Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa
File: 08oqgyKYsEvcf9kRh57MkLu4O0o.roa (raw, json)
Hash identifier: +RiBST1HvdLHO0NCXH9NVRwDsR/CQFGfI5dMqaXu7oc=
Subject key identifier: D3:CA:2A:83:22:98:B0:4B:DC:7F:D9:11:87:9E:CC:90:BB:B8:3B:4A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188D299D978C4028B4A17DA9FB8C1706D26
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa
Signing time: Mon 19 Jun 2023 07:41:17 +0000
ROA not before: Mon 19 Jun 2023 07:41:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
91.223.110.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d2:99:d9:78:c4:02:8b:4a:17:da:9f:b8:c1:70:6d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 19 07:41:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3ca2a832298b04bdc7fd911879ecc90bbb83b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:99:2d:51:eb:8a:2b:25:c2:78:27:5c:b5:5b:
bb:10:7d:74:8b:2e:f8:e0:a2:2c:80:e8:71:36:51:
d2:79:18:4d:dd:90:1c:8b:8d:94:ff:0c:9c:d6:da:
6c:fd:eb:93:2d:7a:29:f7:e9:9b:8a:7b:c4:79:fb:
38:6c:0c:aa:ba:fc:55:89:f2:9c:04:e0:06:be:81:
da:b7:ed:f8:46:f0:79:e7:72:fe:54:b4:0b:fb:09:
a8:46:62:2f:06:33:f4:3c:0c:c4:ab:77:c4:83:27:
a3:fa:3f:4a:53:25:b6:92:81:cb:2a:17:4c:81:0e:
88:6e:d4:d7:f7:bd:88:6b:06:02:53:99:29:24:cb:
15:b1:0f:d8:a7:87:e7:04:80:f6:20:41:88:dc:6e:
f9:50:71:93:2a:64:73:48:27:84:52:24:08:8f:68:
bb:47:3b:21:b7:4e:c3:1e:a7:88:0a:7d:a5:11:60:
32:60:cc:37:ad:e3:15:fc:9d:4b:74:48:ee:7c:9a:
d3:6f:4d:48:af:a1:1c:94:c7:f8:de:19:74:ec:10:
c2:9f:d7:b1:9b:9f:07:4c:26:12:01:74:dc:80:d0:
bd:e1:eb:96:e4:dc:34:a9:13:ab:13:16:26:af:b0:
c1:5b:9d:85:d3:d2:4a:6d:06:23:80:9c:04:8a:f2:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:CA:2A:83:22:98:B0:4B:DC:7F:D9:11:87:9E:CC:90:BB:B8:3B:4A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/08oqgyKYsEvcf9kRh57MkLu4O0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.38.0/23
85.209.120.0/23
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
95:b2:e6:da:5d:d9:69:9c:28:64:03:4a:b3:89:3b:1d:19:8d:
f3:7e:f6:f1:74:01:87:04:55:dc:75:f4:cc:db:a8:de:8d:08:
c0:4f:35:da:7b:0c:1b:96:86:ad:5a:0c:7c:8a:a8:99:de:25:
7e:4a:c8:1e:e8:12:a0:55:ca:76:9e:cd:78:5a:26:22:12:cc:
20:0f:99:21:49:bf:a7:35:c3:27:d2:cd:5e:e5:93:b4:10:df:
74:52:e6:94:87:86:c1:84:19:38:cd:8a:74:e5:da:0a:3e:a0:
36:c5:9f:35:f5:f1:fb:48:bf:dd:a9:19:2d:8d:53:8e:b5:90:
47:76:c4:af:bc:86:ae:d1:b6:05:55:70:dd:77:c9:85:52:1e:
88:44:bc:83:dc:4e:6d:49:f3:fd:11:45:c6:b1:b4:1f:8f:72:
2f:fb:80:cf:60:c1:b5:ab:4b:3a:ca:8d:74:bd:2f:3e:21:e6:
76:99:0d:a1:1b:42:5a:12:1f:e6:60:3b:84:1c:90:6e:bc:a0:
5c:21:f0:cc:8c:29:8c:52:51:e2:b5:84:1b:04:3e:a7:39:07:
a9:04:4a:c7:36:cb:9a:ae:49:4c:49:73:44:01:6c:9c:b5:4d:
ee:10:54:4d:73:35:52:cb:1f:b8:3a:11:52:97:2e:f7:ec:29:
ca:0d:3a:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjSmdl4xAKLShfan7jBcG0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE5MDc0MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2NhMmE4MzIyOThiMDRiZGM3ZmQ5MTE4NzllY2M5MGJiYjgzYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZktUeuKKyXCeCdctVu7EH10iy74
4KIsgOhxNlHSeRhN3ZAci42U/wyc1tps/euTLXop9+mbinvEefs4bAyquvxVifKc
BOAGvoHat+34RvB553L+VLQL+wmoRmIvBjP0PAzEq3fEgyej+j9KUyW2koHLKhdM
gQ6IbtTX972IawYCU5kpJMsVsQ/Yp4fnBID2IEGI3G75UHGTKmRzSCeEUiQIj2i7
Rzsht07DHqeICn2lEWAyYMw3reMV/J1LdEjufJrTb01Ir6EclMf43hl07BDCn9ex
m58HTCYSAXTcgNC94euW5Nw0qROrExYmr7DBW52F09JKbQYjgJwEivL4OQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNPKKoMimLBL3H/ZEYeezJC7uDtKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMDhvcWd5S1lzRXZjZjlrUmg1N01rTHU0TzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV6rAwQA
LYq3AwQBTVMmAwQBVdF4AwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQCVsubaXdlp
nChkA0qziTsdGY3zfvbxdAGHBFXcdfTM26jejQjATzXaewwbloatWgx8iqiZ3iV+
Ssge6BKgVcp2ns14WiYiEswgD5khSb+nNcMn0s1e5ZO0EN90UuaUh4bBhBk4zYp0
5doKPqA2xZ819fH7SL/dqRktjVOOtZBHdsSvvIau0bYFVXDdd8mFUh6IRLyD3E5t
SfP9EUXGsbQfj3Iv+4DPYMG1q0s6yo10vS8+IeZ2mQ2hG0JaEh/mYDuEHJBuvKBc
IfDMjCmMUlHitYQbBD6nOQepBErHNsuarklMSXNEAWyctU3uEFRNczVSyx+4OhFS
ly737CnKDTqv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org