Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hCM-tfPGJthvADi3o4Hk1ef2o4.roa
File: 0hCM-tfPGJthvADi3o4Hk1ef2o4.roa (raw, json)
Hash identifier: jdlgDqCYn+bTi/alR97V8HRvVd3fBE1ZKoJ96WiN/Uk=
Subject key identifier: D2:10:8C:FA:D7:CF:18:9B:61:BC:00:E2:DE:8E:07:93:57:9F:DA:8E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E8923772C9E77E48EE3CB16F2C62DC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hCM-tfPGJthvADi3o4Hk1ef2o4.roa
Signing time: Mon 02 Jan 2023 09:55:45 +0000
ROA not before: Mon 02 Jan 2023 09:55:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 193.57.41.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 07:36:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:92:37:72:c9:e7:7e:48:ee:3c:b1:6f:2c:62:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2108cfad7cf189b61bc00e2de8e0793579fda8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b0:26:01:0b:01:72:c5:34:60:f1:fd:ae:29:
70:a1:80:b1:62:f4:2f:5a:8e:dc:1f:c8:89:5e:83:
59:22:f3:e3:d3:50:e1:d0:e0:4f:7b:7f:e4:c1:52:
f3:e1:6e:da:33:b5:09:e4:05:a3:7a:dd:0c:19:8e:
74:d2:89:06:61:ec:7c:6d:ed:5c:0e:d3:9d:a1:67:
d4:b5:4b:fb:f4:db:97:3a:d3:ec:e5:69:48:4d:33:
51:ac:41:8c:3e:32:37:26:45:39:47:5e:50:40:a0:
b2:9f:53:be:91:84:d3:9e:69:b0:79:05:19:cf:8b:
f6:04:95:49:16:a3:e0:63:36:bf:24:8f:db:b8:eb:
20:0c:2d:16:bb:39:4b:88:70:16:85:0b:ac:8c:cc:
7a:89:92:58:ef:bf:32:be:47:e0:ca:a5:fc:b5:37:
dd:57:ae:6b:5d:97:4e:6f:07:1b:a1:b4:18:f4:7a:
46:87:88:52:16:83:9b:45:f4:cb:2f:9d:78:6c:38:
3d:3e:96:1d:5c:1d:95:b5:e7:37:08:e2:55:53:f4:
2c:64:c5:b1:7e:95:32:68:8a:be:5e:3c:53:20:c6:
31:36:8a:8a:25:13:db:b5:be:a7:1d:5a:5d:e8:94:
5f:da:d0:a6:d5:80:54:1e:50:14:a1:f4:08:3c:ac:
95:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:10:8C:FA:D7:CF:18:9B:61:BC:00:E2:DE:8E:07:93:57:9F:DA:8E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/0hCM-tfPGJthvADi3o4Hk1ef2o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
193.57.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:b1:d5:cf:ee:ad:be:21:2d:80:55:67:ca:fb:89:79:ba:7f:
d5:3b:db:b0:05:e0:83:1b:0b:52:90:f3:1f:02:77:8c:a6:4e:
43:f2:7c:a5:73:88:12:53:47:bc:94:38:b3:bd:5f:4b:dc:1c:
cc:2d:8d:c9:79:3e:05:3f:55:6f:64:1f:a3:08:ff:05:87:13:
9b:30:21:62:7f:40:fa:87:38:2a:76:fe:23:c2:1d:a0:89:53:
dc:41:6c:6e:75:c6:ee:b8:e3:75:5f:8e:e8:4c:ed:85:7e:24:
9e:aa:27:4d:cb:68:27:d8:f3:dc:99:25:8c:56:4a:a2:55:50:
71:67:09:5f:d4:ad:31:85:ac:67:11:a6:3a:83:da:93:4a:d3:
dd:4b:f0:d6:a0:ed:2d:d5:5b:d3:ec:5a:a4:a9:3a:f0:a4:59:
4a:8c:6e:ef:1e:68:dc:22:7f:20:28:20:0b:01:44:bc:79:6c:
9d:3b:da:d4:6b:1b:81:8e:40:a2:1f:e7:dc:37:d1:80:1b:4f:
a9:7c:28:73:24:be:e5:60:65:0b:d4:06:1e:02:72:47:19:50:
25:84:d1:b1:a2:e1:d3:dd:e6:23:24:21:55:e8:cb:fe:d3:5a:
c7:ee:74:d9:b8:d9:c8:0f:14:6d:0a:9e:94:9d:a7:12:20:1e:
63:0b:08:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx6JI3csnnfkjuPLFvLGLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjEwOGNmYWQ3Y2YxODliNjFiYzAwZTJkZThlMDc5MzU3OWZkYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7AmAQsBcsU0YPH9rilwoYCxYvQv
Wo7cH8iJXoNZIvPj01Dh0OBPe3/kwVLz4W7aM7UJ5AWjet0MGY500okGYex8be1c
DtOdoWfUtUv79NuXOtPs5WlITTNRrEGMPjI3JkU5R15QQKCyn1O+kYTTnmmweQUZ
z4v2BJVJFqPgYza/JI/buOsgDC0WuzlLiHAWhQusjMx6iZJY778yvkfgyqX8tTfd
V65rXZdObwcbobQY9HpGh4hSFoObRfTLL514bDg9PpYdXB2Vtec3COJVU/QsZMWx
fpUyaIq+XjxTIMYxNoqKJRPbtb6nHVpd6JRf2tCm1YBUHlAUofQIPKyV0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIQjPrXzxibYbwA4t6OB5NXn9qOMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMGhDTS10ZlBHSnRodkFEaTNvNEhrMWVmMm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALViKAwQA
wTkpMA0GCSqGSIb3DQEBCwUAA4IBAQCesdXP7q2+IS2AVWfK+4l5un/VO9uwBeCD
GwtSkPMfAneMpk5D8nylc4gSU0e8lDizvV9L3BzMLY3JeT4FP1VvZB+jCP8FhxOb
MCFif0D6hzgqdv4jwh2giVPcQWxudcbuuON1X47oTO2FfiSeqidNy2gn2PPcmSWM
VkqiVVBxZwlf1K0xhaxnEaY6g9qTStPdS/DWoO0t1VvT7FqkqTrwpFlKjG7vHmjc
In8gKCALAUS8eWydO9rUaxuBjkCiH+fcN9GAG0+pfChzJL7lYGUL1AYeAnJHGVAl
hNGxouHT3eYjJCFV6Mv+01rH7nTZuNnIDxRtCp6UnacSIB5jCwg/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org