Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2IHT9uRF5qHCGrpFtgypn3ehuCA.roa
File: 2IHT9uRF5qHCGrpFtgypn3ehuCA.roa (raw, json)
Hash identifier: snFvXq3bsQLCIVvsF32r3Hm8iERtrtRNmejX0bqY/Xg=
Subject key identifier: D8:81:D3:F6:E4:45:E6:A1:C2:1A:BA:45:B6:0C:A9:9F:77:A1:B8:20
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F4BA6E7CBE1CACEA49D9349E98CA2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2IHT9uRF5qHCGrpFtgypn3ehuCA.roa
Signing time: Tue 02 Jan 2024 04:29:46 +0000
ROA not before: Tue 02 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212669
IP address blocks: 85.209.121.0/24 maxlen: 24
45.151.0.0/24 maxlen: 24
45.138.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:55:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4b:a6:e7:cb:e1:ca:ce:a4:9d:93:49:e9:8c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d881d3f6e445e6a1c21aba45b60ca99f77a1b820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:08:6a:4a:96:87:06:82:44:96:29:53:5e:59:
65:a6:9a:9f:7e:82:88:cb:4f:f1:de:2d:35:11:e1:
03:8e:77:0f:c5:50:12:c8:97:04:db:09:13:91:d1:
f0:76:77:ee:69:57:ad:83:17:e3:a9:82:01:85:a2:
30:49:00:81:62:a2:a2:9c:3a:53:4f:57:13:5b:8d:
1f:c7:e0:b2:12:e5:60:1f:08:23:e0:31:5f:65:5d:
e9:e8:3c:cd:55:d7:a0:46:a9:a6:ea:a8:d6:0c:af:
e4:98:c0:58:12:77:4b:98:80:c7:3e:07:46:24:56:
e9:d0:af:61:96:62:f1:62:98:6f:18:e5:45:b6:29:
cd:20:f2:ea:a2:64:b9:b6:bf:1b:c1:f7:1a:af:12:
58:7f:55:23:cf:2d:da:06:5c:c2:f2:4c:63:ca:46:
79:d6:66:d4:13:c3:8f:36:3d:65:53:7d:b5:fb:50:
6e:d1:f8:aa:7d:74:93:1e:f5:81:ca:9f:f0:14:bc:
56:01:fd:40:49:80:57:f5:f1:42:8d:e7:55:c1:ef:
53:a7:07:7a:67:3e:52:a7:16:01:47:56:ab:28:cf:
ef:24:51:32:3e:0e:49:e6:ad:36:17:74:ed:de:3c:
e4:16:b1:27:19:ef:0a:be:c7:13:29:0e:36:a6:62:
e0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:81:D3:F6:E4:45:E6:A1:C2:1A:BA:45:B6:0C:A9:9F:77:A1:B8:20
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/2IHT9uRF5qHCGrpFtgypn3ehuCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.181.0/24
45.151.0.0/24
85.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
50:ea:72:3c:35:5e:b5:5c:27:e8:1a:99:b2:57:ed:46:af:2e:
df:ba:d3:87:42:21:bc:07:d2:19:19:59:c8:fb:fa:10:d7:27:
4a:ae:9e:73:fa:f5:98:7f:30:17:d9:71:b0:9a:09:3b:3e:ac:
ea:6a:25:10:46:91:46:d0:da:ed:ed:c6:0f:a5:c3:2d:f0:9a:
d6:dc:c7:8b:9f:0e:46:29:2a:c4:2d:56:3b:21:88:bb:0a:3b:
15:b2:9d:22:15:c9:fd:3b:0c:8c:db:d4:04:46:a0:40:0f:95:
d6:57:90:fa:6e:7b:42:70:d2:a7:e8:9e:5f:a7:f6:a7:a5:0c:
47:b4:f7:c1:61:b1:a5:9e:1a:50:ff:21:c8:c5:7d:34:20:1c:
78:83:65:9f:96:ab:ea:d6:fa:2e:ec:22:85:9b:de:90:8a:8c:
59:08:d1:f8:6b:0d:0d:56:41:32:f9:3f:1b:3f:8b:08:b0:bf:
9c:7a:90:57:a2:4c:45:12:19:dd:46:dd:cd:63:23:f9:22:b1:
5c:7b:d3:bc:88:39:4c:4f:8c:0c:2f:be:f3:66:85:01:51:6a:
8b:ae:68:0b:13:79:9b:b1:86:9b:50:21:2c:ca:e9:55:08:ad:
99:27:0d:4f:e6:52:ea:20:75:e6:e0:e4:65:56:0d:92:20:9b:
f3:71:89:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb0um58vhys6knZNJ6YyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgxZDNmNmU0NDVlNmExYzIxYWJhNDViNjBjYTk5Zjc3YTFiODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAhqSpaHBoJElilTXlllppqffoKI
y0/x3i01EeEDjncPxVASyJcE2wkTkdHwdnfuaVetgxfjqYIBhaIwSQCBYqKinDpT
T1cTW40fx+CyEuVgHwgj4DFfZV3p6DzNVdegRqmm6qjWDK/kmMBYEndLmIDHPgdG
JFbp0K9hlmLxYphvGOVFtinNIPLqomS5tr8bwfcarxJYf1Ujzy3aBlzC8kxjykZ5
1mbUE8OPNj1lU321+1Bu0fiqfXSTHvWByp/wFLxWAf1ASYBX9fFCjedVwe9Tpwd6
Zz5SpxYBR1arKM/vJFEyPg5J5q02F3Tt3jzkFrEnGe8KvscTKQ42pmLgGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNiB0/bkReahwhq6RbYMqZ93obggMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMklIVDl1UkY1cUhDR3JwRnRneXBuM2VodUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYq1AwQA
LZcAAwQAVdF5MA0GCSqGSIb3DQEBCwUAA4IBAQBQ6nI8NV61XCfoGpmyV+1Gry7f
utOHQiG8B9IZGVnI+/oQ1ydKrp5z+vWYfzAX2XGwmgk7PqzqaiUQRpFG0Nrt7cYP
pcMt8JrW3MeLnw5GKSrELVY7IYi7CjsVsp0iFcn9OwyM29QERqBAD5XWV5D6bntC
cNKn6J5fp/anpQxHtPfBYbGlnhpQ/yHIxX00IBx4g2Wflqvq1vou7CKFm96QioxZ
CNH4aw0NVkEy+T8bP4sIsL+cepBXokxFEhndRt3NYyP5IrFce9O8iDlMT4wML77z
ZoUBUWqLrmgLE3mbsYabUCEsyulVCK2ZJw1P5lLqIHXm4ORlVg2SIJvzcYk2
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:27:18 2024 by rpki-client on console-ams.rpki-client.org