu37rXOA91bMd5vV2WOTUi1vUY5D3nd
sEeNzknmdqB3+0C+NggAl84/g3RzpzKaS6LaMkh6SS9n4XAdCE4InZ2dw+HmP2OX
8fufqez1pKENGs0FijO3fDLtW+/9no/teH/o/IjIAxWho7CBO+k2wfkRkA8a//bf
kAprEzPJ6EMNjE5GldfFElbJlFWkN7aqWS6JzLqmQMlVTSXuQtmJc0u8KQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIFETXznEMTKbwe8w1SMeJqEy1VDMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZ1VSTmZPY1F4TXB2Qjd6RFZJeDRtb1RMVlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACTLWUD
BASTLWADBASTLZAwDQYJKoZIhvcNAQELBQADggEBAD1Dj/fRzBr8mtwv2VWUh/l9
ScFWZj4+1Wmw7LO5kg3H5DXyO2ETXuDTMY/9rJs5qIgObYxrvnQU4YG7t0vBWCLd
yaCUjMH+B/Qj2YRUOIXKNzjmIAdTBGcr3TCFDPibAb2vi6y6r1KKK+69pnRXtWGl
4xyatyuJMfveg8kMEeB8zIUej6LPbJp1VT/+6WSyNryqlORZl7UWWjiX96b8h7nx
v0p5wdNONaBR5xmYK1XRNgf7bXEtQXR4O1o+dI+kyblbV2gPNS47AgJND80yMeo6
1xB2dBoGQrwqKfqdG8M7FoLuzzhlC+971XS0cRQTYGwu/3H4HmJyWfgZWnNpK64=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org