Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeurYXCn9LP0_bjfpngPdiPQ3xQ.roa
File: CeurYXCn9LP0_bjfpngPdiPQ3xQ.roa (raw, json)
Hash identifier: cV3G9fM6/FeG7WKPS8oyP5A609KeYG88KW/66hheF1w=
Subject key identifier: 09:EB:AB:61:70:A7:F4:B3:F4:FD:B8:DF:A6:78:0F:76:23:D0:DF:14
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80121D18122A9A0C3CC9887E28B1B0E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeurYXCn9LP0_bjfpngPdiPQ3xQ.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13194
IP address blocks: 91.190.45.0/24 maxlen: 24
85.254.71.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.74.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.159.0/24 maxlen: 24
85.254.161.0/24 maxlen: 24
85.254.168.0/24 maxlen: 24
85.254.169.0/24 maxlen: 24
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
80.81.61.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.95.0/24 maxlen: 24
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
159.148.73.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
159.148.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 09:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:21:d1:81:22:a9:a0:c3:cc:98:87:e2:8b:1b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ebab6170a7f4b3f4fdb8dfa6780f7623d0df14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:17:0f:74:6d:36:21:d5:02:2e:dd:93:aa:
1a:c9:a2:b7:c3:c9:df:fa:02:7b:f0:3a:9a:93:3b:
60:98:8e:f5:b0:cc:9c:ad:b5:5d:8b:20:86:f4:a7:
97:31:c4:ed:b1:8e:eb:fc:db:12:81:93:64:12:76:
49:5d:b0:1b:cd:d7:1c:8e:41:0b:b1:99:4a:3e:e8:
80:31:9d:3b:fe:9b:17:4d:2d:0f:24:be:89:34:4d:
c1:73:62:aa:f8:ea:98:5d:3a:fa:23:5e:6e:4f:08:
97:80:4d:33:6e:be:1b:20:cc:d2:9f:ca:fd:c2:46:
53:c0:c8:59:2a:f2:97:98:55:cd:86:ab:6a:45:ce:
d9:a9:63:e2:a2:76:06:8c:98:39:c5:87:3b:f4:28:
57:c6:e7:1a:68:b0:30:43:49:ae:de:19:22:ff:e0:
8b:72:40:8c:cc:b6:5f:e6:d2:97:d6:de:a8:de:e8:
d0:1c:14:0f:c0:6c:be:1e:07:7c:00:bd:9f:68:a4:
93:05:43:88:fc:b8:33:e0:45:87:69:46:44:23:96:
a1:80:ba:4f:5b:df:2f:90:b6:00:fd:c1:e6:99:68:
2c:2e:30:5c:0f:e1:51:88:fc:0d:e7:68:74:2f:9a:
21:9c:07:2c:8d:df:6d:a7:c3:eb:5c:da:a8:f8:35:
7f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EB:AB:61:70:A7:F4:B3:F4:FD:B8:DF:A6:78:0F:76:23:D0:DF:14
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeurYXCn9LP0_bjfpngPdiPQ3xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.102.255
85.254.104.0-85.254.119.255
85.254.124.0/23
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.159.0/24
85.254.161.0/24
85.254.168.0-85.254.170.255
85.254.176.0/23
91.190.45.0/24
159.148.73.0/24
159.148.249.0/24
Signature Algorithm: sha256WithRSAEncryption
41:30:08:54:12:c7:41:55:92:69:75:b8:2d:2f:c7:54:62:d9:
85:b9:31:f0:9d:46:16:3d:e1:58:f1:a0:c3:02:43:5a:de:f6:
10:80:65:04:d2:6e:2a:64:da:2a:12:4e:8e:bd:52:54:0f:bc:
f2:11:75:e2:8e:ab:d5:35:c0:86:d8:1d:df:08:de:ad:9e:1d:
2f:75:73:26:1d:9f:a0:e1:4d:27:44:53:fa:32:32:c4:bf:b6:
11:ad:c9:85:0c:70:55:99:f7:64:cb:bc:da:85:c0:a3:0b:03:
64:50:fa:6e:c7:21:62:50:fc:ac:6f:3f:b0:aa:3d:eb:a7:0d:
5c:85:0c:a9:2d:94:46:c7:bc:d4:5a:dc:cb:f8:ff:3f:af:a2:
a7:02:32:22:4f:1e:4c:d0:af:86:fa:15:c7:2d:10:66:62:f5:
5f:5e:54:8f:b0:d5:31:b6:8d:ad:7a:bd:83:18:91:32:b3:61:
09:26:47:74:2d:1b:0d:96:ac:ba:1e:67:42:65:23:57:d0:92:
3a:94:a0:50:39:15:a5:f3:97:2a:0d:72:2b:fc:24:71:85:25:
dc:3b:cd:f5:4a:3a:6f:b4:5e:b4:5a:ad:01:de:fe:09:51:62:
80:32:72:61:5e:2c:52:cd:80:1c:68:ff:f8:6b:0c:d8:7f:0c:
6c:85:52:57
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYzIASHRgSKpoMPMmIfiixsOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWViYWI2MTcwYTdmNGIzZjRmZGI4ZGZhNjc4MGY3NjIzZDBkZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxAXD3RtNiHVAi7dk6oayaK3w8nf
+gJ78DqakztgmI71sMycrbVdiyCG9KeXMcTtsY7r/NsSgZNkEnZJXbAbzdccjkEL
sZlKPuiAMZ07/psXTS0PJL6JNE3Bc2Kq+OqYXTr6I15uTwiXgE0zbr4bIMzSn8r9
wkZTwMhZKvKXmFXNhqtqRc7ZqWPionYGjJg5xYc79ChXxucaaLAwQ0mu3hki/+CL
ckCMzLZf5tKX1t6o3ujQHBQPwGy+Hgd8AL2faKSTBUOI/Lgz4EWHaUZEI5ahgLpP
W98vkLYA/cHmmWgsLjBcD+FRiPwN52h0L5ohnAcsjd9tp8PrXNqo+DV/GQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFAnrq2Fwp/Sz9P2436Z4D3Yj0N8UMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ2V1cllYQ245TFAwX2JqZnBuZ1BkaVBRM3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABQ
UT0DBABV/kcwDAMEAFX+SQMEAVX+VDAMAwQCVf5cAwQAVf5mMAwDBANV/mgDBANV
/nADBAFV/nwDBABV/o0DBABV/pUwDAMEAFX+lwMEAlX+mAMEAFX+nwMEAFX+oTAM
AwQDVf6oAwQAVf6qAwQBVf6wAwQAW74tAwQAn5RJAwQAn5T5MA0GCSqGSIb3DQEB
CwUAA4IBAQBBMAhUEsdBVZJpdbgtL8dUYtmFuTHwnUYWPeFY8aDDAkNa3vYQgGUE
0m4qZNoqEk6OvVJUD7zyEXXijqvVNcCG2B3fCN6tnh0vdXMmHZ+g4U0nRFP6MjLE
v7YRrcmFDHBVmfdky7zahcCjCwNkUPpuxyFiUPysbz+wqj3rpw1chQypLZRGx7zU
WtzL+P8/r6KnAjIiTx5M0K+G+hXHLRBmYvVfXlSPsNUxto2ter2DGJEys2EJJkd0
LRsNlqy6HmdCZSNX0JI6lKBQORWl85cqDXIr/CRxhSXcO831SjpvtF60Wq0B3v4J
UWKAMnJhXixSzYAcaP/4awzYfwxshVJX
-----END CERTIFICATE-----
Generated at Thu Mar 14 14:29:39 2024 by rpki-client on console-fra.rpki-client.org