Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z-CtjS0tRHfy9qvLPLzvfIDXVX4.roa
File: Z-CtjS0tRHfy9qvLPLzvfIDXVX4.roa (raw, json)
Hash identifier: ta0+9QfLkvpBxQq0U3jXauIi/RFSmyrJW9uPHfL2LQg=
Subject key identifier: 67:E0:AD:8D:2D:2D:44:77:F2:F6:AB:CB:3C:BC:EF:7C:80:D7:55:7E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B68E0AC4F8342D0A1DBBDBD6C5AD8B40B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z-CtjS0tRHfy9qvLPLzvfIDXVX4.roa
Signing time: Wed 25 Oct 2023 22:07:16 +0000
ROA not before: Wed 25 Oct 2023 22:07:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:68:e0:ac:4f:83:42:d0:a1:db:bd:bd:6c:5a:d8:b4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 25 22:07:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67e0ad8d2d2d4477f2f6abcb3cbcef7c80d7557e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:6f:7b:5c:34:d1:a9:4d:14:70:86:dc:ae:
20:a9:01:01:70:a7:6b:6b:5d:fb:8e:01:6d:33:6f:
00:db:d5:e4:ff:5c:a1:7c:51:01:9a:b2:a1:6f:22:
e2:22:11:c8:c2:c2:16:d4:d8:5a:b0:a6:de:01:ef:
87:ae:36:40:6c:2b:73:f5:08:82:0f:69:93:45:9a:
04:4b:f9:d8:2a:88:7a:f0:89:59:3e:ec:77:04:c8:
f8:60:58:0a:66:59:ab:b0:2d:c5:97:68:2e:b9:27:
7f:cb:8e:15:20:fe:03:62:57:e2:5e:4e:cf:ef:2e:
9d:11:78:7c:4c:3f:14:0d:6c:39:e6:c6:b3:59:03:
eb:b3:a1:98:02:a4:89:ef:cc:2c:c1:1f:ba:2a:60:
e2:9e:cf:d4:7d:0d:40:5c:3f:f4:2b:11:3e:a7:e2:
b8:1e:f2:e4:54:85:47:ec:d2:4d:da:c7:a1:d3:a8:
c9:ab:49:37:dc:b2:81:32:16:72:14:76:f2:42:de:
ef:94:8d:aa:d1:15:66:59:d8:1d:7d:c0:29:96:a5:
8c:a3:61:21:11:e1:b1:c7:b7:02:91:2d:ce:af:dc:
aa:b6:d0:9c:21:8a:e0:4b:26:67:c6:d4:3f:89:47:
d1:7d:1c:7a:c5:c7:4e:f3:f2:5e:25:d4:6c:8f:37:
3a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E0:AD:8D:2D:2D:44:77:F2:F6:AB:CB:3C:BC:EF:7C:80:D7:55:7E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z-CtjS0tRHfy9qvLPLzvfIDXVX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:bb:2e:ff:16:7b:95:d5:79:4d:b5:f5:3e:00:c0:bc:10:ea:
7a:35:f6:35:c1:2d:55:db:5c:90:44:9e:e1:86:be:7a:03:9f:
c9:89:e5:2b:a9:e7:d3:a1:14:0e:2e:49:85:cb:e7:cd:45:8e:
78:ed:a3:60:ba:85:7a:6a:33:1e:2a:5c:aa:72:ec:a6:29:a7:
be:a0:84:35:e1:9e:fc:4f:37:55:26:37:28:3b:ba:6a:78:6e:
63:7c:2e:76:34:d2:34:4f:4a:5f:a2:c8:59:35:bd:35:27:50:
b5:55:5c:ab:ca:33:0f:36:f2:24:16:e5:8a:45:8c:f8:e7:bd:
6b:c9:af:1a:fc:df:92:51:f9:79:f7:d5:85:af:15:c8:b2:dd:
b7:b2:7c:0d:27:c7:4f:6c:11:e0:a5:60:ac:73:80:46:06:62:
f9:96:00:38:e9:58:59:c1:18:25:62:9a:7c:e1:02:c6:73:cd:
35:c0:41:f7:ed:ae:b0:14:85:88:2e:6e:f2:6c:31:ef:55:19:
50:5e:17:1e:a4:81:ea:2c:15:c5:f4:80:90:6f:66:b3:88:5d:
9b:94:2e:b9:af:b2:4c:d1:fb:7b:2a:aa:5b:cd:ea:43:30:f1:
a2:fb:27:48:6a:69:1b:97:8c:2d:91:11:1e:1d:9c:e9:71:b9:
f2:04:d6:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYto4KxPg0LQodu9vWxa2LQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDI1MjIwNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2UwYWQ4ZDJkMmQ0NDc3ZjJmNmFiY2IzY2JjZWY3YzgwZDc1NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOhve1w00alNFHCG3K4gqQEBcKdr
a137jgFtM28A29Xk/1yhfFEBmrKhbyLiIhHIwsIW1NhasKbeAe+HrjZAbCtz9QiC
D2mTRZoES/nYKoh68IlZPux3BMj4YFgKZlmrsC3Fl2guuSd/y44VIP4DYlfiXk7P
7y6dEXh8TD8UDWw55sazWQPrs6GYAqSJ78wswR+6KmDins/UfQ1AXD/0KxE+p+K4
HvLkVIVH7NJN2seh06jJq0k33LKBMhZyFHbyQt7vlI2q0RVmWdgdfcAplqWMo2Eh
EeGxx7cCkS3Or9yqttCcIYrgSyZnxtQ/iUfRfRx6xcdO8/JeJdRsjzc6yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGfgrY0tLUR38varyzy873yA11V+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWi1DdGpTMHRSSGZ5OXF2TFBMenZmSURYVlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQCOuy7/FnuV1XlNtfU+AMC8EOp6
NfY1wS1V21yQRJ7hhr56A5/JieUrqefToRQOLkmFy+fNRY547aNguoV6ajMeKlyq
cuymKae+oIQ14Z78TzdVJjcoO7pqeG5jfC52NNI0T0pfoshZNb01J1C1VVyryjMP
NvIkFuWKRYz4571rya8a/N+SUfl599WFrxXIst23snwNJ8dPbBHgpWCsc4BGBmL5
lgA46VhZwRglYpp84QLGc801wEH37a6wFIWILm7ybDHvVRlQXhcepIHqLBXF9ICQ
b2aziF2blC65r7JM0ft7KqpbzepDMPGi+ydIamkbl4wtkREeHZzpcbnyBNZC
-----END CERTIFICATE-----
Generated at Mon Oct 30 18:43:28 2023 by rpki-client on console-ams.rpki-client.org