Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P-dMwTkHifaXM2IbDKb-b9SQT4o.roa
File: P-dMwTkHifaXM2IbDKb-b9SQT4o.roa (raw, json)
Hash identifier: iFiUlBaVQBNvrkPWVc7FZaHE0eWWzIFkCNql3JDoKj0=
Subject key identifier: 3F:E7:4C:C1:39:07:89:F6:97:33:62:1B:0C:A6:FE:6F:D4:90:4F:8A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01889B6DEA7C56F050F29515A7AD8A2A857E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P-dMwTkHifaXM2IbDKb-b9SQT4o.roa
Signing time: Thu 08 Jun 2023 14:34:11 +0000
ROA not before: Thu 08 Jun 2023 14:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
45.88.136.0/23 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:6d:ea:7c:56:f0:50:f2:95:15:a7:ad:8a:2a:85:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 8 14:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe74cc1390789f69733621b0ca6fe6fd4904f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6b:2d:9b:e7:47:e8:ef:c2:a0:7d:bb:63:8a:
21:54:2b:bb:06:be:ee:79:ec:8a:ee:cf:b0:95:ae:
be:15:29:87:90:35:6e:f8:d9:82:ce:8d:96:e7:7d:
3e:8a:e2:43:8d:a1:6e:ca:bf:b0:92:dd:c2:d7:1b:
43:0e:0f:df:57:f7:ac:d5:9d:1b:af:4e:0c:78:1e:
96:a7:54:54:2a:6b:99:ed:d1:fb:a2:4c:d0:2b:3c:
5d:28:b0:39:1b:dd:59:4b:6a:08:c9:fc:c4:fc:c9:
af:b5:c2:a4:8d:80:81:72:f0:c0:8a:bd:63:a5:75:
f9:66:b0:2d:37:ec:26:75:4f:33:9d:43:e5:d0:38:
06:a1:46:37:78:93:61:a8:09:99:a3:61:97:96:08:
b1:fb:4b:a1:67:44:4c:9a:17:01:d9:14:f6:57:fc:
33:0c:b1:48:b5:0f:35:7f:f5:e0:99:20:d5:e6:be:
37:7d:39:21:04:a7:7c:30:98:40:b2:fd:0b:2c:5a:
b9:4f:e0:64:2e:ea:48:c1:01:48:66:ee:7e:bb:4c:
29:4c:34:bb:64:58:90:ec:55:72:ca:7c:c9:9b:02:
f6:6b:ce:df:41:bb:10:22:38:fd:d4:60:9b:bf:2f:
75:8e:ac:16:98:66:b0:cf:bc:25:ff:18:40:64:11:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:4C:C1:39:07:89:F6:97:33:62:1B:0C:A6:FE:6F:D4:90:4F:8A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/P-dMwTkHifaXM2IbDKb-b9SQT4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.13.189.0-45.13.190.255
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
77.83.39.0/24
85.209.122.0/23
194.242.97.0/24
195.177.92.0/23
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
50:eb:16:17:c2:06:22:49:84:01:87:80:96:59:9a:0a:ce:c7:
22:45:4a:ac:51:c0:4d:5e:50:87:87:66:0a:7c:34:37:b2:da:
81:42:d7:98:02:b5:f8:1c:62:63:b5:1a:b3:82:ad:18:82:10:
68:07:dc:8b:3c:2e:89:3f:d9:4f:b6:9f:97:7a:81:4a:78:36:
bc:79:f0:4c:fe:e2:f4:f9:24:a1:d4:6a:e8:26:3b:25:e1:da:
b9:af:01:43:66:b4:a7:51:c4:70:f7:49:f0:71:54:4f:16:dd:
59:b6:54:26:97:52:3c:d9:a6:37:f8:49:fd:63:77:e4:ce:9a:
ce:d0:ae:77:ac:79:5b:12:11:db:17:ae:e4:9a:c9:a4:c6:65:
c7:e2:d5:9e:26:90:89:ce:63:39:05:4c:93:5e:db:24:d8:ed:
2a:4d:61:c2:96:22:da:27:b7:90:2a:cd:7b:ec:70:54:87:db:
60:ff:23:96:89:4d:79:34:6e:86:98:e9:ba:5e:d4:55:7d:36:
d2:e8:d8:cf:7e:74:7e:b0:ce:5f:e5:e4:af:65:93:97:d2:ae:
55:f0:e9:ae:62:03:99:c6:58:57:a2:94:7e:66:38:9c:e4:83:
1f:ed:5e:e1:ea:4d:1e:7a:b9:fb:0a:4a:7c:a0:cc:10:29:81:
e9:f3:09:86
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYibbep8VvBQ8pUVp62KKoV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjA4MTQzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU3NGNjMTM5MDc4OWY2OTczMzYyMWIwY2E2ZmU2ZmQ0OTA0ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWstm+dH6O/CoH27Y4ohVCu7Br7u
eeyK7s+wla6+FSmHkDVu+NmCzo2W530+iuJDjaFuyr+wkt3C1xtDDg/fV/es1Z0b
r04MeB6Wp1RUKmuZ7dH7okzQKzxdKLA5G91ZS2oIyfzE/MmvtcKkjYCBcvDAir1j
pXX5ZrAtN+wmdU8znUPl0DgGoUY3eJNhqAmZo2GXlgix+0uhZ0RMmhcB2RT2V/wz
DLFItQ81f/XgmSDV5r43fTkhBKd8MJhAsv0LLFq5T+BkLupIwQFIZu5+u0wpTDS7
ZFiQ7FVyynzJmwL2a87fQbsQIjj91GCbvy91jqwWmGawz7wl/xhAZBFQ4wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFD/nTME5B4n2lzNiGwym/m/UkE+KMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUC1kTXdUa0hpZmFYTTJJYkRLYi1iOVNRVDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQBBbVUAwQA
BbVXMAwDBAAtDb0DBAAtDb4DBAItUXADBAEtWIgwDAMEAC2EtQMEAy2EsAMEAC2Q
1AMEAC2XAwMEAE1TJwMEAVXRegMEAMLyYQMEAcOxXAMEAsPTvDANBgkqhkiG9w0B
AQsFAAOCAQEAUOsWF8IGIkmEAYeAllmaCs7HIkVKrFHATV5Qh4dmCnw0N7LagULX
mAK1+BxiY7Uas4KtGIIQaAfcizwuiT/ZT7afl3qBSng2vHnwTP7i9PkkodRq6CY7
JeHaua8BQ2a0p1HEcPdJ8HFUTxbdWbZUJpdSPNmmN/hJ/WN35M6aztCud6x5WxIR
2xeu5JrJpMZlx+LVniaQic5jOQVMk17bJNjtKk1hwpYi2ie3kCrNe+xwVIfbYP8j
lolNeTRuhpjpul7UVX020ujYz350frDOX+Xkr2WTl9KuVfDprmIDmcZYV6KUfmY4
nOSDH+1e4epNHnq5+wpKfKDMECmB6fMJhg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org