Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_r83NpwfszIW3Y1wAd4gzCFsl28.roa
File: _r83NpwfszIW3Y1wAd4gzCFsl28.roa (raw, json)
Hash identifier: I+HzH1H0l58Diq1MUlcm59U0ynuEV9J8b4DgDwQm/Uk=
Subject key identifier: FE:BF:37:36:9C:1F:B3:32:16:DD:8D:70:01:DE:20:CC:21:6C:97:6F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A47A278B6ABB813BCAEAB6AEB2580DBB7
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_r83NpwfszIW3Y1wAd4gzCFsl28.roa
Signing time: Wed 30 Aug 2023 18:09:04 +0000
ROA not before: Wed 30 Aug 2023 18:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 45.144.213.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Sep 2023 12:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:a2:78:b6:ab:b8:13:bc:ae:ab:6a:eb:25:80:db:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 30 18:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=febf37369c1fb33216dd8d7001de20cc216c976f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:87:12:67:5e:17:27:d2:5e:e3:57:50:2c:9c:
99:02:0d:5c:d2:1a:5a:75:97:82:d0:b6:32:4c:18:
c4:7c:67:19:d9:c4:36:66:78:e8:17:8c:3c:63:e7:
08:94:67:66:08:e7:4a:af:9f:da:7e:c5:dc:b9:ed:
35:90:1d:c6:4f:94:74:15:47:5d:5e:e6:8e:18:51:
83:ba:48:fb:e9:14:e8:6a:ae:df:2a:b7:44:49:89:
a4:8e:e2:40:68:6a:97:94:84:e4:44:c1:58:f4:7e:
41:c7:db:d6:ef:19:5a:16:d0:88:6c:b6:59:f5:63:
9d:a7:62:50:45:ff:b7:84:f3:ad:89:55:20:a6:91:
85:c5:0e:5f:fd:32:78:a9:0e:30:b5:9e:35:a8:43:
6d:ba:ec:a1:88:67:e8:7a:60:43:5e:bf:7e:2f:87:
dd:ff:53:6a:dc:c4:fd:ee:27:6e:d7:b6:88:25:d1:
8b:ac:b8:85:7a:78:ba:b1:0e:2b:0d:5f:84:8b:85:
f9:3a:d0:6a:78:28:76:c9:46:0f:4d:fc:01:c9:46:
87:3e:bb:01:e2:6f:12:e7:cf:1b:83:92:be:ab:aa:
c4:40:9d:86:42:75:e5:55:52:81:99:da:36:8b:d6:
9e:28:18:11:d0:a3:73:da:e3:53:05:91:3c:75:d9:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BF:37:36:9C:1F:B3:32:16:DD:8D:70:01:DE:20:CC:21:6C:97:6F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/_r83NpwfszIW3Y1wAd4gzCFsl28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
45.81.112.0/23
45.144.213.0/24
77.83.37.0/24
Signature Algorithm: sha256WithRSAEncryption
38:49:e9:0b:23:2f:4b:c7:ef:66:f9:ef:cd:9e:a5:ff:ce:cf:
9b:13:54:43:ac:60:47:38:95:9b:8f:80:28:3d:93:d9:de:9d:
d5:fc:51:57:c3:d7:14:cc:16:77:00:d6:cf:f6:6b:f3:76:e7:
83:5e:f3:eb:3a:a6:81:4a:1a:92:78:d5:7a:a2:4c:58:3a:66:
60:8e:2e:fc:c9:27:b1:c5:f3:aa:6b:9a:99:07:09:22:ae:e3:
d1:fa:f3:db:c0:01:ae:ed:96:dc:c8:e8:dd:46:0b:d5:46:24:
6b:c3:e5:29:8d:7a:8b:78:aa:49:44:94:3b:3c:77:6f:69:2a:
59:01:9e:54:59:54:0e:f1:a5:90:c2:2e:2c:cd:3b:63:ed:24:
5d:3e:51:91:de:94:ad:ae:a0:65:ae:62:2c:25:62:7e:06:2b:
df:4d:62:46:36:a9:d9:60:45:51:17:23:65:2d:20:13:f1:3a:
de:49:e2:56:13:d4:a5:e4:1e:81:99:ac:5c:a5:32:bd:fd:99:
2b:22:7b:5a:79:5c:d0:2f:52:72:ca:6d:c2:6f:c0:1c:fe:70:
67:42:2f:61:05:d3:c7:67:f9:2b:a0:f2:ed:01:10:b6:af:31:
b2:c7:8e:86:f5:59:1c:c6:e9:85:0b:61:0e:14:b9:4f:fe:2a:
1f:65:c6:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpHoni2q7gTvK6rauslgNu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODMwMTgwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWJmMzczNjljMWZiMzMyMTZkZDhkNzAwMWRlMjBjYzIxNmM5NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiocSZ14XJ9Je41dQLJyZAg1c0hpa
dZeC0LYyTBjEfGcZ2cQ2ZnjoF4w8Y+cIlGdmCOdKr5/afsXcue01kB3GT5R0FUdd
XuaOGFGDukj76RToaq7fKrdESYmkjuJAaGqXlITkRMFY9H5Bx9vW7xlaFtCIbLZZ
9WOdp2JQRf+3hPOtiVUgppGFxQ5f/TJ4qQ4wtZ41qENtuuyhiGfoemBDXr9+L4fd
/1Nq3MT97idu17aIJdGLrLiFeni6sQ4rDV+Ei4X5OtBqeCh2yUYPTfwByUaHPrsB
4m8S588bg5K+q6rEQJ2GQnXlVVKBmdo2i9aeKBgR0KNz2uNTBZE8ddk85wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP6/NzacH7MyFt2NcAHeIMwhbJdvMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvX3I4M05wd2ZzeklXM1kxd0FkNGd6Q0ZzbDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjhtAwQB
LVFwAwQALZDVAwQATVMlMA0GCSqGSIb3DQEBCwUAA4IBAQA4SekLIy9Lx+9m+e/N
nqX/zs+bE1RDrGBHOJWbj4AoPZPZ3p3V/FFXw9cUzBZ3ANbP9mvzdueDXvPrOqaB
ShqSeNV6okxYOmZgji78ySexxfOqa5qZBwkiruPR+vPbwAGu7ZbcyOjdRgvVRiRr
w+UpjXqLeKpJRJQ7PHdvaSpZAZ5UWVQO8aWQwi4szTtj7SRdPlGR3pStrqBlrmIs
JWJ+BivfTWJGNqnZYEVRFyNlLSAT8TreSeJWE9Sl5B6BmaxcpTK9/ZkrIntaeVzQ
L1Jyym3Cb8Ac/nBnQi9hBdPHZ/kroPLtARC2rzGyx46G9VkcxumFC2EOFLlP/iof
Zcaq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org