Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ce-IKFWN5Zu-xKGnqTCZ8um1SoM.roa
File: Ce-IKFWN5Zu-xKGnqTCZ8um1SoM.roa (raw, json)
Hash identifier: BzDrcdxYLzUKBvbW249ZbdhN2NxJZ88/hdMuIaU2KkA=
Subject key identifier: 09:EF:88:28:55:8D:E5:9B:BE:C4:A1:A7:A9:30:99:F2:E9:B5:4A:83
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D1208A9C532FB588188EB12892BC44E9A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ce-IKFWN5Zu-xKGnqTCZ8um1SoM.roa
Signing time: Tue 16 Jan 2024 11:29:34 +0000
ROA not before: Tue 16 Jan 2024 11:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 45.88.139.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 11:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:08:a9:c5:32:fb:58:81:88:eb:12:89:2b:c4:4e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 16 11:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ef8828558de59bbec4a1a7a93099f2e9b54a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:33:25:62:76:27:fb:5c:94:ec:fe:51:74:4a:
a9:ef:2f:68:03:60:5b:c2:68:ce:ba:b9:9e:4d:18:
25:94:3f:c5:fe:df:d0:f4:46:bd:13:dc:2f:fa:11:
0a:e2:6e:40:e4:b7:7b:92:c8:43:68:f6:09:a9:08:
8c:ea:e6:26:b4:b7:ae:00:54:bc:61:fe:ed:c0:ae:
fc:bb:d2:92:48:20:7c:86:bd:5f:db:c2:15:c1:12:
9b:c7:48:ba:c2:84:da:50:9c:d2:b9:75:ba:d5:78:
0b:0a:6f:75:ba:de:6b:74:ee:7d:47:f9:85:33:62:
a1:ab:70:b5:dd:79:52:68:d2:d9:e1:04:2e:0e:3e:
c9:d4:50:c9:d0:76:da:fe:05:db:39:e4:3e:07:1a:
f6:2d:0b:f2:e9:be:49:83:7a:03:ca:37:dc:96:98:
50:d9:b8:de:af:45:63:93:e5:40:f4:8a:65:f0:ce:
6a:33:ee:d8:83:a7:89:31:06:0b:57:c0:81:db:11:
0d:b8:75:cb:c4:ec:fd:7c:f4:e9:bd:aa:0f:7f:3d:
61:28:19:1f:e6:64:08:69:cf:73:35:3a:6a:86:de:
3a:71:a5:dc:0e:19:13:87:e7:c2:88:19:9b:e3:23:
3e:91:e3:45:72:db:6a:c5:82:0b:82:fe:be:52:c4:
47:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EF:88:28:55:8D:E5:9B:BE:C4:A1:A7:A9:30:99:F2:E9:B5:4A:83
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ce-IKFWN5Zu-xKGnqTCZ8um1SoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.94.171.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:6a:f6:09:25:20:47:f0:96:1d:e8:a3:16:69:e0:c2:0e:c2:
2d:9b:94:3d:a6:05:7b:43:a7:25:12:e6:cf:18:94:87:f6:48:
de:e7:c6:dd:ce:b8:5c:3d:51:d0:d2:ff:12:ed:a2:41:61:b9:
df:a8:f6:dd:3e:c5:66:37:c4:20:32:b6:01:fe:17:94:9a:ff:
cf:fc:f2:88:a2:f5:11:a5:f0:21:22:c7:fb:57:22:19:9d:44:
cd:00:9e:4c:1d:fd:ac:2e:12:42:f9:97:10:bf:45:11:b5:f6:
a1:ee:d0:03:60:20:4c:98:67:2e:1a:1d:23:59:28:7f:30:e1:
a9:5e:12:8f:03:79:3d:1e:b9:92:4f:91:c0:89:e0:b0:9b:b9:
62:e4:df:56:5d:42:c8:e5:c2:f3:b7:72:e7:c8:18:71:a2:fc:
8e:d1:cb:a5:7e:ac:46:ce:ff:c6:47:c6:f0:6d:b9:28:7d:7d:
c2:2b:f9:4c:fb:6c:51:b3:dd:1c:5f:2a:61:f2:a1:18:cc:99:
b8:ee:81:f8:1f:7a:2e:ab:96:47:ae:91:dd:04:58:4a:4e:22:
bb:da:ea:df:82:eb:6e:57:83:d0:80:23:7d:72:bd:00:3e:ae:
b4:8a:91:d3:33:c4:f7:fb:3a:70:4a:bc:28:e8:36:4b:be:55:
33:aa:c3:50
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0SCKnFMvtYgYjrEokrxE6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTE2MTEyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVmODgyODU1OGRlNTliYmVjNGExYTdhOTMwOTlmMmU5YjU0YTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijMlYnYn+1yU7P5RdEqp7y9oA2Bb
wmjOurmeTRgllD/F/t/Q9Ea9E9wv+hEK4m5A5Ld7kshDaPYJqQiM6uYmtLeuAFS8
Yf7twK78u9KSSCB8hr1f28IVwRKbx0i6woTaUJzSuXW61XgLCm91ut5rdO59R/mF
M2Khq3C13XlSaNLZ4QQuDj7J1FDJ0Hba/gXbOeQ+Bxr2LQvy6b5Jg3oDyjfclphQ
2bjer0Vjk+VA9Ipl8M5qM+7Yg6eJMQYLV8CB2xENuHXLxOz9fPTpvaoPfz1hKBkf
5mQIac9zNTpqht46caXcDhkTh+fCiBmb4yM+keNFcttqxYILgv6+UsRH+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAnviChVjeWbvsShp6kwmfLptUqDMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQ2UtSUtGV041WnUteEtHbnFUQ1o4dW0xU29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQClavYJJSBH8JYd6KMWaeDCDsItm5Q9pgV7Q6clEubPGJSH9kje58bdzrhc
PVHQ0v8S7aJBYbnfqPbdPsVmN8QgMrYB/heUmv/P/PKIovURpfAhIsf7VyIZnUTN
AJ5MHf2sLhJC+ZcQv0URtfah7tADYCBMmGcuGh0jWSh/MOGpXhKPA3k9HrmST5HA
ieCwm7li5N9WXULI5cLzt3LnyBhxovyO0culfqxGzv/GR8bwbbkofX3CK/lM+2xR
s90cXyph8qEYzJm47oH4H3ouq5ZHrpHdBFhKTiK72urfgutuV4PQgCN9cr0APq60
ipHTM8T3+zpwSrwo6DZLvlUzqsNQ
-----END CERTIFICATE-----
Generated at Fri Jan 26 15:34:21 2024 by rpki-client on console-fra.rpki-client.org