Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eooYq2_RVrp4rg8HKwBxhvre59Y.roa
File: eooYq2_RVrp4rg8HKwBxhvre59Y.roa (raw, json)
Hash identifier: iR9wtDEtWyl34sAuVTbJj0OeCqJJ7jh5RwXUezUr+HY=
Subject key identifier: 7A:8A:18:AB:6F:D1:56:BA:78:AE:0F:07:2B:00:71:86:FA:DE:E7:D6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0187B42736AC06D465F7B9C7DB66C1DACECF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eooYq2_RVrp4rg8HKwBxhvre59Y.roa
Signing time: Mon 24 Apr 2023 16:44:41 +0000
ROA not before: Mon 24 Apr 2023 16:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 19:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:27:36:ac:06:d4:65:f7:b9:c7:db:66:c1:da:ce:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 24 16:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7a8a18ab6fd156ba78ae0f072b007186fadee7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:03:8d:fb:29:a9:2c:52:8c:d7:ea:82:ed:
d1:94:7b:df:14:c3:3a:82:65:f2:8b:0f:83:60:6e:
dd:d9:29:60:76:3d:ac:31:10:d0:89:00:ca:5e:50:
a6:1e:b7:a7:59:e0:c3:a8:51:12:73:6f:6b:01:0d:
ba:42:93:58:b7:dc:34:00:2e:63:56:02:68:52:bc:
8d:73:43:e5:9b:9b:e9:9a:9f:fc:83:83:52:7f:a2:
86:3f:42:97:1e:73:a4:da:67:4e:61:d4:50:bb:07:
10:a1:61:97:67:a8:92:4b:ed:6a:36:c1:d5:cb:29:
65:c0:01:bc:3b:23:35:c6:7a:4f:b0:e3:2f:db:e9:
7f:2c:fa:76:2d:bd:9a:4e:e8:24:b7:79:f2:bc:d9:
f1:bc:20:50:51:29:d1:ee:1a:4e:39:c7:90:b2:3a:
fd:e0:9c:5f:c8:83:bb:f2:f2:16:03:f6:47:92:f7:
5f:06:42:56:fe:17:e8:27:25:38:fb:54:6c:a3:00:
65:08:82:79:26:8d:0c:f0:ec:b1:40:6d:8e:e4:34:
ac:23:f8:f1:6f:93:45:73:a7:9c:33:ca:e4:ce:14:
95:15:9f:75:a4:ae:75:d1:b1:5c:2d:04:94:72:28:
6f:02:c5:bc:d3:8f:0f:24:3f:d2:64:d5:1e:45:19:
86:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:8A:18:AB:6F:D1:56:BA:78:AE:0F:07:2B:00:71:86:FA:DE:E7:D6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/eooYq2_RVrp4rg8HKwBxhvre59Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.94.171.0/24
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
81:a2:e5:17:c3:4d:4c:12:0c:0d:9d:0f:49:11:63:d6:9c:61:
6c:21:e9:c9:d8:df:56:ea:0d:44:7b:bd:9f:2f:40:49:3c:d1:
b0:4b:0b:0e:0e:e9:14:bc:14:bd:aa:ac:cd:47:c0:47:48:39:
8a:bf:e7:01:ab:e4:e8:ce:a0:e2:94:9e:bb:33:10:01:6a:68:
f8:22:9c:eb:0f:76:c1:38:a8:94:32:77:40:9e:88:ed:68:ec:
35:66:af:c1:85:66:7d:62:75:0d:a3:bc:c9:4b:c2:78:c4:14:
ac:39:66:5f:6b:35:2b:78:06:17:7e:a2:d9:74:6f:30:e8:1c:
9a:f4:da:ba:c4:7d:65:1e:db:bf:d1:aa:8d:72:48:9c:f6:85:
ff:43:31:7d:e1:0c:99:b5:b0:a8:b9:8b:f7:13:73:ef:49:89:
a3:73:ff:ea:7f:bb:fe:75:4c:b7:9e:5d:53:08:8d:16:fb:9f:
70:5d:ab:d5:e8:ee:6b:af:16:c5:09:39:5e:91:62:a3:5e:12:
1b:39:21:9f:0f:a1:42:2b:be:ae:1a:54:4b:70:47:cd:2f:7d:
03:21:7c:4e:15:2b:ed:4e:28:19:66:e1:47:06:99:f5:7a:ff:
74:0a:d6:5c:89:fd:3c:d3:0e:8f:8e:4b:a1:b4:a3:c0:1a:80:
bb:2f:0f:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe0JzasBtRl97nH22bB2s7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDI0MTY0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YThhMThhYjZmZDE1NmJhNzhhZTBmMDcyYjAwNzE4NmZhZGVlN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj0DjfspqSxSjNfqgu3RlHvfFMM6
gmXyiw+DYG7d2Slgdj2sMRDQiQDKXlCmHrenWeDDqFESc29rAQ26QpNYt9w0AC5j
VgJoUryNc0Plm5vpmp/8g4NSf6KGP0KXHnOk2mdOYdRQuwcQoWGXZ6iSS+1qNsHV
yyllwAG8OyM1xnpPsOMv2+l/LPp2Lb2aTugkt3nyvNnxvCBQUSnR7hpOOceQsjr9
4JxfyIO78vIWA/ZHkvdfBkJW/hfoJyU4+1RsowBlCIJ5Jo0M8OyxQG2O5DSsI/jx
b5NFc6ecM8rkzhSVFZ91pK510bFcLQSUcihvAsW8048PJD/SZNUeRRmGsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHqKGKtv0Va6eK4PBysAcYb63ufWMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZW9vWXEyX1JWcnA0cmc4SEt3QnhodnJlNTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALViKAwQA
LV6rAwQATVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCBouUXw01MEgwNnQ9J
EWPWnGFsIenJ2N9W6g1Ee72fL0BJPNGwSwsODukUvBS9qqzNR8BHSDmKv+cBq+To
zqDilJ67MxABamj4IpzrD3bBOKiUMndAnojtaOw1Zq/BhWZ9YnUNo7zJS8J4xBSs
OWZfazUreAYXfqLZdG8w6Bya9Nq6xH1lHtu/0aqNckic9oX/QzF94QyZtbCouYv3
E3PvSYmjc//qf7v+dUy3nl1TCI0W+59wXavV6O5rrxbFCTlekWKjXhIbOSGfD6FC
K76uGlRLcEfNL30DIXxOFSvtTigZZuFHBpn1ev90CtZcif080w6PjkuhtKPAGoC7
Lw/e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org