Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AeN2bJi51412YGGzgAopcBue2wM.roa
File: AeN2bJi51412YGGzgAopcBue2wM.roa (raw, json)
Hash identifier: 5iarji6ot5K2x+0b0Z7WPGjJHInvqaoAu6kyQ6Vt2k8=
Subject key identifier: 01:E3:76:6C:98:B9:D7:8D:76:60:61:B3:80:0A:29:70:1B:9E:DB:03
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0189F2F483DA5A9C9FE403D812C753C519C9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AeN2bJi51412YGGzgAopcBue2wM.roa
Signing time: Mon 14 Aug 2023 07:30:58 +0000
ROA not before: Mon 14 Aug 2023 07:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 07:28:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:f4:83:da:5a:9c:9f:e4:03:d8:12:c7:53:c5:19:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 14 07:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e3766c98b9d78d766061b3800a29701b9edb03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:c6:7d:a0:ed:c1:3c:ed:b8:ee:42:7e:70:
6a:15:94:2d:6a:5e:df:8e:dc:76:ab:5f:90:df:3a:
a1:ab:0f:97:56:1d:0a:a2:ce:c6:97:2c:db:88:38:
09:a1:31:ab:cd:af:67:b7:47:53:64:09:8a:f9:f6:
bd:b8:a2:29:19:ae:0f:10:35:b7:d0:42:d4:22:bc:
55:34:3d:b3:82:4d:e6:84:00:0b:7c:39:55:70:f6:
dd:29:67:a2:50:76:97:d8:f0:bb:ad:dd:47:a4:da:
90:2e:74:ac:2c:d0:eb:08:c5:ae:a5:86:c8:15:26:
4e:bc:17:dc:62:9f:b1:ce:bf:8c:85:38:8e:fb:96:
f9:eb:9a:4e:b6:32:10:43:83:c4:61:28:86:8d:17:
9c:a3:8f:12:1e:0b:83:d0:42:51:d0:f1:1f:e3:17:
d2:3f:34:5e:1a:37:0e:2c:ea:5a:2f:aa:09:d8:6f:
79:e2:8e:66:6d:2b:a1:4d:6b:50:13:e4:bc:94:a3:
a3:57:40:02:63:0c:61:c2:bd:38:37:69:a4:57:8f:
91:24:d2:4d:2b:fe:68:a1:ce:34:dd:4c:c2:a6:08:
de:25:7a:20:d5:19:27:81:f2:8d:f1:24:09:05:a4:
9a:87:ad:d8:49:6c:2f:dd:82:2a:84:f7:52:4d:4b:
96:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E3:76:6C:98:B9:D7:8D:76:60:61:B3:80:0A:29:70:1B:9E:DB:03
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AeN2bJi51412YGGzgAopcBue2wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
79:0c:d5:99:0e:37:77:2a:a1:44:32:15:d0:da:25:14:a7:3a:
cf:a7:b8:41:83:24:eb:83:40:3a:79:ac:e5:8b:81:ce:97:b5:
39:87:26:07:71:49:8e:f5:86:f7:20:b9:0e:04:26:0e:9d:f0:
cb:1e:81:d2:46:bb:84:1c:2e:9f:fe:33:bd:4c:4f:d1:1e:cf:
99:c4:ad:4c:a9:d4:b5:a4:8b:be:24:5d:fc:ca:d0:99:11:9b:
d2:c8:7c:2a:ee:fe:38:4d:6b:0b:82:5c:f5:98:42:f6:8f:2b:
c1:fa:1b:e1:63:ad:67:6b:72:94:74:1a:e5:f3:d7:0e:ef:e6:
76:9c:e8:64:0f:99:a4:d0:31:fd:26:c4:b8:c9:79:73:31:a1:
a6:a6:32:73:44:3a:47:00:fb:20:1f:9e:b2:0a:3e:70:05:34:
c9:0c:60:04:7d:d2:7d:54:97:bd:23:9e:26:93:9a:bc:8f:a6:
2d:0c:a2:ea:08:4c:61:66:80:09:6c:fe:30:04:86:e3:7b:07:
24:e6:da:39:e1:28:e4:f4:b9:dd:e8:8d:e7:ee:38:99:25:95:
be:81:85:9d:49:21:a5:28:77:62:26:bb:4c:05:39:39:ee:cf:
53:a4:94:b1:ab:65:0e:5a:61:1e:ad:d2:84:12:f0:ab:63:aa:
0f:c2:0b:95
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYny9IPaWpyf5APYEsdTxRnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODE0MDczMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWUzNzY2Yzk4YjlkNzhkNzY2MDYxYjM4MDBhMjk3MDFiOWVkYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0TGfaDtwTztuO5CfnBqFZQtal7f
jtx2q1+Q3zqhqw+XVh0Kos7GlyzbiDgJoTGrza9nt0dTZAmK+fa9uKIpGa4PEDW3
0ELUIrxVND2zgk3mhAALfDlVcPbdKWeiUHaX2PC7rd1HpNqQLnSsLNDrCMWupYbI
FSZOvBfcYp+xzr+MhTiO+5b565pOtjIQQ4PEYSiGjReco48SHguD0EJR0PEf4xfS
PzReGjcOLOpaL6oJ2G954o5mbSuhTWtQE+S8lKOjV0ACYwxhwr04N2mkV4+RJNJN
K/5ooc403UzCpgjeJXog1RkngfKN8SQJBaSah63YSWwv3YIqhPdSTUuWwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAHjdmyYudeNdmBhs4AKKXAbntsDMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQWVOMmJKaTUxNDEyWUdHemdBb3BjQnVlMndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjhtAwQA
LV6rAwQALYq3AwQATVMnAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQB5DNWZDjd3
KqFEMhXQ2iUUpzrPp7hBgyTrg0A6eazli4HOl7U5hyYHcUmO9Yb3ILkOBCYOnfDL
HoHSRruEHC6f/jO9TE/RHs+ZxK1MqdS1pIu+JF38ytCZEZvSyHwq7v44TWsLglz1
mEL2jyvB+hvhY61na3KUdBrl89cO7+Z2nOhkD5mk0DH9JsS4yXlzMaGmpjJzRDpH
APsgH56yCj5wBTTJDGAEfdJ9VJe9I54mk5q8j6YtDKLqCExhZoAJbP4wBIbjewck
5to54Sjk9Lnd6I3n7jiZJZW+gYWdSSGlKHdiJrtMBTk57s9TpJSxq2UOWmEerdKE
EvCrY6oPwguV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org