Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D4wCMcg_vDwQpLDcTtGN9gmSjiM.roa
File: D4wCMcg_vDwQpLDcTtGN9gmSjiM.roa (raw, json)
Hash identifier: 6I6NMMKhCrIZ8j1+64evK/xQtBEtVcLIM1InH2G/Nn4=
Subject key identifier: 0F:8C:02:31:C8:3F:BC:3C:10:A4:B0:DC:4E:D1:8D:F6:09:92:8E:23
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0191B237BCF4D9D1D14036D59893032B5887
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D4wCMcg_vDwQpLDcTtGN9gmSjiM.roa
Signing time: Mon 02 Sep 2024 10:11:22 +0000
ROA not before: Mon 02 Sep 2024 10:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 07:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:37:bc:f4:d9:d1:d1:40:36:d5:98:93:03:2b:58:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 2 10:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f8c0231c83fbc3c10a4b0dc4ed18df609928e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:20:c2:11:3e:85:7b:ea:cb:34:8b:14:57:eb:
bb:26:66:37:0a:d0:c0:ac:c6:29:1d:61:52:b5:98:
02:4a:82:04:c8:d8:a4:2c:b6:00:ef:ef:eb:da:c5:
a6:0c:0c:8a:51:6e:4d:7a:b9:70:49:ae:39:f1:a6:
e2:6a:c2:0f:3a:2c:57:8e:a6:20:7f:10:86:27:66:
c8:1a:5a:2e:eb:f6:3a:dc:26:81:1d:85:66:7a:36:
9e:1b:62:e7:d3:55:bb:ec:2a:1c:21:30:5c:60:5d:
0f:dc:01:df:15:bb:8c:d1:a1:d5:e4:bb:9f:a4:51:
36:f3:a2:48:fb:22:17:6a:f3:87:21:75:b6:af:ff:
2b:c8:e1:2c:63:b5:fc:73:60:51:bf:dc:21:0a:fe:
e7:6e:0e:46:ed:14:b6:16:a0:f4:1c:46:27:cd:06:
07:91:bf:8a:fc:a5:c7:db:50:43:92:7a:34:11:f4:
c3:df:f8:09:e1:74:1c:48:60:c3:a9:84:ad:8f:87:
6c:2b:d6:f6:01:24:c2:bc:6b:36:a3:4a:43:f4:c1:
84:ff:93:b4:ea:d9:2b:16:16:6f:ea:bf:ba:31:ee:
88:99:61:85:16:2b:1a:ea:ae:d2:5f:f0:6f:bc:53:
de:d3:0e:20:aa:8d:6b:ca:d1:f2:de:50:f9:67:f5:
4e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8C:02:31:C8:3F:BC:3C:10:A4:B0:DC:4E:D1:8D:F6:09:92:8E:23
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/D4wCMcg_vDwQpLDcTtGN9gmSjiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:2a:0c:b3:9d:15:b3:f7:35:9f:0f:56:be:05:9e:cd:0a:35:
90:48:51:d6:d5:a5:09:39:9b:c1:85:a5:ff:3a:98:ba:48:11:
6f:b0:47:b0:0f:9b:a6:6b:09:46:7a:94:97:89:16:c0:e1:7d:
46:c7:8d:9d:e3:25:0d:d1:3d:94:e9:57:07:d3:e1:05:ae:0e:
3f:2f:5d:16:5b:b1:5e:95:f4:e7:54:6b:5c:91:3d:b7:66:6b:
9e:52:e2:bb:e1:18:57:82:b8:d1:45:a4:7e:94:32:ac:91:22:
77:a2:7e:f7:26:f3:dd:11:db:8f:25:3c:b0:ac:b0:2b:fc:d2:
24:75:a1:43:60:a1:1e:33:2e:d5:89:8e:55:66:d2:9c:3d:19:
0f:7c:07:0a:d3:99:3b:18:d5:8a:ee:71:aa:9c:ca:91:3a:a6:
fc:a2:06:75:39:4c:62:f0:2b:8f:1c:3f:66:a0:56:16:3a:7e:
4d:8f:31:63:6b:bd:15:40:90:bd:0d:94:4c:ad:bd:1c:2a:78:
73:d9:30:20:9f:0a:8b:72:c3:f1:e2:55:4d:26:8b:6e:e8:5c:
6b:e8:cc:90:55:e9:d6:cf:97:50:3c:b8:f3:f6:fb:80:4c:d2:
94:df:20:72:26:13:2d:47:4d:50:f3:55:66:42:90:56:b4:0f:
d2:3a:39:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGyN7z02dHRQDbVmJMDK1iHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwOTAyMTAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhjMDIzMWM4M2ZiYzNjMTBhNGIwZGM0ZWQxOGRmNjA5OTI4ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCDCET6Fe+rLNIsUV+u7JmY3CtDA
rMYpHWFStZgCSoIEyNikLLYA7+/r2sWmDAyKUW5NerlwSa458abiasIPOixXjqYg
fxCGJ2bIGlou6/Y63CaBHYVmejaeG2Ln01W77CocITBcYF0P3AHfFbuM0aHV5Luf
pFE286JI+yIXavOHIXW2r/8ryOEsY7X8c2BRv9whCv7nbg5G7RS2FqD0HEYnzQYH
kb+K/KXH21BDkno0EfTD3/gJ4XQcSGDDqYStj4dsK9b2ASTCvGs2o0pD9MGE/5O0
6tkrFhZv6r+6Me6ImWGFFisa6q7SX/BvvFPe0w4gqo1rytHy3lD5Z/VOyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA+MAjHIP7w8EKSw3E7RjfYJko4jMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRDR3Q01jZ192RHdRcExEY1R0R045Z21TamlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbVUAwQA
LV6qAwQAW99uAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQCoKgyznRWz9zWfD1a+
BZ7NCjWQSFHW1aUJOZvBhaX/Opi6SBFvsEewD5umawlGepSXiRbA4X1Gx42d4yUN
0T2U6VcH0+EFrg4/L10WW7FelfTnVGtckT23ZmueUuK74RhXgrjRRaR+lDKskSJ3
on73JvPdEduPJTywrLAr/NIkdaFDYKEeMy7ViY5VZtKcPRkPfAcK05k7GNWK7nGq
nMqROqb8ogZ1OUxi8CuPHD9moFYWOn5NjzFja70VQJC9DZRMrb0cKnhz2TAgnwqL
csPx4lVNJotu6Fxr6MyQVenWz5dQPLjz9vuATNKU3yByJhMtR01Q81VmQpBWtA/S
OjlZ
-----END CERTIFICATE-----
Generated at Wed Sep 4 09:07:41 2024 by rpki-client on console-fra.rpki-client.org