Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z_5McAmwG5hXaEbdrrMLV2Q1Ol8.roa
File: Z_5McAmwG5hXaEbdrrMLV2Q1Ol8.roa (raw, json)
Hash identifier: oUR4L6kyeoJMFy5Lyua36wx+BlKV2l1oKQtBQZuTQys=
Subject key identifier: 67:FE:4C:70:09:B0:1B:98:57:68:46:DD:AE:B3:0B:57:64:35:3A:5F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A460A25653F744093D44FC993B782B6CC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z_5McAmwG5hXaEbdrrMLV2Q1Ol8.roa
Signing time: Wed 30 Aug 2023 10:43:04 +0000
ROA not before: Wed 30 Aug 2023 10:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:0a:25:65:3f:74:40:93:d4:4f:c9:93:b7:82:b6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 30 10:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67fe4c7009b01b98576846ddaeb30b5764353a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c5:6e:78:1d:1b:30:ba:9c:37:22:a9:c0:88:
32:b7:db:1a:a7:c8:24:86:0d:df:26:15:e8:c7:50:
23:45:3a:de:8a:3b:3a:dd:9c:84:37:7e:8f:78:53:
ef:42:8a:c5:10:b9:55:14:1b:59:75:a4:15:c2:f1:
08:88:82:f7:39:72:8c:78:f0:2c:76:15:56:5c:66:
e4:eb:4f:ce:4e:24:de:61:19:33:ff:c9:72:e1:87:
dd:7c:ce:66:51:68:5b:fc:86:4a:1d:cf:74:f7:e1:
31:58:86:f7:4a:d3:6e:ed:d2:88:b1:ea:aa:75:16:
2a:c2:e2:4e:35:b7:43:a6:50:fb:a4:ac:52:6d:63:
b8:fa:95:fa:c9:99:0d:c6:59:b2:3d:91:b5:3c:37:
3b:ea:17:0d:21:63:a3:1c:3d:21:cb:b2:c5:00:55:
61:59:de:2b:b9:be:dd:4f:68:4c:db:aa:c7:80:59:
27:cc:9a:76:8d:9b:31:6d:28:56:52:9b:9e:24:16:
27:c4:7f:eb:45:5c:3c:b4:41:c2:f5:66:47:8c:56:
a8:f2:46:0b:68:fd:a1:36:b3:db:6f:ac:db:d8:7a:
e4:d4:1c:f6:28:f4:f8:23:b2:0c:d3:29:a5:fd:68:
a7:a6:e7:9a:72:32:c6:5f:fc:5c:76:f7:b0:1d:fc:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FE:4C:70:09:B0:1B:98:57:68:46:DD:AE:B3:0B:57:64:35:3A:5F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Z_5McAmwG5hXaEbdrrMLV2Q1Ol8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ac:0d:4a:b4:ae:c5:b9:9d:9a:04:35:f0:9b:60:c3:ac:91:
41:9e:fe:d7:07:38:13:bb:37:a9:db:97:ed:ff:72:dc:9c:44:
6b:31:26:e2:50:90:50:b7:03:7c:ea:ed:7d:83:d5:90:79:5b:
69:c3:1d:f8:ff:45:29:9e:93:88:74:ac:b2:0e:10:49:6a:17:
aa:8b:24:6e:12:94:02:cf:37:9c:01:f6:f8:ce:4d:9a:ce:36:
0d:f8:48:7b:fb:71:18:1e:03:4f:c5:81:0b:fa:16:ef:ff:2c:
14:ed:d9:c7:ed:bf:85:e0:16:3a:c4:dd:cd:c7:03:ca:df:60:
4b:73:5f:dc:1e:ab:8b:94:82:b9:37:06:d6:87:2f:af:23:56:
fa:dc:5d:5a:b6:9e:38:e8:70:19:9a:e4:d3:55:02:d3:91:6e:
de:8e:9e:0d:3b:3f:f4:45:0f:84:ab:be:2c:62:22:8e:af:bd:
37:8f:0b:66:c9:63:ee:5e:b4:e1:a8:58:2a:b4:e5:6d:9c:49:
52:c0:d6:d3:40:37:1e:96:d6:ea:30:bd:a4:39:06:ec:9f:19:
eb:f7:4f:ed:bb:26:bf:76:8e:cc:da:65:2d:eb:ea:1f:b0:f6:
d6:00:ab:04:4b:d7:c3:f5:89:90:0b:cd:f1:db:d8:65:d0:dd:
9e:45:6e:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpGCiVlP3RAk9RPyZO3grbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODMwMTA0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZlNGM3MDA5YjAxYjk4NTc2ODQ2ZGRhZWIzMGI1NzY0MzUzYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcVueB0bMLqcNyKpwIgyt9sap8gk
hg3fJhXox1AjRTreijs63ZyEN36PeFPvQorFELlVFBtZdaQVwvEIiIL3OXKMePAs
dhVWXGbk60/OTiTeYRkz/8ly4YfdfM5mUWhb/IZKHc909+ExWIb3StNu7dKIseqq
dRYqwuJONbdDplD7pKxSbWO4+pX6yZkNxlmyPZG1PDc76hcNIWOjHD0hy7LFAFVh
Wd4rub7dT2hM26rHgFknzJp2jZsxbShWUpueJBYnxH/rRVw8tEHC9WZHjFao8kYL
aP2hNrPbb6zb2Hrk1Bz2KPT4I7IM0yml/WinpueacjLGX/xcdvewHfzivwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGf+THAJsBuYV2hG3a6zC1dkNTpfMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWl81TWNBbXdHNWhYYUViZHJyTUxWMlExT2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQCrrA1KtK7FuZ2aBDXwm2DDrJFB
nv7XBzgTuzep25ft/3LcnERrMSbiUJBQtwN86u19g9WQeVtpwx34/0UpnpOIdKyy
DhBJaheqiyRuEpQCzzecAfb4zk2azjYN+Eh7+3EYHgNPxYEL+hbv/ywU7dnH7b+F
4BY6xN3NxwPK32BLc1/cHquLlIK5NwbWhy+vI1b63F1atp446HAZmuTTVQLTkW7e
jp4NOz/0RQ+Eq74sYiKOr703jwtmyWPuXrThqFgqtOVtnElSwNbTQDceltbqML2k
OQbsnxnr90/tuya/do7M2mUt6+ofsPbWAKsES9fD9YmQC83x29hl0N2eRW63
-----END CERTIFICATE-----
Generated at Wed Oct 4 13:32:09 2023 by rpki-client on console-fra.rpki-client.org