Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/L6238bjyyVpm0c1O2j13zi6_xPs.roa
File: L6238bjyyVpm0c1O2j13zi6_xPs.roa (raw, json)
Hash identifier: XpAEWNgmS3B/s1njhdkIv98L44O11wtFb4bFCitvmOA=
Subject key identifier: 2F:AD:B7:F1:B8:F2:C9:5A:66:D1:CD:4E:DA:3D:77:CE:2E:BF:C4:FB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0187675C1C29FDB33ED588C3685B38F6173D
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/L6238bjyyVpm0c1O2j13zi6_xPs.roa
Signing time: Sun 09 Apr 2023 18:51:42 +0000
ROA not before: Sun 09 Apr 2023 18:51:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 15:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:67:5c:1c:29:fd:b3:3e:d5:88:c3:68:5b:38:f6:17:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 9 18:51:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fadb7f1b8f2c95a66d1cd4eda3d77ce2ebfc4fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ae:6e:c0:c5:55:e9:e4:4e:65:1a:d6:a6:cd:
48:0d:20:f8:e0:dd:07:0b:66:83:12:6e:46:32:1a:
a9:a1:e8:62:56:61:3e:60:18:d1:0e:95:45:5e:5d:
5c:f3:d3:59:6e:80:53:64:de:96:0a:2a:d4:c0:8b:
96:c0:26:ac:d6:29:05:64:a8:d4:fb:f9:d3:c8:87:
64:b8:77:37:8b:4b:34:1f:a9:79:b2:e8:a1:cb:50:
47:4c:41:c0:04:6c:bc:4a:24:eb:99:62:8d:c6:f2:
55:82:83:b3:bc:8b:8d:10:c2:22:77:50:1a:79:3e:
ba:e6:cc:6a:bd:ba:15:44:92:f2:03:82:c9:fc:b1:
d5:35:05:92:90:a4:cf:45:00:b3:6d:56:98:1c:39:
b2:e5:d0:6e:a3:a7:33:5c:d3:45:60:fe:77:ae:74:
4e:c1:2d:c5:86:cf:bd:6c:64:ee:ae:41:b1:94:54:
23:42:20:68:ad:8d:dd:de:23:be:db:ac:38:8a:d5:
9c:30:05:c4:a5:a8:86:c7:73:af:b7:17:ea:b1:69:
49:3c:0d:0c:36:cb:df:ba:19:a9:45:4d:5d:af:77:
5f:40:eb:d3:95:22:d8:68:6f:c9:36:b0:db:99:92:
30:0e:1b:9d:0a:b1:dc:69:25:d1:6d:b9:75:42:b5:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AD:B7:F1:B8:F2:C9:5A:66:D1:CD:4E:DA:3D:77:CE:2E:BF:C4:FB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/L6238bjyyVpm0c1O2j13zi6_xPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:1b:85:41:fe:a3:80:45:44:ad:a5:aa:ee:33:af:a4:91:6e:
7b:79:fa:5e:88:83:b3:04:ed:5c:2d:f8:06:2a:b6:88:ff:65:
7a:80:a6:12:4c:fc:75:7c:e5:da:9e:b8:d5:9a:44:95:3a:60:
c4:fd:a2:42:7f:b8:18:30:be:41:a7:21:0c:e4:47:ae:80:8a:
63:a3:2c:0f:bb:bb:67:33:5f:fb:e3:87:16:93:4a:16:e8:d0:
c3:23:14:a6:52:3b:60:f6:e3:f3:d9:d4:a5:c1:e2:cd:0a:30:
87:37:c0:d3:70:7b:f4:be:90:c8:88:ac:32:96:79:2e:84:82:
e0:fb:72:4d:af:63:d8:4a:ac:8a:a6:3f:88:1e:7e:1d:a5:77:
8f:3c:66:26:56:47:e1:2a:e3:de:19:98:fe:58:d4:e0:67:e9:
87:11:a1:2c:88:b1:dc:b0:ce:22:b5:b1:b5:ad:c2:6b:52:a2:
fa:8c:02:95:6b:de:f9:46:54:88:43:5e:d0:29:c9:14:7a:63:
76:c2:64:fd:31:9f:8f:dc:79:5e:bb:d2:8a:a0:56:1e:14:b5:
95:3e:2d:08:1f:2c:36:e8:d2:f2:d2:cd:38:ab:09:8a:36:c2:
3d:8a:9e:ec:06:54:d1:e6:72:8c:46:a0:04:96:58:95:20:71:
8d:d2:e8:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdnXBwp/bM+1YjDaFs49hc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDA5MTg1MTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmFkYjdmMWI4ZjJjOTVhNjZkMWNkNGVkYTNkNzdjZTJlYmZjNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu65uwMVV6eROZRrWps1IDSD44N0H
C2aDEm5GMhqpoehiVmE+YBjRDpVFXl1c89NZboBTZN6WCirUwIuWwCas1ikFZKjU
+/nTyIdkuHc3i0s0H6l5suihy1BHTEHABGy8SiTrmWKNxvJVgoOzvIuNEMIid1Aa
eT665sxqvboVRJLyA4LJ/LHVNQWSkKTPRQCzbVaYHDmy5dBuo6czXNNFYP53rnRO
wS3Fhs+9bGTurkGxlFQjQiBorY3d3iO+26w4itWcMAXEpaiGx3OvtxfqsWlJPA0M
NsvfuhmpRU1dr3dfQOvTlSLYaG/JNrDbmZIwDhudCrHcaSXRbbl1QrUkIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC+tt/G48slaZtHNTto9d84uv8T7MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTDYyMzhianl5VnBtMGMxTzJqMTN6aTZfeFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQCfG4VB/qOARUStparuM6+kkW57
efpeiIOzBO1cLfgGKraI/2V6gKYSTPx1fOXanrjVmkSVOmDE/aJCf7gYML5BpyEM
5EeugIpjoywPu7tnM1/744cWk0oW6NDDIxSmUjtg9uPz2dSlweLNCjCHN8DTcHv0
vpDIiKwylnkuhILg+3JNr2PYSqyKpj+IHn4dpXePPGYmVkfhKuPeGZj+WNTgZ+mH
EaEsiLHcsM4itbG1rcJrUqL6jAKVa975RlSIQ17QKckUemN2wmT9MZ+P3Hleu9KK
oFYeFLWVPi0IHyw26NLy0s04qwmKNsI9ip7sBlTR5nKMRqAElliVIHGN0ugj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org