Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhMS0lWQOvIHR1eAurdlWuSKSmY.roa
File: fhMS0lWQOvIHR1eAurdlWuSKSmY.roa (raw, json)
Hash identifier: xSGGZLtL1ND8bxHBTDuFAymKMQL+xveZtgyWK5JwCss=
Subject key identifier: 7E:13:12:D2:55:90:3A:F2:07:47:57:80:BA:B7:65:5A:E4:8A:4A:66
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B0FF9FEB1DAE32EB7228E3FB924ACC160
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhMS0lWQOvIHR1eAurdlWuSKSmY.roa
Signing time: Sun 08 Oct 2023 15:48:43 +0000
ROA not before: Sun 08 Oct 2023 15:48:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
2.56.110.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0f:f9:fe:b1:da:e3:2e:b7:22:8e:3f:b9:24:ac:c1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 8 15:48:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e1312d255903af207475780bab7655ae48a4a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:97:bf:ae:d9:ac:d7:e3:79:5c:3e:0a:4b:90:
76:4a:a8:f3:39:dc:87:af:cb:fd:29:27:67:a7:40:
ef:4a:ce:27:50:01:47:d1:af:96:eb:04:80:2a:7c:
64:8f:15:8d:47:73:52:ac:13:22:ff:0b:e0:73:f8:
6f:97:27:2c:0c:fc:ca:62:48:1e:d7:7e:48:16:9a:
b2:09:30:49:61:ee:4f:e2:36:90:11:06:52:95:00:
63:0a:36:87:33:95:a3:c8:ee:b5:ae:94:2e:d1:27:
07:03:b7:52:20:a7:c0:f6:61:f3:85:b7:49:bb:4f:
ee:f3:fe:ab:e8:49:28:f4:f9:48:d2:70:b6:7c:69:
0f:22:7d:0f:3e:ce:47:f0:35:a2:5f:01:7d:ca:0f:
af:33:4c:4e:aa:18:b7:f7:33:87:b7:69:ab:fc:4d:
5a:86:a0:8a:54:81:6f:0d:84:20:6a:eb:27:d9:b5:
a4:54:55:dd:e2:ea:d4:2b:91:5d:bd:77:9c:99:38:
01:27:1f:49:c0:d3:41:13:e1:c5:16:33:2c:38:e4:
90:c9:33:ba:f0:67:b6:0b:b5:6b:f4:f9:32:79:32:
d2:46:3d:9f:95:0f:75:d0:11:e1:a6:51:28:f0:0c:
75:76:97:40:df:aa:f7:0b:68:3f:27:bd:d3:c3:bc:
c6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:13:12:D2:55:90:3A:F2:07:47:57:80:BA:B7:65:5A:E4:8A:4A:66
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/fhMS0lWQOvIHR1eAurdlWuSKSmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0-2.56.110.255
45.81.115.0/24
45.88.139.0/24
45.94.171.0/24
45.138.183.0/24
45.144.213.0/24
77.83.39.0/24
85.209.120.0/23
193.57.41.0/24
195.62.24.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:00:48:35:eb:b5:03:12:af:88:56:49:7d:45:12:6b:f4:24:
65:98:c8:3f:bb:d2:ff:57:41:b3:60:f7:0e:94:6a:d7:84:bb:
49:61:9e:96:2b:6d:02:7b:d4:0b:13:8b:69:5b:a4:ae:3a:0b:
12:f8:32:23:d5:a1:74:22:8a:c6:ce:a6:1e:ab:74:a7:37:2d:
94:2f:cb:90:ac:ba:47:48:0c:ea:7c:71:9b:dc:a1:35:bb:2c:
b7:7f:5d:98:43:d3:3a:05:c5:9b:74:64:c6:03:79:2a:b9:4d:
83:f8:88:14:d3:6d:b1:c4:0c:49:51:f4:e9:62:22:18:55:3c:
a3:3a:d9:98:48:38:92:52:28:94:5c:5e:e4:a3:31:fb:c3:3c:
6b:13:3b:6d:a4:e8:f6:35:82:55:64:43:81:1b:08:d2:3a:22:
82:dc:51:8e:c2:69:ca:74:f1:7c:bc:6d:01:e3:6f:44:37:85:
42:78:73:23:51:c8:0c:d3:6d:78:e7:20:81:de:0d:9b:2d:74:
bc:29:b0:ca:56:a9:0d:c7:01:83:7a:8c:e9:4b:29:2d:64:0b:
2d:e3:c7:55:bd:cc:56:fc:30:b2:0c:8e:8c:d7:94:8f:19:74:
c4:2e:54:77:37:d3:8f:28:8e:74:ab:39:9c:e0:ca:25:73:28:
bf:16:9e:14
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYsP+f6x2uMutyKOP7kkrMFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA4MTU0ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEzMTJkMjU1OTAzYWYyMDc0NzU3ODBiYWI3NjU1YWU0OGE0YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJe/rtms1+N5XD4KS5B2SqjzOdyH
r8v9KSdnp0DvSs4nUAFH0a+W6wSAKnxkjxWNR3NSrBMi/wvgc/hvlycsDPzKYkge
135IFpqyCTBJYe5P4jaQEQZSlQBjCjaHM5WjyO61rpQu0ScHA7dSIKfA9mHzhbdJ
u0/u8/6r6Eko9PlI0nC2fGkPIn0PPs5H8DWiXwF9yg+vM0xOqhi39zOHt2mr/E1a
hqCKVIFvDYQgausn2bWkVFXd4urUK5FdvXecmTgBJx9JwNNBE+HFFjMsOOSQyTO6
8Ge2C7Vr9PkyeTLSRj2flQ910BHhplEo8Ax1dpdA36r3C2g/J73Tw7zGQwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFH4TEtJVkDryB0dXgLq3ZVrkikpmMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZmhNUzBsV1FPdklIUjFlQXVyZGxXdVNLU21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAACOG0D
BAACOG4DBAAtUXMDBAAtWIsDBAAtXqsDBAAtircDBAAtkNUDBABNUycDBAFV0XgD
BADBOSkDBADDPhgDBADDsV8wDQYJKoZIhvcNAQELBQADggEBABoASDXrtQMSr4hW
SX1FEmv0JGWYyD+70v9XQbNg9w6UateEu0lhnpYrbQJ71AsTi2lbpK46CxL4MiPV
oXQiisbOph6rdKc3LZQvy5CsukdIDOp8cZvcoTW7LLd/XZhD0zoFxZt0ZMYDeSq5
TYP4iBTTbbHEDElR9OliIhhVPKM62ZhIOJJSKJRcXuSjMfvDPGsTO22k6PY1glVk
Q4EbCNI6IoLcUY7Cacp08Xy8bQHjb0Q3hUJ4cyNRyAzTbXjnIIHeDZstdLwpsMpW
qQ3HAYN6jOlLKS1kCy3jx1W9zFb8MLIMjozXlI8ZdMQuVHc3048ojnSrOZzgyiVz
KL8WnhQ=
-----END CERTIFICATE-----
Generated at Mon Oct 9 17:05:07 2023 by rpki-client on console-fra.rpki-client.org