Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O-TnDhGLXN3nqoVDrFELsPa6jH4.roa
File: O-TnDhGLXN3nqoVDrFELsPa6jH4.roa (raw, json)
Hash identifier: atHQkemUIlaaIUqRgY4YoevzQ7mldz7mms2t+a/YI7k=
Subject key identifier: 3B:E4:E7:0E:11:8B:5C:DD:E7:AA:85:43:AC:51:0B:B0:F6:BA:8C:7E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018BD8AB399AA3E335904FF4C94A22677C87
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O-TnDhGLXN3nqoVDrFELsPa6jH4.roa
Signing time: Thu 16 Nov 2023 15:06:21 +0000
ROA not before: Thu 16 Nov 2023 15:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 45.151.2.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:ab:39:9a:a3:e3:35:90:4f:f4:c9:4a:22:67:7c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 16 15:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3be4e70e118b5cdde7aa8543ac510bb0f6ba8c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:77:7c:63:e7:38:3b:5e:70:30:7e:5e:24:8f:
37:7e:70:f1:fc:c6:5e:9e:b1:31:b9:a7:ea:51:0b:
4b:28:aa:0a:89:bf:a0:bc:6e:15:18:66:c6:02:2a:
65:b2:4d:d2:27:96:99:14:e1:2a:b0:54:d2:2c:82:
41:c9:0e:71:f3:b1:7f:85:92:07:df:d7:00:c0:76:
84:cc:86:cb:41:e6:57:5c:09:1e:f7:6d:93:da:4d:
ca:51:d3:cd:e0:24:9f:9a:9f:b9:95:fe:ff:c2:76:
12:3d:4d:dc:07:63:6f:39:ac:04:3c:30:4d:19:e5:
be:e5:39:41:39:5a:15:15:cc:3c:5a:c4:e8:d5:ed:
cc:57:1e:fd:ee:12:91:e2:97:4c:0d:09:cc:63:43:
60:91:8e:5a:41:48:1a:a2:05:ff:8d:3a:7b:20:75:
c5:6f:60:83:27:08:57:8f:29:07:c0:f9:28:b5:8e:
41:5c:03:a3:fa:9a:ab:16:48:ce:25:7f:75:1e:2c:
29:84:40:31:fe:37:8f:ea:aa:ec:d2:ac:90:6d:ae:
8a:d3:83:e1:2e:1b:51:1b:ff:4b:50:2f:93:55:74:
24:dc:6e:74:fb:28:fe:7e:73:a5:14:9f:4a:6a:0d:
4e:5e:91:65:97:0c:20:ee:c4:c1:f7:b8:78:b1:01:
be:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E4:E7:0E:11:8B:5C:DD:E7:AA:85:43:AC:51:0B:B0:F6:BA:8C:7E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/O-TnDhGLXN3nqoVDrFELsPa6jH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.144.214.0/24
45.151.2.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
45:70:92:76:ba:6c:99:9b:6f:e7:7b:9f:a8:02:1a:54:63:2e:
ce:08:4e:6b:02:a4:cb:21:87:59:30:8a:56:46:30:d2:be:a9:
45:3b:63:02:dc:95:a8:80:22:91:0b:48:21:cc:4f:8f:7d:61:
7a:64:30:0b:a7:4a:b4:f7:30:66:fb:67:a3:d1:4e:bc:1b:ee:
83:01:5b:40:81:cd:b0:f3:4c:3d:bf:ec:96:83:13:d0:99:2f:
94:08:23:b9:95:ac:df:77:91:ee:3d:38:51:e8:35:fd:ab:b2:
8b:9c:33:9e:93:c8:75:e4:5f:b9:0a:48:87:ad:7d:c0:74:8b:
bb:d8:7e:f2:2e:2d:ef:ca:6e:f0:fe:07:78:97:e4:88:ce:b5:
ba:e3:51:be:df:fd:db:c4:20:45:1c:1a:24:ac:d4:9a:64:41:
82:ef:d2:6e:15:f9:39:69:f5:af:73:27:5e:d5:16:c6:9a:c9:
d0:5a:aa:e7:47:a8:98:8a:dd:f9:58:eb:13:ec:08:7e:9c:86:
91:98:8e:90:62:01:38:a4:03:a7:e5:1e:81:cf:24:27:5c:06:
5f:37:6f:98:b0:7a:12:20:d1:48:12:5f:0f:fc:8b:a7:b6:b1:
3b:b7:b0:8d:32:2a:1a:c6:30:56:6b:d4:f4:27:e5:ce:05:b0:
9f:c6:fa:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvYqzmao+M1kE/0yUoiZ3yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMTE2MTUwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU0ZTcwZTExOGI1Y2RkZTdhYTg1NDNhYzUxMGJiMGY2YmE4YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3d8Y+c4O15wMH5eJI83fnDx/MZe
nrExuafqUQtLKKoKib+gvG4VGGbGAiplsk3SJ5aZFOEqsFTSLIJByQ5x87F/hZIH
39cAwHaEzIbLQeZXXAke922T2k3KUdPN4CSfmp+5lf7/wnYSPU3cB2NvOawEPDBN
GeW+5TlBOVoVFcw8WsTo1e3MVx797hKR4pdMDQnMY0NgkY5aQUgaogX/jTp7IHXF
b2CDJwhXjykHwPkotY5BXAOj+pqrFkjOJX91HiwphEAx/jeP6qrs0qyQba6K04Ph
LhtRG/9LUC+TVXQk3G50+yj+fnOlFJ9Kag1OXpFllwwg7sTB97h4sQG+6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDvk5w4Ri1zd56qFQ6xRC7D2uox+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTy1UbkRoR0xYTjNucW9WRHJGRUxzUGE2akg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALViKAwQA
LZDWAwQALZcCAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQBFcJJ2umyZm2/ne5+o
AhpUYy7OCE5rAqTLIYdZMIpWRjDSvqlFO2MC3JWogCKRC0ghzE+PfWF6ZDALp0q0
9zBm+2ej0U68G+6DAVtAgc2w80w9v+yWgxPQmS+UCCO5lazfd5HuPThR6DX9q7KL
nDOek8h15F+5CkiHrX3AdIu72H7yLi3vym7w/gd4l+SIzrW641G+3/3bxCBFHBok
rNSaZEGC79JuFfk5afWvcyde1RbGmsnQWqrnR6iYit35WOsT7Ah+nIaRmI6QYgE4
pAOn5R6BzyQnXAZfN2+YsHoSINFIEl8P/IuntrE7t7CNMioaxjBWa9T0J+XOBbCf
xvo/
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:45 2024 by rpki-client on console-fra.rpki-client.org