Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IV7oRQE0_WR4deggyMgQqKZWb9s.roa
File: IV7oRQE0_WR4deggyMgQqKZWb9s.roa (raw, json)
Hash identifier: O4SZYDuWprs5pdN2tPSBUZQ0dE3PVcvIHxRHJNf9MdI=
Subject key identifier: 21:5E:E8:45:01:34:FD:64:78:75:E8:20:C8:C8:10:A8:A6:56:6F:DB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A8A855BE02264D97E7B7D6C31215DBF65
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IV7oRQE0_WR4deggyMgQqKZWb9s.roa
Signing time: Tue 12 Sep 2023 17:51:50 +0000
ROA not before: Tue 12 Sep 2023 17:51:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47757
IP address blocks: 195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Sep 2023 16:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:85:5b:e0:22:64:d9:7e:7b:7d:6c:31:21:5d:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 12 17:51:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=215ee8450134fd647875e820c8c810a8a6566fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:83:4e:86:0b:86:06:7c:f2:e8:a0:d1:a4:16:
01:0b:ba:24:a0:62:54:e2:7b:45:2b:21:6c:66:7c:
d9:20:6f:16:b9:83:52:55:56:2b:cb:87:b4:96:7d:
2d:c7:78:d1:54:bc:a6:ac:b8:ed:05:ee:22:0a:7f:
59:7d:50:a0:c8:43:31:a3:c4:2d:38:4c:5c:13:af:
a1:87:58:f2:1a:12:4a:1b:15:b5:bf:26:ee:78:0f:
3c:67:13:d6:c6:a2:7c:12:64:a6:d6:7e:99:aa:c0:
e1:39:db:b5:0c:d8:69:18:55:88:1a:00:9a:01:24:
40:ee:92:52:84:01:04:e2:b5:40:43:d7:b7:d7:d9:
47:b9:f0:30:06:29:6e:38:32:ae:bf:20:e0:bc:10:
b5:0e:77:22:13:ea:15:17:5f:a4:38:35:6c:85:90:
1c:8f:f7:bc:c1:8b:b5:b3:a5:c8:ef:81:b2:5e:0e:
35:e2:b6:c7:3f:7f:14:f9:2e:81:8a:b2:56:4a:62:
fe:5e:80:03:92:11:48:57:ea:fd:d9:26:49:6c:36:
cc:fb:5b:d8:b6:8a:50:8a:00:6d:3e:38:96:ef:3e:
70:82:42:c0:ae:39:72:ec:96:2d:8b:1d:92:5f:81:
c8:41:ec:3b:dd:e8:c7:36:7d:e8:7a:e1:84:05:3b:
e0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5E:E8:45:01:34:FD:64:78:75:E8:20:C8:C8:10:A8:A6:56:6F:DB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/IV7oRQE0_WR4deggyMgQqKZWb9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.114.0/24
45.88.139.0/24
45.138.180.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
52:69:4c:ec:a5:1e:c2:8c:ed:82:52:5c:95:28:53:95:26:90:
63:22:66:f5:4c:01:90:4b:85:62:72:bb:50:3e:24:26:2d:12:
f8:7a:62:0b:d3:eb:e1:ee:92:2d:88:9a:03:30:01:63:06:c4:
6c:62:ec:73:b7:bf:8a:ab:27:99:4a:cf:aa:5a:61:c0:74:af:
42:87:b2:2a:43:42:31:79:b2:36:bd:13:f1:66:15:01:67:9e:
c4:35:b0:e0:90:50:68:70:26:95:1c:91:3f:16:5f:fe:70:cc:
61:70:5c:bd:43:1b:46:c6:88:72:3c:aa:44:66:d0:8e:39:d6:
7a:46:b8:50:82:94:2e:8e:a0:1c:bc:62:28:26:e6:52:3e:52:
f9:37:6e:3a:3a:90:84:4d:97:7c:78:f7:4d:cd:e0:9b:e0:ff:
b6:8a:75:b9:32:79:bc:d7:1c:1a:da:db:50:a4:be:3a:1c:3e:
23:19:e3:bc:0c:ce:a5:2d:cd:06:fd:98:6a:97:96:14:e7:71:
27:51:b9:79:7c:e5:ab:63:66:4d:43:0a:13:07:be:b1:c3:53:
20:87:0e:f9:ec:ca:02:e6:39:c4:9c:b6:db:fd:69:cf:71:ff:
c4:d0:90:d7:db:a0:d0:be:c4:a0:fe:8b:0b:b4:ad:05:76:28:
a8:fa:7c:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqKhVvgImTZfnt9bDEhXb9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTEyMTc1MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVlZTg0NTAxMzRmZDY0Nzg3NWU4MjBjOGM4MTBhOGE2NTY2ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYNOhguGBnzy6KDRpBYBC7okoGJU
4ntFKyFsZnzZIG8WuYNSVVYry4e0ln0tx3jRVLymrLjtBe4iCn9ZfVCgyEMxo8Qt
OExcE6+hh1jyGhJKGxW1vybueA88ZxPWxqJ8EmSm1n6ZqsDhOdu1DNhpGFWIGgCa
ASRA7pJShAEE4rVAQ9e319lHufAwBiluODKuvyDgvBC1DnciE+oVF1+kODVshZAc
j/e8wYu1s6XI74GyXg414rbHP38U+S6BirJWSmL+XoADkhFIV+r92SZJbDbM+1vY
topQigBtPjiW7z5wgkLArjly7JYtix2SX4HIQew73ejHNn3oeuGEBTvgNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCFe6EUBNP1keHXoIMjIEKimVm/bMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSVY3b1JRRTBfV1I0ZGVnZ3lNZ1FxS1pXYjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVFyAwQA
LViLAwQALYq0AwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQBSaUzspR7CjO2CUlyV
KFOVJpBjImb1TAGQS4VicrtQPiQmLRL4emIL0+vh7pItiJoDMAFjBsRsYuxzt7+K
qyeZSs+qWmHAdK9Ch7IqQ0IxebI2vRPxZhUBZ57ENbDgkFBocCaVHJE/Fl/+cMxh
cFy9QxtGxohyPKpEZtCOOdZ6RrhQgpQujqAcvGIoJuZSPlL5N246OpCETZd8ePdN
zeCb4P+2inW5Mnm81xwa2ttQpL46HD4jGeO8DM6lLc0G/Zhql5YU53EnUbl5fOWr
Y2ZNQwoTB76xw1Mghw757MoC5jnEnLbb/WnPcf/E0JDX26DQvsSg/osLtK0Fdiio
+nwE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org