Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1q8dWJ0iyXwrxDgn0S4qpONJh0c.roa
File: 1q8dWJ0iyXwrxDgn0S4qpONJh0c.roa (raw, json)
Hash identifier: 90RDg49Yew7B+TNtnCDkkbUi2QAGIJUok+k5zjrBe2s=
Subject key identifier: D6:AF:1D:58:9D:22:C9:7C:2B:C4:38:27:D1:2E:2A:A4:E3:49:87:47
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AF03A2896227B0F59369F496AD97CE9C0
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1q8dWJ0iyXwrxDgn0S4qpONJh0c.roa
Signing time: Mon 02 Oct 2023 11:50:57 +0000
ROA not before: Mon 02 Oct 2023 11:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:3a:28:96:22:7b:0f:59:36:9f:49:6a:d9:7c:e9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 2 11:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6af1d589d22c97c2bc43827d12e2aa4e3498747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:85:22:03:f9:bf:df:97:91:ce:3d:04:bf:b2:
44:7c:3c:1e:6a:b7:51:0b:0e:3f:8c:46:3e:ee:a4:
16:0a:87:31:d9:80:ec:be:40:26:de:2b:db:2f:37:
4c:0c:91:b6:8b:42:f9:62:0f:08:f2:08:ce:46:e6:
12:22:7a:dc:0b:46:fb:43:eb:d6:17:7e:22:66:c8:
4a:4c:bb:54:9c:e8:48:59:6a:06:03:02:7d:3d:d6:
03:78:5d:a9:98:3e:2a:d7:f7:9d:81:c7:5c:57:f1:
50:33:60:10:e6:9b:ac:89:f5:d3:4e:4a:0d:f1:72:
ba:75:d8:ed:48:96:77:6d:10:e6:95:f1:7e:98:5a:
dc:21:02:d5:70:51:9e:f4:69:ee:c4:dc:71:b2:a3:
d8:c8:d8:5d:3b:04:33:b2:91:0d:64:84:67:0d:2a:
39:d5:8b:06:74:72:9d:8d:d9:bb:84:e1:57:35:0c:
7e:b8:34:aa:f0:6b:e7:57:96:e8:4d:a3:33:9e:f1:
3d:78:83:f2:da:af:d1:89:c5:57:d8:0b:c0:9a:20:
d3:23:6d:aa:d2:4d:23:86:41:c1:53:2f:3d:1f:94:
ef:51:ed:90:6f:0a:09:3a:6a:52:18:82:4f:21:10:
2c:42:dc:f4:09:3c:30:12:4f:60:58:24:65:dd:71:
9a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:AF:1D:58:9D:22:C9:7C:2B:C4:38:27:D1:2E:2A:A4:E3:49:87:47
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1q8dWJ0iyXwrxDgn0S4qpONJh0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0-2.56.110.255
45.94.171.0/24
45.138.183.0/24
45.144.213.0/24
77.83.39.0/24
85.209.120.0/23
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:71:3b:17:64:8c:fd:6c:ae:30:ad:59:de:6d:c5:c9:84:bd:
ed:53:c0:ae:75:f7:62:13:a9:f7:82:e3:36:a6:b5:df:82:06:
bc:9d:d5:f9:3c:7a:95:4b:22:33:51:f8:63:28:dd:0f:d9:02:
25:ab:48:08:10:f7:69:6f:f9:68:68:0f:47:d5:9a:2b:fb:c4:
6a:69:ba:72:33:01:81:2e:17:4d:d2:4d:13:6f:54:12:9c:79:
d5:e8:db:f3:7a:c5:ef:93:ed:45:f7:8a:ef:a8:38:3e:89:62:
c7:2d:02:ea:b2:fe:a5:34:09:0d:c4:d2:6f:11:0c:7e:57:bb:
8b:92:55:aa:b2:b6:2c:89:95:1e:bd:eb:30:4c:54:11:11:f7:
a7:53:a1:af:c8:26:7c:6c:e4:b4:93:5d:df:7a:d2:83:da:d3:
75:ca:02:40:59:c4:bd:c2:65:39:25:cb:ce:1b:16:14:f3:d6:
1f:78:4a:62:3b:a1:96:49:5f:53:93:f3:bd:44:14:24:80:57:
19:eb:66:01:ad:3a:b5:e9:b0:20:91:d1:1c:7e:75:88:98:1e:
e6:5a:09:b3:9a:51:e2:29:b9:ea:55:5f:4f:e5:bd:d1:af:a2:
95:72:93:73:fc:58:3e:80:b0:ea:b9:7b:73:16:90:f5:4d:65:
31:72:68:3b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYrwOiiWInsPWTafSWrZfOnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDAyMTE1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmFmMWQ1ODlkMjJjOTdjMmJjNDM4MjdkMTJlMmFhNGUzNDk4NzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4UiA/m/35eRzj0Ev7JEfDweardR
Cw4/jEY+7qQWCocx2YDsvkAm3ivbLzdMDJG2i0L5Yg8I8gjORuYSInrcC0b7Q+vW
F34iZshKTLtUnOhIWWoGAwJ9PdYDeF2pmD4q1/edgcdcV/FQM2AQ5pusifXTTkoN
8XK6ddjtSJZ3bRDmlfF+mFrcIQLVcFGe9GnuxNxxsqPYyNhdOwQzspENZIRnDSo5
1YsGdHKdjdm7hOFXNQx+uDSq8GvnV5boTaMznvE9eIPy2q/RicVX2AvAmiDTI22q
0k0jhkHBUy89H5TvUe2QbwoJOmpSGIJPIRAsQtz0CTwwEk9gWCRl3XGaQwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNavHVidIsl8K8Q4J9EuKqTjSYdHMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMXE4ZFdKMGl5WHdyeERnbjBTNHFwT05KaDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAACOG0D
BAACOG4DBAAtXqsDBAAtircDBAAtkNUDBABNUycDBAFV0XgDBADDPhgwDQYJKoZI
hvcNAQELBQADggEBALdxOxdkjP1srjCtWd5txcmEve1TwK5192ITqfeC4zamtd+C
Bryd1fk8epVLIjNR+GMo3Q/ZAiWrSAgQ92lv+WhoD0fVmiv7xGppunIzAYEuF03S
TRNvVBKcedXo2/N6xe+T7UX3iu+oOD6JYsctAuqy/qU0CQ3E0m8RDH5Xu4uSVaqy
tiyJlR696zBMVBER96dToa/IJnxs5LSTXd960oPa03XKAkBZxL3CZTkly84bFhTz
1h94SmI7oZZJX1OT871EFCSAVxnrZgGtOrXpsCCR0Rx+dYiYHuZaCbOaUeIpuepV
X0/lvdGvopVyk3P8WD6AsOq5e3MWkPVNZTFyaDs=
-----END CERTIFICATE-----
Generated at Mon Oct 2 17:27:43 2023 by rpki-client on console-fra.rpki-client.org