Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-epL28qCiHoxgIGp8BImknYjPco.roa
File: 1-epL28qCiHoxgIGp8BImknYjPco.roa (raw, json)
Hash identifier: OHzvzhSzzk/J1x2L9oJ4i4/r7PIYoPh3XIOWJyDWO+4=
Subject key identifier: F9:EA:4B:DB:CA:82:88:7A:31:80:81:A9:F0:12:26:92:76:23:3D:CA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CCA3A2A25F3E8CA09CDBE15D2B8D495DA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-epL28qCiHoxgIGp8BImknYjPco.roa
Signing time: Tue 02 Jan 2024 12:50:58 +0000
ROA not before: Tue 02 Jan 2024 12:50:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 77.83.39.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 15:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:3a:2a:25:f3:e8:ca:09:cd:be:15:d2:b8:d4:95:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 12:50:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ea4bdbca82887a318081a9f012269276233dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:5c:42:59:00:c0:0a:ba:a6:1e:f8:24:08:9f:
a5:4d:9d:96:4c:80:ec:ee:95:be:f2:52:e7:64:01:
63:b8:a8:b6:91:21:5a:84:50:75:e0:82:09:7c:09:
71:61:3b:0f:b8:da:87:82:fd:a6:43:2e:17:09:22:
7c:bc:ff:dc:0c:93:f0:23:04:df:e9:25:3c:d3:e4:
b0:40:0a:56:c7:6f:bc:1f:a8:86:3a:8d:e7:ea:04:
22:95:88:da:80:25:91:0f:cd:c5:7e:b7:22:8a:0c:
5f:c2:76:fc:f7:b3:be:f5:55:a2:71:65:d2:0b:bb:
fe:c5:92:b1:ef:1f:94:ab:56:9b:02:88:50:72:b2:
a7:45:13:2d:ed:be:62:01:07:ab:46:a1:c6:de:7d:
c2:ca:04:be:08:d3:26:84:ba:a1:ac:34:f5:fd:28:
f2:ea:3a:87:57:a0:ac:1c:25:72:2a:ec:fc:13:0d:
e5:2e:94:a8:33:3b:bc:e7:cb:e5:ed:c8:dd:a7:5e:
0b:27:83:f9:02:b3:0c:1d:58:9d:70:25:65:b5:0e:
82:27:bf:e1:87:bc:26:1e:89:0c:13:f3:32:b1:46:
60:1d:5c:bb:68:46:99:79:95:b0:1b:0f:18:c9:e3:
c9:10:69:0d:e5:bf:12:69:a1:73:03:33:bb:10:4a:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EA:4B:DB:CA:82:88:7A:31:80:81:A9:F0:12:26:92:76:23:3D:CA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-epL28qCiHoxgIGp8BImknYjPco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.112.0/24
45.88.138.0/24
45.144.214.0/24
45.151.2.0/24
77.83.39.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
56:09:c8:6a:c6:0c:56:9a:d4:cd:97:bd:8f:58:9c:81:ae:57:
6e:6b:68:5b:8f:73:40:b4:bd:97:bc:92:84:07:4e:a0:c6:56:
25:33:ec:b2:e8:ea:5b:8b:f8:f1:d3:92:ee:36:c0:bd:c1:ca:
78:c9:b4:a9:a5:17:0e:a7:68:35:ae:d1:47:6e:99:35:0a:0f:
ca:7b:24:ef:87:fe:24:95:b3:56:1c:5c:62:db:5c:fa:b0:dc:
07:00:11:cb:dc:fd:10:51:ba:70:20:85:6c:2e:23:a1:8e:b3:
aa:d2:2d:be:81:c5:49:49:55:e1:b6:bb:5e:d7:d7:ff:46:21:
cf:f6:af:86:15:40:78:ee:70:b9:78:ad:89:72:6e:7d:b0:4c:
be:9d:5c:77:aa:1c:d0:8e:e9:46:34:ba:f5:67:86:30:43:e8:
92:fb:9d:0b:8a:fd:52:51:ab:93:82:2e:71:6c:2e:ce:54:3a:
b0:2f:fc:d9:ee:13:56:59:5a:a8:3f:33:6c:2e:49:1b:c6:30:
c6:96:a5:0a:78:d1:3e:86:fd:71:ff:ce:f2:24:ec:56:88:dd:
12:e8:93:16:00:f9:04:05:c8:80:71:9d:84:8b:07:37:7d:c6:
a2:45:e9:61:f5:58:dc:13:5c:cc:47:ec:4d:21:07:cd:67:0b:
0a:3d:94:cc
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzKOiol8+jKCc2+FdK41JXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMTI1MDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWVhNGJkYmNhODI4ODdhMzE4MDgxYTlmMDEyMjY5Mjc2MjMzZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+1xCWQDACrqmHvgkCJ+lTZ2WTIDs
7pW+8lLnZAFjuKi2kSFahFB14IIJfAlxYTsPuNqHgv2mQy4XCSJ8vP/cDJPwIwTf
6SU80+SwQApWx2+8H6iGOo3n6gQilYjagCWRD83Ffrciigxfwnb897O+9VWicWXS
C7v+xZKx7x+Uq1abAohQcrKnRRMt7b5iAQerRqHG3n3CygS+CNMmhLqhrDT1/Sjy
6jqHV6CsHCVyKuz8Ew3lLpSoMzu858vl7cjdp14LJ4P5ArMMHVidcCVltQ6CJ7/h
h7wmHokME/MysUZgHVy7aEaZeZWwGw8YyePJEGkN5b8SaaFzAzO7EEoBhwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPnqS9vKgoh6MYCBqfASJpJ2Iz3KMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMS1lcEwyOHFDaUhveGdJR3A4Qklta25ZalBjby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2
MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAC1RcAME
AC1YigMEAC2Q1gMEAC2XAgMEAE1TJwMEAMIPNDANBgkqhkiG9w0BAQsFAAOCAQEA
VgnIasYMVprUzZe9j1icga5XbmtoW49zQLS9l7yShAdOoMZWJTPssujqW4v48dOS
7jbAvcHKeMm0qaUXDqdoNa7RR26ZNQoPynsk74f+JJWzVhxcYttc+rDcBwARy9z9
EFG6cCCFbC4joY6zqtItvoHFSUlV4ba7XtfX/0Yhz/avhhVAeO5wuXitiXJufbBM
vp1cd6oc0I7pRjS69WeGMEPokvudC4r9UlGrk4IucWwuzlQ6sC/82e4TVllaqD8z
bC5JG8YwxpalCnjRPob9cf/O8iTsVojdEuiTFgD5BAXIgHGdhIsHN33GokXpYfVY
3BNczEfsTSEHzWcLCj2UzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org