Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/0pBLYCF_hhcZc2iD_9Zc3bcgWrs.roa
File: 0pBLYCF_hhcZc2iD_9Zc3bcgWrs.roa (raw, json)
Hash identifier: m4LB1M5bNS5BbkwqhxmeXiqwZRf+hxBYuflTvrX3H4k=
Subject key identifier: D2:90:4B:60:21:7F:86:17:19:73:68:83:FF:D6:5C:DD:B7:20:5A:BB
Certificate issuer: /CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Certificate serial: 01856E145496A437FB375A75C4F7897F7C62
Authority key identifier: 70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/0pBLYCF_hhcZc2iD_9Zc3bcgWrs.roa
Signing time: Sun 01 Jan 2023 16:05:04 +0000
ROA not before: Sun 01 Jan 2023 16:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8211
IP address blocks: 145.72.108.0/23 maxlen: 23
145.72.108.0/22 maxlen: 22
145.72.110.0/23 maxlen: 23
145.72.120.0/21 maxlen: 21
145.72.124.0/22 maxlen: 22
145.72.120.0/22 maxlen: 22
145.72.94.0/23 maxlen: 23
145.72.94.0/24 maxlen: 24
145.72.95.0/24 maxlen: 24
145.72.96.0/23 maxlen: 23
145.72.96.0/22 maxlen: 22
145.72.98.0/23 maxlen: 23
145.72.100.0/22 maxlen: 22
2a02:cc4:2100::/41 maxlen: 41
2a02:cc4:2f00::/41 maxlen: 41
2a02:cc4:2f00::/42 maxlen: 42
2a02:cc4:2f40::/42 maxlen: 42
2a02:cc4:2f0::/45 maxlen: 45
2a02:cc4:2f0::/44 maxlen: 44
2a02:cc4:210::/44 maxlen: 44
2a02:cc4:2f8::/45 maxlen: 45
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:54:96:a4:37:fb:37:5a:75:c4:f7:89:7f:7c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=708612e8703a660889ca0f457cf1b4d8a0d53b4d
Validity
Not Before: Jan 1 16:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2904b60217f861719736883ffd65cddb7205abb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:63:63:71:a1:09:87:f8:26:ea:5c:54:6f:55:
52:c5:6b:72:18:e7:3c:d8:61:80:ed:7e:ab:b9:2c:
67:20:91:1e:9b:ea:93:22:40:ca:fa:9e:85:17:b6:
b8:1d:1d:58:a2:e7:12:d0:68:ef:38:ad:74:08:ae:
5b:dc:93:f7:bf:6f:c5:c4:76:39:93:2a:1f:25:02:
bf:30:f7:06:ba:37:20:c2:bd:1e:ca:c8:01:00:6e:
f8:0f:f6:c7:99:ca:34:68:10:e4:b0:55:0e:5f:bb:
ca:ee:0a:4a:38:c9:c4:37:27:f0:8e:21:3a:b1:2f:
ae:10:7a:09:84:13:29:1d:78:1e:3e:11:a4:de:58:
8c:55:00:cf:b8:a0:7b:53:e1:6e:d6:65:83:ca:ce:
25:72:cc:f4:30:69:24:2a:68:dd:6f:8a:28:52:08:
01:e1:af:a8:c4:ea:2e:3b:c3:43:ab:d9:9b:a6:09:
d7:35:f3:2b:53:87:12:d5:5f:5f:c6:00:2a:bb:93:
a8:4a:ac:a4:6f:f6:f4:1e:14:b8:74:70:73:f1:e9:
4a:08:74:df:33:d8:03:2b:d7:3e:4d:b1:68:70:0a:
76:c0:a2:65:d2:4d:23:84:36:9d:64:e9:fa:d1:dc:
38:f1:7e:24:06:06:fa:24:fe:b1:4a:f9:e8:77:54:
ed:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:90:4B:60:21:7F:86:17:19:73:68:83:FF:D6:5C:DD:B7:20:5A:BB
X509v3 Authority Key Identifier:
keyid:70:86:12:E8:70:3A:66:08:89:CA:0F:45:7C:F1:B4:D8:A0:D5:3B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIYS6HA6ZgiJyg9FfPG02KDVO00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/0pBLYCF_hhcZc2iD_9Zc3bcgWrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/22b0fe-9dc8-4bef-a299-30097a246a9c/1/cIYS6HA6ZgiJyg9FfPG02KDVO00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.72.94.0-145.72.103.255
145.72.108.0/22
145.72.120.0/21
IPv6:
2a02:cc4:210::/44
2a02:cc4:2f0::/44
2a02:cc4:2100::/41
2a02:cc4:2f00::/41
Signature Algorithm: sha256WithRSAEncryption
63:68:21:ce:6c:83:dc:1a:f3:73:f5:e2:75:1c:ae:f9:e8:05:
7a:c1:45:f4:11:20:43:56:e5:32:a1:f6:7b:a7:c4:fe:3c:d8:
07:b2:4c:4e:84:b7:0d:31:fa:be:5d:af:52:df:32:59:cb:aa:
38:26:7c:c9:37:5c:0f:cc:8e:ad:d0:65:01:c2:c9:16:bf:76:
c4:b3:db:27:d6:03:ed:b2:c9:63:60:64:39:f9:44:ed:dc:b0:
ac:bd:9a:2e:eb:c6:ad:95:f7:b0:1e:b1:1a:af:8b:90:2b:ee:
83:52:a6:06:3a:c8:03:76:f2:53:14:75:60:e3:91:da:b0:19:
d1:6b:39:94:83:54:53:41:06:9e:64:fb:4f:ff:c6:f9:23:ad:
53:cd:5e:f1:e8:5c:57:5c:2c:89:80:e1:75:44:bc:a1:a5:57:
bc:20:6f:11:29:54:2c:8d:8f:09:b3:00:ad:05:a6:25:0e:00:
95:a5:00:9a:c1:0e:53:92:f2:95:73:47:f6:67:bc:de:8a:eb:
85:a2:e7:58:da:1a:55:7a:d0:0f:e9:84:9d:e5:b7:85:e7:cf:
c8:87:45:14:b2:cd:59:00:8e:81:ad:34:dd:69:d2:a6:d4:41:
8a:10:7d:67:91:75:e2:65:1e:ff:0a:ad:47:ac:c0:c9:13:cd:
0e:81:73:17
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVuFFSWpDf7N1p1xPeJf3xiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODYxMmU4NzAzYTY2MDg4OWNhMGY0NTdjZjFiNGQ4YTBk
NTNiNGQwHhcNMjMwMTAxMTYwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkwNGI2MDIxN2Y4NjE3MTk3MzY4ODNmZmQ2NWNkZGI3MjA1YWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGNjcaEJh/gm6lxUb1VSxWtyGOc8
2GGA7X6ruSxnIJEem+qTIkDK+p6FF7a4HR1YoucS0GjvOK10CK5b3JP3v2/FxHY5
kyofJQK/MPcGujcgwr0eysgBAG74D/bHmco0aBDksFUOX7vK7gpKOMnENyfwjiE6
sS+uEHoJhBMpHXgePhGk3liMVQDPuKB7U+Fu1mWDys4lcsz0MGkkKmjdb4ooUggB
4a+oxOouO8NDq9mbpgnXNfMrU4cS1V9fxgAqu5OoSqykb/b0HhS4dHBz8elKCHTf
M9gDK9c+TbFocAp2wKJl0k0jhDadZOn60dw48X4kBgb6JP6xSvnod1TtNwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNKQS2Ahf4YXGXNog//WXN23IFq7MB8GA1UdIwQY
MBaAFHCGEuhwOmYIicoPRXzxtNig1TtNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTkt
MzAwOTdhMjQ2YTljLzEvMHBCTFlDRl9oaGNaYzJpRF85WmMzYmNnV3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yMmIwZmUtOWRjOC00YmVmLWEyOTktMzAwOTdhMjQ2YTlj
LzEvY0lZUzZIQTZaZ2lKeWc5RmZQRzAyS0RWTzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAgBAIAATAaMAwDBAGRSF4D
BAORSGADBAKRSGwDBAORSHgwKgQCAAIwJAMHBCoCDMQCEAMHBCoCDMQC8AMHByoC
DMQhAAMHByoCDMQvADANBgkqhkiG9w0BAQsFAAOCAQEAY2ghzmyD3Brzc/XidRyu
+egFesFF9BEgQ1blMqH2e6fE/jzYB7JMToS3DTH6vl2vUt8yWcuqOCZ8yTdcD8yO
rdBlAcLJFr92xLPbJ9YD7bLJY2BkOflE7dywrL2aLuvGrZX3sB6xGq+LkCvug1Km
BjrIA3byUxR1YOOR2rAZ0Ws5lINUU0EGnmT7T//G+SOtU81e8ehcV1wsiYDhdUS8
oaVXvCBvESlULI2PCbMArQWmJQ4AlaUAmsEOU5LylXNH9me83orrhaLnWNoaVXrQ
D+mEneW3hefPyIdFFLLNWQCOga003WnSptRBihB9Z5F14mUe/wqtR6zAyRPNDoFz
Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:50 2024 by rpki-client on console-ams.rpki-client.org