Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7o7deJpwFfUrn5zsoHwu57X8AYQ.roa
File: 7o7deJpwFfUrn5zsoHwu57X8AYQ.roa (raw, json)
Hash identifier: LkTPtwUk0wJ0WTM1hSs60ifIabO9AuGalZXQX8XTZe4=
Subject key identifier: EE:8E:DD:78:9A:70:15:F5:2B:9F:9C:EC:A0:7C:2E:E7:B5:FC:01:84
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AFACAA0DE351837B316B80D5A5CF1D9D4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7o7deJpwFfUrn5zsoHwu57X8AYQ.roa
Signing time: Wed 04 Oct 2023 13:04:57 +0000
ROA not before: Wed 04 Oct 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:ca:a0:de:35:18:37:b3:16:b8:0d:5a:5c:f1:d9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 4 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee8edd789a7015f52b9f9ceca07c2ee7b5fc0184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5e:26:92:0c:38:d5:c8:36:bc:ca:7d:57:a4:
f5:bb:ec:e9:fb:60:b2:98:1f:25:3a:d1:aa:28:25:
a1:e4:c7:b6:c8:ed:bb:24:75:a7:6f:e7:50:11:c9:
4c:a2:f9:a3:1c:cb:8d:38:cd:58:b2:ec:e5:e2:5b:
b2:d3:08:f9:b8:59:2c:ed:8a:79:ae:8c:1b:df:d6:
da:c9:5a:4d:a4:e0:ae:22:fd:1c:2e:45:a1:4c:3f:
94:04:cb:ca:81:de:7f:df:1d:16:9f:aa:43:83:4e:
0f:4b:e7:8d:d7:8f:56:94:53:95:2e:b1:3f:08:4c:
05:ad:81:91:02:0f:bd:62:01:99:cb:8c:93:54:1e:
e0:e9:5f:73:c4:21:c9:8f:9e:03:51:a2:e9:4c:33:
36:4e:74:b7:2a:3f:4e:f9:69:87:51:2c:64:0d:e8:
bb:59:c8:53:9d:df:b3:e4:d7:92:ae:4f:90:dc:3c:
94:a1:bf:00:dc:88:b1:0a:d2:59:8b:59:d0:d7:de:
ff:da:17:0b:66:8c:3f:59:2b:14:ad:e2:df:e1:01:
86:df:02:78:d2:0c:1c:1c:a8:78:d3:36:ab:8c:29:
68:31:1b:ef:90:81:40:fe:30:33:be:67:0f:66:3c:
48:21:3b:e8:c0:48:13:fe:f8:94:07:00:34:f3:d6:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8E:DD:78:9A:70:15:F5:2B:9F:9C:EC:A0:7C:2E:E7:B5:FC:01:84
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7o7deJpwFfUrn5zsoHwu57X8AYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.81.112.0/24
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ef:05:64:86:4c:3a:69:24:f7:33:71:3f:3e:8f:64:2a:d4:
d2:28:75:d3:84:07:dd:1d:39:e3:c1:07:3c:3d:61:ee:f1:87:
b7:0d:6c:f2:95:f0:0e:69:67:49:35:c9:43:1d:15:38:c4:fc:
6c:2a:16:ff:22:0d:58:f7:8a:67:61:60:6e:4a:9c:d5:e2:69:
71:99:6c:8b:ac:dd:e6:d8:e3:51:66:89:86:ec:57:49:e8:e5:
f6:cf:eb:cd:5a:af:f8:75:0a:05:7c:d5:2a:bc:44:ae:8f:16:
28:11:a4:f6:34:98:9f:8b:dd:a0:27:c2:cc:9f:e1:9b:31:fc:
da:82:a0:da:32:97:f6:8e:e6:3e:43:f2:94:a7:29:e4:16:51:
38:9e:f4:96:a5:40:8a:44:6b:74:cf:f8:64:c9:72:fe:91:cb:
1b:4d:b7:43:6e:f7:57:7f:77:ef:10:54:a4:1d:79:55:00:ec:
e1:7d:c6:90:88:28:4c:80:ed:d7:5e:a0:60:06:eb:52:ad:c9:
51:e8:a1:ff:2e:8c:ab:dc:60:b9:88:39:93:53:2c:1e:cb:c4:
8d:e5:00:5a:75:76:d9:da:84:de:b2:39:82:2d:1a:ba:ea:0c:
c1:00:f7:4a:0c:d5:2d:6e:43:c2:db:aa:22:dd:79:72:b3:93:
5f:6e:86:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr6yqDeNRg3sxa4DVpc8dnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA0MTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThlZGQ3ODlhNzAxNWY1MmI5ZjljZWNhMDdjMmVlN2I1ZmMwMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg14mkgw41cg2vMp9V6T1u+zp+2Cy
mB8lOtGqKCWh5Me2yO27JHWnb+dQEclMovmjHMuNOM1Ysuzl4luy0wj5uFks7Yp5
rowb39bayVpNpOCuIv0cLkWhTD+UBMvKgd5/3x0Wn6pDg04PS+eN149WlFOVLrE/
CEwFrYGRAg+9YgGZy4yTVB7g6V9zxCHJj54DUaLpTDM2TnS3Kj9O+WmHUSxkDei7
WchTnd+z5NeSrk+Q3DyUob8A3IixCtJZi1nQ197/2hcLZow/WSsUreLf4QGG3wJ4
0gwcHKh40zarjCloMRvvkIFA/jAzvmcPZjxIITvowEgT/viUBwA089au1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO6O3XiacBX1K5+c7KB8Lue1/AGEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvN283ZGVKcHdGZlVybjV6c29Id3U1N1g4QVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQkeAwQA
LVFwAwQALViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQB47wVkhkw6aST3M3E/
Po9kKtTSKHXThAfdHTnjwQc8PWHu8Ye3DWzylfAOaWdJNclDHRU4xPxsKhb/Ig1Y
94pnYWBuSpzV4mlxmWyLrN3m2ONRZomG7FdJ6OX2z+vNWq/4dQoFfNUqvESujxYo
EaT2NJifi92gJ8LMn+GbMfzagqDaMpf2juY+Q/KUpynkFlE4nvSWpUCKRGt0z/hk
yXL+kcsbTbdDbvdXf3fvEFSkHXlVAOzhfcaQiChMgO3XXqBgButSrclR6KH/Loyr
3GC5iDmTUywey8SN5QBadXbZ2oTesjmCLRq66gzBAPdKDNUtbkPC26oi3Xlys5Nf
boaK
-----END CERTIFICATE-----
Generated at Wed Oct 25 22:43:07 2023 by rpki-client on console-ams.rpki-client.org