Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nZOrhEipFU_cFFRNYJnOilv5s0.roa
File: 9nZOrhEipFU_cFFRNYJnOilv5s0.roa (raw, json)
Hash identifier: FH1epHgJ7krZ/OYkyQ62anxzqFRwVqlDE9ZCeuwI9FE=
Subject key identifier: F6:76:4E:AE:11:22:A4:55:3F:70:51:51:35:82:67:3A:29:6F:E6:CD
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3B8B94EC117FBFEFD0815ACADF42
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nZOrhEipFU_cFFRNYJnOilv5s0.roa
Signing time: Tue 02 Jan 2024 08:33:16 +0000
ROA not before: Tue 02 Jan 2024 08:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197071
IP address blocks: 45.90.97.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 15:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3b:8b:94:ec:11:7f:bf:ef:d0:81:5a:ca:df:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6764eae1122a4553f7051513582673a296fe6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:5c:7b:7f:93:5d:d2:23:7b:ce:c4:88:05:
22:19:76:91:98:1d:8f:2f:9f:63:c9:f9:a8:a2:df:
55:7d:da:eb:99:76:1d:75:84:f1:6f:95:1b:e4:22:
f6:ac:ac:63:f9:27:3e:96:ae:01:53:8e:ce:3f:54:
6c:15:f3:8c:42:77:7b:b4:97:eb:0b:f3:de:ae:67:
95:8a:0e:52:a2:71:fb:a5:b9:8b:89:89:83:d9:2e:
eb:1c:6a:48:34:12:e3:7c:f4:6f:50:1d:a8:75:48:
85:6f:5d:13:c7:51:8e:36:0d:ac:38:c4:3d:86:88:
b4:59:4c:64:b6:10:eb:9c:b4:a5:0e:aa:33:50:b9:
36:c2:89:0d:70:7c:2a:b1:e2:3a:2e:56:6b:9b:1d:
ff:13:b1:c2:ea:37:eb:c5:dd:79:0a:22:88:5a:e4:
2b:34:62:b0:41:24:14:7e:3c:35:8d:38:55:27:ca:
b7:35:96:33:fa:b7:52:33:ac:fa:2c:2d:ef:cd:f6:
00:76:b9:3f:8b:03:a9:7d:52:66:27:bd:02:fb:d3:
35:c7:8e:55:54:f7:6f:e4:7d:d2:ab:fd:1f:fb:68:
de:a6:01:95:fc:4b:38:58:a0:79:cc:47:13:d2:8a:
81:3e:4a:80:97:20:45:52:04:0c:b9:b2:d9:50:4b:
5a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:76:4E:AE:11:22:A4:55:3F:70:51:51:35:82:67:3A:29:6F:E6:CD
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/9nZOrhEipFU_cFFRNYJnOilv5s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.139.0/24
45.90.97.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
94:e6:db:9c:9a:5d:10:d7:a8:8d:f9:e0:c1:09:2b:f6:7c:7b:
87:9f:e9:93:d7:36:4c:3f:e4:43:d5:80:dc:84:79:72:12:45:
14:a7:44:1c:bf:96:5c:76:f9:1d:23:e6:c4:0b:e2:fd:7a:15:
ed:e9:be:99:fb:d8:fd:11:70:b2:f0:94:d8:5d:dc:d7:da:b1:
eb:0a:ab:2d:94:03:d0:11:3f:74:c1:9f:03:33:85:0c:3c:37:
81:0c:eb:b7:68:6f:fb:d7:48:3a:26:48:41:ef:42:b8:9d:82:
24:87:6d:eb:aa:95:a6:ea:c4:d9:4c:58:68:e8:fb:1a:d2:61:
cc:f8:71:da:fe:88:b2:51:00:55:7e:d5:a3:9c:a1:0c:44:c9:
42:a2:5a:d7:ad:c0:e5:92:81:30:cf:26:e9:ae:c0:73:7c:d7:
e6:e2:18:bf:70:31:1b:29:4d:e0:86:8a:f3:7b:b0:20:e3:e6:
86:04:ac:e5:b0:b5:0c:b9:48:75:e5:01:ba:ea:d6:c8:f5:3c:
d7:4a:7f:7e:31:de:1c:23:74:ab:95:83:2c:1e:3e:21:80:40:
e7:88:a8:c4:2c:98:df:3f:81:d2:2e:b1:7c:55:aa:7b:b1:b4:
09:20:d5:81:c2:c2:95:80:32:e5:f0:48:17:b2:5f:76:fe:ed:
25:50:88:77
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTjuLlOwRf7/v0IFayt9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjc2NGVhZTExMjJhNDU1M2Y3MDUxNTEzNTgyNjczYTI5NmZlNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSFce3+TXdIje87EiAUiGXaRmB2P
L59jyfmoot9VfdrrmXYddYTxb5Ub5CL2rKxj+Sc+lq4BU47OP1RsFfOMQnd7tJfr
C/PermeVig5SonH7pbmLiYmD2S7rHGpINBLjfPRvUB2odUiFb10Tx1GONg2sOMQ9
hoi0WUxkthDrnLSlDqozULk2wokNcHwqseI6LlZrmx3/E7HC6jfrxd15CiKIWuQr
NGKwQSQUfjw1jThVJ8q3NZYz+rdSM6z6LC3vzfYAdrk/iwOpfVJmJ70C+9M1x45V
VPdv5H3Sq/0f+2jepgGV/Es4WKB5zEcT0oqBPkqAlyBFUgQMubLZUEtauwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPZ2Tq4RIqRVP3BRUTWCZzopb+bNMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOW5aT3JoRWlwRlVfY0ZGUk5ZSm5PaWx2NXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ3iAwQA
LUOLAwQALVphAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQCU5tucml0Q16iN+eDB
CSv2fHuHn+mT1zZMP+RD1YDchHlyEkUUp0Qcv5ZcdvkdI+bEC+L9ehXt6b6Z+9j9
EXCy8JTYXdzX2rHrCqstlAPQET90wZ8DM4UMPDeBDOu3aG/710g6JkhB70K4nYIk
h23rqpWm6sTZTFho6Psa0mHM+HHa/oiyUQBVftWjnKEMRMlColrXrcDlkoEwzybp
rsBzfNfm4hi/cDEbKU3ghorze7Ag4+aGBKzlsLUMuUh15QG66tbI9TzXSn9+Md4c
I3SrlYMsHj4hgEDniKjELJjfP4HSLrF8Vap7sbQJINWBwsKVgDLl8EgXsl92/u0l
UIh3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org