Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nIZXufZWhCLd9ch_ObsM2zBi-Sc.roa
File: nIZXufZWhCLd9ch_ObsM2zBi-Sc.roa (raw, json)
Hash identifier: 2/JFgV8JLl0KYNd2qXHR6LPfpyDQLt8dwKjrdm2st94=
Subject key identifier: 9C:86:57:B9:F6:56:84:22:DD:F5:C8:7F:39:BB:0C:DB:30:62:F9:27
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018EA311534BC057CFEC458B42378C589386
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nIZXufZWhCLd9ch_ObsM2zBi-Sc.roa
Signing time: Wed 03 Apr 2024 08:26:45 +0000
ROA not before: Wed 03 Apr 2024 08:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 20:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:11:53:4b:c0:57:cf:ec:45:8b:42:37:8c:58:93:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 3 08:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c8657b9f6568422ddf5c87f39bb0cdb3062f927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ec:00:cf:ae:43:2c:10:63:07:ae:de:76:b1:
7a:df:2e:01:78:7e:96:f5:e4:6f:65:10:a1:cb:04:
10:80:ba:f8:94:7b:13:9a:54:19:70:5e:74:c7:cd:
d2:37:d1:c9:a2:c0:93:fb:02:f9:45:47:15:1c:92:
00:56:91:54:76:f5:c3:7c:51:f0:68:01:ce:f4:31:
c5:73:5b:50:7a:c0:e4:28:0e:8b:4d:f2:9b:f2:77:
f3:51:2b:68:40:4f:41:5c:8c:34:94:be:2e:bc:58:
61:92:00:0e:da:7e:c8:70:28:98:db:aa:30:a5:29:
48:e5:0a:cf:3e:21:87:df:c6:0c:e8:0f:60:aa:6e:
0d:89:41:0e:5c:a9:50:ad:91:fe:c0:d0:b6:4f:1d:
75:43:10:b0:65:b6:e6:a1:ee:27:80:c0:ef:6c:d0:
4a:54:44:4e:b3:d3:1e:86:42:fe:4c:7d:ab:cd:45:
97:e1:7e:94:1d:d9:74:61:c6:63:72:48:55:67:62:
0b:55:52:c2:fd:70:96:fa:0b:9e:ec:bf:e4:94:83:
ac:b1:4b:38:0c:ac:e7:bc:f2:24:02:27:39:33:a9:
96:86:f2:34:cd:2d:04:a3:cd:fb:61:d7:e5:7f:9e:
4b:71:78:70:42:4a:d5:af:f9:17:7f:67:5e:77:5a:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:86:57:B9:F6:56:84:22:DD:F5:C8:7F:39:BB:0C:DB:30:62:F9:27
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nIZXufZWhCLd9ch_ObsM2zBi-Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.66.0/23
147.45.193.0/24
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.164.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
10:57:f7:d0:d2:54:0b:9d:1c:f4:38:50:0d:05:9d:56:d9:45:
88:32:11:3a:63:22:7b:3e:ae:25:d3:df:93:54:62:d6:ac:7d:
a9:fa:fd:38:db:16:eb:8c:3f:1a:d0:dd:f8:9c:4f:af:27:ca:
1f:f6:34:23:4c:58:b1:54:d1:ae:48:c3:b0:2b:19:28:fc:01:
28:cc:02:2f:99:a5:0e:9a:3c:68:19:64:d8:2a:ce:69:17:7a:
5f:35:a7:1e:1f:9c:4c:91:65:39:af:e3:a1:bc:f0:5a:34:2f:
f4:75:e9:30:aa:f1:40:6f:c4:e7:97:5c:a8:64:40:af:da:1e:
93:eb:4e:65:e3:06:45:ad:3f:ad:a1:f3:30:2c:be:22:fc:70:
8d:f4:55:25:15:e6:e4:d1:45:a0:8d:ac:dd:bf:25:47:a7:4f:
08:94:68:a0:22:7e:3f:fd:60:5f:48:25:31:56:44:e0:e6:d2:
93:b0:ec:b8:99:b2:d8:a6:0d:5d:89:98:14:ae:df:9a:c4:5e:
3f:46:ea:2a:d8:3c:cc:dc:b2:b7:1e:20:01:bb:87:57:ea:8f:
8f:67:01:db:e1:b8:13:0b:e8:9e:f6:7f:1f:32:35:90:1b:82:
fb:39:95:13:df:c6:d9:f4:f7:46:e8:30:ff:00:55:18:71:6b:
f2:35:f3:e4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6jEVNLwFfP7EWLQjeMWJOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDAzMDgyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzg2NTdiOWY2NTY4NDIyZGRmNWM4N2YzOWJiMGNkYjMwNjJmOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuwAz65DLBBjB67edrF63y4BeH6W
9eRvZRChywQQgLr4lHsTmlQZcF50x83SN9HJosCT+wL5RUcVHJIAVpFUdvXDfFHw
aAHO9DHFc1tQesDkKA6LTfKb8nfzUStoQE9BXIw0lL4uvFhhkgAO2n7IcCiY26ow
pSlI5QrPPiGH38YM6A9gqm4NiUEOXKlQrZH+wNC2Tx11QxCwZbbmoe4ngMDvbNBK
VEROs9MehkL+TH2rzUWX4X6UHdl0YcZjckhVZ2ILVVLC/XCW+gue7L/klIOssUs4
DKznvPIkAic5M6mWhvI0zS0Eo837Ydflf55LcXhwQkrVr/kXf2ded1pu0wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJyGV7n2VoQi3fXIfzm7DNswYvknMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbklaWHVmWldoQ0xkOWNoX09ic00yekJpLVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBky1CAwQA
ky3BAwQCuWdkAwQBwelKAwQAwelQAwQAwemkAwQBwen8MA0GCSqGSIb3DQEBCwUA
A4IBAQAQV/fQ0lQLnRz0OFANBZ1W2UWIMhE6YyJ7Pq4l09+TVGLWrH2p+v042xbr
jD8a0N34nE+vJ8of9jQjTFixVNGuSMOwKxko/AEozAIvmaUOmjxoGWTYKs5pF3pf
NaceH5xMkWU5r+OhvPBaNC/0dekwqvFAb8Tnl1yoZECv2h6T605l4wZFrT+tofMw
LL4i/HCN9FUlFebk0UWgjazdvyVHp08IlGigIn4//WBfSCUxVkTg5tKTsOy4mbLY
pg1diZgUrt+axF4/Ruoq2DzM3LK3HiABu4dX6o+PZwHb4bgTC+ie9n8fMjWQG4L7
OZUT38bZ9PdG6DD/AFUYcWvyNfPk
-----END CERTIFICATE-----
Generated at Thu Jul 4 21:57:45 2024 by rpki-client on console-fra.rpki-client.org