Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3hILieM5G-Efd5BVdcd7gvSgEvQ.roa
File: 3hILieM5G-Efd5BVdcd7gvSgEvQ.roa (raw, json)
Hash identifier: ++9a/FpYaN6hdwmH9DNdwRkTBlRsivzQZSdzEIEONI4=
Subject key identifier: DE:12:0B:89:E3:39:1B:E1:1F:77:90:55:75:C7:7B:82:F4:A0:12:F4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188BE4EED267D78F7B0ED9EBE93BA0D924F
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3hILieM5G-Efd5BVdcd7gvSgEvQ.roa
Signing time: Thu 15 Jun 2023 09:07:03 +0000
ROA not before: Thu 15 Jun 2023 09:07:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 07:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:be:4e:ed:26:7d:78:f7:b0:ed:9e:be:93:ba:0d:92:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 15 09:07:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de120b89e3391be11f77905575c77b82f4a012f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7c:ee:80:08:3a:f1:4f:ba:7c:9b:0d:3c:49:
16:cb:c8:b7:cd:bc:af:dd:6c:6f:fd:28:9d:7e:4a:
77:a2:7c:ad:37:9b:d7:09:06:54:3c:24:4e:b0:6e:
1b:73:d2:10:40:54:51:35:ba:2c:ed:f2:83:3a:10:
d3:46:f6:45:ae:06:44:11:28:84:9a:50:2b:84:a4:
e6:b1:38:17:77:7c:27:43:0d:f7:5d:a2:e7:a4:d8:
fe:5c:36:07:d4:f3:62:7e:f0:e3:a4:1a:25:f3:3f:
a6:b1:cf:ec:29:90:33:fa:88:f3:08:dc:96:45:c0:
42:e0:19:9d:3c:e8:43:9c:bb:2d:20:c4:df:e0:2c:
8c:49:38:d5:86:1f:c6:a9:24:92:d0:2e:66:03:1c:
31:8f:22:33:80:c2:6c:7e:77:1c:6f:b5:b5:bb:5f:
a3:07:03:8b:0b:b3:35:f1:52:8c:d4:50:a5:ba:9b:
f1:32:94:58:83:c8:dd:d5:37:a1:aa:f3:97:96:88:
25:c3:18:48:eb:a7:c5:e1:f8:62:12:59:b8:a2:1e:
99:ca:9b:dc:ea:5c:dd:c7:a8:58:5c:78:ed:32:72:
4b:f7:85:08:1c:85:d3:74:79:71:a8:83:2c:22:89:
61:19:85:81:26:80:ac:65:72:4e:a8:70:b0:2e:d4:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:0B:89:E3:39:1B:E1:1F:77:90:55:75:C7:7B:82:F4:A0:12:F4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3hILieM5G-Efd5BVdcd7gvSgEvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:1d:da:78:f1:2f:8d:68:e5:68:f0:75:7b:40:15:b6:3b:9d:
b9:05:4a:fd:cc:49:7a:d0:bb:a2:9d:41:b4:bb:47:57:ba:a9:
6a:7a:5f:a1:17:c9:42:4e:af:fd:38:a5:32:4a:fd:8a:76:71:
ea:39:d6:7a:1f:94:85:5b:2e:51:b6:b0:74:d0:57:40:bb:4d:
32:40:a1:5f:da:ee:ae:6e:36:c3:a0:90:ee:75:68:17:ee:82:
eb:23:74:c9:03:37:0b:64:46:09:46:34:b7:21:0e:49:0f:26:
cf:a0:33:55:7d:25:63:94:6c:60:b7:41:ae:cd:62:5b:de:88:
e9:db:d1:0c:0e:ff:57:08:25:9f:a9:c0:8b:c2:1f:a7:1a:27:
b6:f5:f2:e7:02:36:f3:cb:4a:6a:7b:96:25:79:ae:85:87:74:
cc:99:01:4f:3f:df:2e:95:6d:9e:ab:f2:01:70:e2:2f:3d:ef:
ec:d0:2c:e3:a5:fb:c0:b0:2b:fd:76:0f:1c:e1:1c:0b:5f:61:
f5:ce:3d:a1:f8:91:61:ff:b2:3a:70:3a:fe:c4:5d:90:12:52:
cc:30:ab:3e:b1:de:1d:8c:86:7a:24:0b:b7:29:e3:1f:73:52:
0c:f7:2b:b4:49:5f:85:87:c1:63:9d:20:4a:d6:bb:fd:fd:73:
33:3a:f6:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYi+Tu0mfXj3sO2evpO6DZJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE1MDkwNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyMGI4OWUzMzkxYmUxMWY3NzkwNTU3NWM3N2I4MmY0YTAxMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknzugAg68U+6fJsNPEkWy8i3zbyv
3Wxv/Sidfkp3onytN5vXCQZUPCROsG4bc9IQQFRRNbos7fKDOhDTRvZFrgZEESiE
mlArhKTmsTgXd3wnQw33XaLnpNj+XDYH1PNifvDjpBol8z+msc/sKZAz+ojzCNyW
RcBC4BmdPOhDnLstIMTf4CyMSTjVhh/GqSSS0C5mAxwxjyIzgMJsfnccb7W1u1+j
BwOLC7M18VKM1FClupvxMpRYg8jd1TehqvOXloglwxhI66fF4fhiElm4oh6Zypvc
6lzdx6hYXHjtMnJL94UIHIXTdHlxqIMsIolhGYWBJoCsZXJOqHCwLtQPUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN4SC4njORvhH3eQVXXHe4L0oBL0MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvM2hJTGllTTVHLUVmZDVCVmRjZDdndlNnRXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV6rAwQA
LYq3AwQBTVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCsHdp48S+NaOVo8HV7
QBW2O525BUr9zEl60LuinUG0u0dXuqlqel+hF8lCTq/9OKUySv2KdnHqOdZ6H5SF
Wy5RtrB00FdAu00yQKFf2u6ubjbDoJDudWgX7oLrI3TJAzcLZEYJRjS3IQ5JDybP
oDNVfSVjlGxgt0GuzWJb3ojp29EMDv9XCCWfqcCLwh+nGie29fLnAjbzy0pqe5Yl
ea6Fh3TMmQFPP98ulW2eq/IBcOIvPe/s0CzjpfvAsCv9dg8c4RwLX2H1zj2h+JFh
/7I6cDr+xF2QElLMMKs+sd4djIZ6JAu3KeMfc1IM9yu0SV+Fh8FjnSBK1rv9/XMz
Ovaa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org