Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/H7f19eEnQDrrLcFDwgZ3CYv-szM.roa
File: H7f19eEnQDrrLcFDwgZ3CYv-szM.roa (raw, json)
Hash identifier: /T7EgOzmOLMiT0LeD+TO1L6mGjS0gxsSfumBoS6vPEM=
Subject key identifier: 1F:B7:F5:F5:E1:27:40:3A:EB:2D:C1:43:C2:06:77:09:8B:FE:B3:33
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01912D6785305E95A527189F95E0D6EBC935
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/H7f19eEnQDrrLcFDwgZ3CYv-szM.roa
Signing time: Wed 07 Aug 2024 15:14:04 +0000
ROA not before: Wed 07 Aug 2024 15:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 13:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:67:85:30:5e:95:a5:27:18:9f:95:e0:d6:eb:c9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 7 15:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fb7f5f5e127403aeb2dc143c20677098bfeb333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3f:3c:2f:d3:99:2b:62:d2:aa:59:dc:76:f0:
3b:a7:fb:65:56:53:e7:8f:5f:df:3c:1d:a3:fa:86:
c7:ed:d1:72:1d:f2:6d:cc:cc:55:97:30:35:74:6f:
d0:d8:35:74:cb:67:1b:4d:03:f7:56:6c:d8:73:2f:
b6:88:15:e3:b8:b2:c6:0e:74:49:6d:4a:a0:e4:9f:
9b:05:8a:4e:7d:ee:ca:d4:c7:0d:3d:41:07:f6:99:
a3:38:0a:45:c1:a1:30:9f:b8:bf:ac:19:f0:55:7b:
fa:7d:16:cf:da:e4:31:7c:11:c4:dc:0d:ba:39:1e:
25:f7:28:88:54:ad:ea:9c:41:fa:b3:50:59:ce:99:
77:f5:c5:4b:8e:e5:db:a3:64:b2:7f:e5:37:f8:23:
42:f0:3e:dc:d6:92:1d:77:d7:a1:ee:60:8d:af:e4:
d5:06:45:66:49:3c:6b:d9:f7:f8:8f:c3:fa:95:3c:
3a:7b:f0:78:f3:bc:d4:8d:16:37:8d:f0:d7:1d:cb:
88:1d:ed:6c:94:c5:cd:cd:b7:46:bf:74:d4:53:f6:
f9:cd:80:13:db:76:2c:e7:84:bb:af:68:4b:9f:36:
00:1d:26:64:17:1f:2c:ba:7a:56:ac:b1:44:b2:93:
13:ed:24:f5:83:36:a0:d5:59:cd:f5:d8:53:51:fd:
7a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B7:F5:F5:E1:27:40:3A:EB:2D:C1:43:C2:06:77:09:8B:FE:B3:33
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/H7f19eEnQDrrLcFDwgZ3CYv-szM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2c:e1:66:86:52:db:63:88:e2:66:f1:88:17:62:82:90:ff:
67:45:e8:dc:74:da:f1:29:3d:67:8e:88:99:09:3c:cc:b6:4c:
b2:15:0a:1c:1b:c8:52:92:71:e6:f8:a7:2d:73:94:5b:04:b1:
e9:a3:22:ed:f4:65:7d:22:6d:ff:ca:47:f3:bc:cc:03:95:20:
17:23:8f:2c:cf:ff:1a:15:6d:b6:e8:9a:9c:a4:88:bb:3d:1b:
c1:84:1b:2c:79:45:83:8e:61:18:1f:53:eb:b4:67:cc:ed:17:
e4:4a:03:72:db:4f:d6:92:b1:3d:5d:2e:90:ca:f8:f0:bf:94:
69:c7:07:60:8b:21:f2:e1:b2:a6:b7:5d:39:a1:c7:60:1b:f0:
81:4a:36:de:4c:27:7a:dc:15:27:40:e7:a1:d2:db:bd:2a:7c:
f3:f4:6d:45:8f:86:38:f6:64:80:e7:e2:c2:52:18:a0:dd:ee:
53:51:2d:44:6e:b2:d5:66:20:f9:e1:47:37:8e:b1:c8:75:e2:
6b:42:b4:c1:88:3e:50:87:7b:07:05:04:78:d1:78:04:3e:39:
e4:95:ea:1b:11:ce:69:ff:46:47:2f:f1:1b:e3:6a:84:f8:c8:
37:9f:23:37:42:e8:60:98:a1:86:f1:69:d4:b2:5b:f2:79:1c:
e8:75:0e:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZEtZ4UwXpWlJxifleDW68k1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODA3MTUxNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmI3ZjVmNWUxMjc0MDNhZWIyZGMxNDNjMjA2NzcwOThiZmViMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD88L9OZK2LSqlncdvA7p/tlVlPn
j1/fPB2j+obH7dFyHfJtzMxVlzA1dG/Q2DV0y2cbTQP3VmzYcy+2iBXjuLLGDnRJ
bUqg5J+bBYpOfe7K1McNPUEH9pmjOApFwaEwn7i/rBnwVXv6fRbP2uQxfBHE3A26
OR4l9yiIVK3qnEH6s1BZzpl39cVLjuXbo2Syf+U3+CNC8D7c1pIdd9eh7mCNr+TV
BkVmSTxr2ff4j8P6lTw6e/B487zUjRY3jfDXHcuIHe1slMXNzbdGv3TUU/b5zYAT
23Ys54S7r2hLnzYAHSZkFx8sunpWrLFEspMT7ST1gzag1VnN9dhTUf16HQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB+39fXhJ0A66y3BQ8IGdwmL/rMzMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSDdmMTllRW5RRHJyTGNGRHdnWjNDWXYtc3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQAwz4YMA0GCSqGSIb3DQEBCwUAA4IBAQCHLOFmhlLbY4jiZvGIF2KCkP9n
RejcdNrxKT1njoiZCTzMtkyyFQocG8hSknHm+Kctc5RbBLHpoyLt9GV9Im3/ykfz
vMwDlSAXI48sz/8aFW226JqcpIi7PRvBhBsseUWDjmEYH1PrtGfM7RfkSgNy20/W
krE9XS6Qyvjwv5RpxwdgiyHy4bKmt105ocdgG/CBSjbeTCd63BUnQOeh0tu9Knzz
9G1Fj4Y49mSA5+LCUhig3e5TUS1EbrLVZiD54Uc3jrHIdeJrQrTBiD5Qh3sHBQR4
0XgEPjnkleobEc5p/0ZHL/Eb42qE+Mg3nyM3QuhgmKGG8WnUslvyeRzodQ5+
-----END CERTIFICATE-----
Generated at Mon Aug 12 17:33:28 2024 by rpki-client on console-ams.rpki-client.org