Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/d-aY5xBsIe3AsZXcnsc6_sD8sWU.roa
File: d-aY5xBsIe3AsZXcnsc6_sD8sWU.roa (raw, json)
Hash identifier: icp51sThNOcEQp50jEjpAxtm6+z+k6LJLjMLrHzKKOg=
Subject key identifier: 77:E6:98:E7:10:6C:21:ED:C0:B1:95:DC:9E:C7:3A:FE:C0:FC:B1:65
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A7071655488DFD89B82A5DE5BD5F976B9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/d-aY5xBsIe3AsZXcnsc6_sD8sWU.roa
Signing time: Thu 07 Sep 2023 16:19:54 +0000
ROA not before: Thu 07 Sep 2023 16:19:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47757
IP address blocks: 195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:71:65:54:88:df:d8:9b:82:a5:de:5b:d5:f9:76:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 7 16:19:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77e698e7106c21edc0b195dc9ec73afec0fcb165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1a:a9:4b:6d:41:3c:8d:fa:35:51:f9:8a:70:
82:2f:55:62:8f:d2:08:c7:de:2b:d7:83:e1:4b:66:
7f:3f:a3:f4:b0:35:08:eb:9d:c6:e8:0a:69:62:3a:
29:11:a9:f2:02:04:db:1b:1b:24:0c:76:c0:fb:d4:
e5:8f:37:35:00:ca:8d:bc:26:1d:6b:48:66:20:0e:
2d:32:d0:b0:69:b8:de:45:ec:07:a6:ed:6b:2d:6e:
a6:06:c4:eb:fb:29:93:b1:c0:2c:9c:e8:86:d6:bc:
71:95:e1:98:f3:c8:1a:7d:1f:ea:c6:d8:65:ee:75:
b2:d4:83:9c:71:29:e7:18:68:35:e8:fc:54:3b:ad:
d3:ca:d1:96:08:2d:82:1e:d7:4d:0a:e5:ac:c1:42:
ce:66:b7:b0:9c:64:af:45:0f:bd:f7:43:be:67:ea:
82:83:42:51:4c:a0:5a:3a:26:86:ab:e6:8d:43:5b:
3a:23:49:3f:10:e0:e8:66:31:47:3b:c9:b7:26:28:
b1:8e:4a:7e:24:3b:14:f1:31:9d:02:0d:e1:79:75:
01:d1:31:ba:10:b3:19:66:fd:e5:db:b7:38:fb:9f:
87:c3:ea:06:09:55:59:f8:0c:c7:25:ca:0f:67:e4:
3d:0f:7e:e4:75:50:d6:98:ef:9d:46:ff:ca:e8:65:
50:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E6:98:E7:10:6C:21:ED:C0:B1:95:DC:9E:C7:3A:FE:C0:FC:B1:65
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/d-aY5xBsIe3AsZXcnsc6_sD8sWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
66:75:e9:15:64:21:7b:12:52:de:85:44:7e:fb:d6:60:4a:b6:
66:dc:46:4a:e7:96:5c:c6:80:68:e9:02:46:26:e8:d4:ec:8d:
8d:11:84:0d:de:bb:f8:a6:cd:83:94:34:3a:b8:ea:4e:9a:88:
bc:b1:48:57:c4:7d:f9:a8:14:5b:13:de:82:a9:d4:8c:81:c4:
90:1f:48:47:11:0b:30:6d:fe:91:00:c0:7b:32:fa:0b:d8:23:
e5:5d:57:26:f0:0c:bb:ad:0f:ca:09:de:c1:e8:f2:cb:46:93:
65:cb:c9:33:91:b9:19:fb:05:d1:a5:c2:0a:f6:c7:df:42:20:
6f:54:8f:29:d4:34:5a:b1:e8:3c:33:16:4c:93:87:6c:d0:b6:
cc:3a:fc:01:f9:b9:8c:d0:2f:70:ca:e7:ce:17:1a:d1:26:62:
ed:dd:62:ec:17:9b:d1:b7:a7:9d:bd:50:a3:5f:d8:7a:0a:5a:
95:5d:c1:d0:9b:a4:d1:18:47:d1:6e:9c:61:91:58:eb:d9:cb:
12:92:4f:09:4f:27:f6:85:39:0d:29:0a:31:4b:08:f3:12:73:
f9:40:7e:4d:69:52:fc:4f:8f:6d:99:a4:19:75:b9:8a:67:c3:
68:27:ed:f1:b8:e1:a6:4f:11:70:a1:fd:9c:9b:91:a2:75:2c:
7f:13:55:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpwcWVUiN/Ym4Kl3lvV+Xa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA3MTYxOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U2OThlNzEwNmMyMWVkYzBiMTk1ZGM5ZWM3M2FmZWMwZmNiMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRqpS21BPI36NVH5inCCL1Vij9II
x94r14PhS2Z/P6P0sDUI653G6AppYjopEanyAgTbGxskDHbA+9Tljzc1AMqNvCYd
a0hmIA4tMtCwabjeRewHpu1rLW6mBsTr+ymTscAsnOiG1rxxleGY88gafR/qxthl
7nWy1IOccSnnGGg16PxUO63TytGWCC2CHtdNCuWswULOZrewnGSvRQ+990O+Z+qC
g0JRTKBaOiaGq+aNQ1s6I0k/EODoZjFHO8m3Jiixjkp+JDsU8TGdAg3heXUB0TG6
ELMZZv3l27c4+5+Hw+oGCVVZ+AzHJcoPZ+Q9D37kdVDWmO+dRv/K6GVQwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfmmOcQbCHtwLGV3J7HOv7A/LFlMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZC1hWTV4QnNJZTNBc1pYY25zYzZfc0Q4c1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALViLAwQA
w7FfMA0GCSqGSIb3DQEBCwUAA4IBAQBmdekVZCF7ElLehUR++9ZgSrZm3EZK55Zc
xoBo6QJGJujU7I2NEYQN3rv4ps2DlDQ6uOpOmoi8sUhXxH35qBRbE96CqdSMgcSQ
H0hHEQswbf6RAMB7MvoL2CPlXVcm8Ay7rQ/KCd7B6PLLRpNly8kzkbkZ+wXRpcIK
9sffQiBvVI8p1DRaseg8MxZMk4ds0LbMOvwB+bmM0C9wyufOFxrRJmLt3WLsF5vR
t6edvVCjX9h6ClqVXcHQm6TRGEfRbpxhkVjr2csSkk8JTyf2hTkNKQoxSwjzEnP5
QH5NaVL8T49tmaQZdbmKZ8NoJ+3xuOGmTxFwof2cm5GidSx/E1XW
-----END CERTIFICATE-----
Generated at Sun Sep 10 10:41:07 2023 by rpki-client on console-fra.rpki-client.org