Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YwnzeoJcEJu_7SKQDC7HcbZGvh4.roa
File: YwnzeoJcEJu_7SKQDC7HcbZGvh4.roa (raw, json)
Hash identifier: WmJ7gnN77VauDcaZ1ry7A+T/Q9Bri+zU/LplkQvodjY=
Subject key identifier: 63:09:F3:7A:82:5C:10:9B:BF:ED:22:90:0C:2E:C7:71:B6:46:BE:1E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CFC5642AD648DEC258545C7FA3255C5A9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YwnzeoJcEJu_7SKQDC7HcbZGvh4.roa
Signing time: Fri 12 Jan 2024 06:22:40 +0000
ROA not before: Fri 12 Jan 2024 06:22:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 11:35:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:56:42:ad:64:8d:ec:25:85:45:c7:fa:32:55:c5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 12 06:22:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6309f37a825c109bbfed22900c2ec771b646be1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c2:16:c4:99:b8:fe:aa:27:6e:82:8b:d3:ba:
4d:9e:ff:bd:65:33:85:4c:b9:92:80:1f:5f:38:32:
63:6a:97:f5:ef:9a:13:ea:bd:95:b9:d3:c1:f0:f2:
30:03:df:28:d2:65:41:93:7a:4a:ee:40:d7:15:3a:
34:ac:3d:84:aa:62:31:c1:9c:a5:2a:72:73:1c:2a:
27:b0:e5:d2:c6:7d:b2:05:95:fe:cc:ab:e2:bc:de:
48:dc:e7:29:c2:67:e0:bc:eb:3e:d9:d0:6d:a6:e7:
59:02:ff:c9:ce:64:11:ec:86:f0:fa:2e:44:c0:a9:
77:45:17:b5:c1:29:a8:4a:5e:b6:ca:82:d3:b2:17:
f1:a0:33:69:4a:e0:32:ab:c2:3a:d6:18:a5:cd:a6:
85:39:3b:f4:c2:ac:9f:f3:b7:af:a1:83:6a:68:98:
e4:48:b4:ba:cc:17:f7:35:86:fc:f8:1b:e0:af:f1:
10:71:88:d4:9a:95:59:46:2c:71:6d:e2:95:c9:62:
1d:ab:9e:11:ce:7d:26:da:64:c1:57:c7:b8:8e:0a:
e1:38:bc:43:5b:32:d5:9a:47:6a:45:15:95:24:ce:
44:da:08:10:e5:69:f3:26:b5:d2:5d:b5:2b:e2:c1:
de:0c:29:aa:d5:ba:09:fd:7c:52:c7:be:5c:60:69:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:09:F3:7A:82:5C:10:9B:BF:ED:22:90:0C:2E:C7:71:B6:46:BE:1E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/YwnzeoJcEJu_7SKQDC7HcbZGvh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.112.0/24
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d1:14:60:7d:49:29:11:03:a3:67:3f:09:80:1d:bc:3f:f6:
b9:a5:68:09:10:71:9f:92:90:df:8f:cf:c8:3e:1c:18:60:7b:
b2:a5:c1:ae:1a:62:f7:f9:f8:62:dc:55:dd:98:07:24:62:90:
fe:5a:eb:9f:0f:d2:63:1d:0f:2e:6a:66:23:87:25:64:d0:32:
a9:f1:10:dc:20:29:8d:78:f5:98:38:1a:b1:dc:5f:2e:23:4f:
5d:27:40:85:39:ba:52:4c:8f:c2:d6:1b:01:6c:ff:65:7e:0d:
e3:a9:b1:9a:83:89:1e:a7:1f:11:02:75:dc:85:d3:87:ab:05:
4c:6c:cc:4a:5b:da:2f:56:e1:df:14:38:5c:05:55:8a:7e:56:
a3:8c:cc:2e:24:a9:c3:8e:eb:50:dd:da:a0:68:6f:db:d3:d4:
0f:44:2f:cb:75:9d:34:1e:a8:a7:21:6b:ba:1f:be:7f:dd:71:
2d:66:f2:29:7f:a3:c2:1c:28:85:7b:9c:c3:d0:37:c6:97:47:
e5:8e:31:02:c0:ac:b9:2b:0b:75:a5:38:a6:61:31:0a:c6:1f:
c0:ea:a2:72:b3:56:92:c0:0c:70:08:a3:d4:ad:b1:b4:59:8e:
a5:13:d6:22:7c:8f:e3:03:c1:17:01:49:86:7b:29:ba:03:64:
58:26:d7:10
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYz8VkKtZI3sJYVFx/oyVcWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTEyMDYyMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA5ZjM3YTgyNWMxMDliYmZlZDIyOTAwYzJlYzc3MWI2NDZiZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38IWxJm4/qonboKL07pNnv+9ZTOF
TLmSgB9fODJjapf175oT6r2VudPB8PIwA98o0mVBk3pK7kDXFTo0rD2EqmIxwZyl
KnJzHConsOXSxn2yBZX+zKvivN5I3OcpwmfgvOs+2dBtpudZAv/JzmQR7Ibw+i5E
wKl3RRe1wSmoSl62yoLTshfxoDNpSuAyq8I61hilzaaFOTv0wqyf87evoYNqaJjk
SLS6zBf3NYb8+Bvgr/EQcYjUmpVZRixxbeKVyWIdq54Rzn0m2mTBV8e4jgrhOLxD
WzLVmkdqRRWVJM5E2ggQ5WnzJrXSXbUr4sHeDCmq1boJ/XxSx75cYGm1wQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGMJ83qCXBCbv+0ikAwux3G2Rr4eMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWXduemVvSmNFSnVfN1NLUURDN0hjYlpHdmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVFwAwQA
LViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQBL0RRgfUkpEQOjZz8JgB28P/a5pWgJEHGfkpDfj8/IPhwYYHuy
pcGuGmL3+fhi3FXdmAckYpD+WuufD9JjHQ8uamYjhyVk0DKp8RDcICmNePWYOBqx
3F8uI09dJ0CFObpSTI/C1hsBbP9lfg3jqbGag4kepx8RAnXchdOHqwVMbMxKW9ov
VuHfFDhcBVWKflajjMwuJKnDjutQ3dqgaG/b09QPRC/LdZ00HqinIWu6H75/3XEt
ZvIpf6PCHCiFe5zD0DfGl0fljjECwKy5Kwt1pTimYTEKxh/A6qJys1aSwAxwCKPU
rbG0WY6lE9YifI/jA8EXAUmGeym6A2RYJtcQ
-----END CERTIFICATE-----
Generated at Fri Jan 12 17:10:08 2024 by rpki-client on console-fra.rpki-client.org