Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hKTm5PL2Ai-Am3UgcpF4HFNw0DE.roa
File: hKTm5PL2Ai-Am3UgcpF4HFNw0DE.roa (raw, json)
Hash identifier: xMbnt+ldyueKRSx90pLCrv5xDtSWdGVkIp/kOHl/2zg=
Subject key identifier: 84:A4:E6:E4:F2:F6:02:2F:80:9B:75:20:72:91:78:1C:53:70:D0:31
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A46C055C383CB1E15423E09DEB18819EC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hKTm5PL2Ai-Am3UgcpF4HFNw0DE.roa
Signing time: Wed 30 Aug 2023 14:02:04 +0000
ROA not before: Wed 30 Aug 2023 14:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:c0:55:c3:83:cb:1e:15:42:3e:09:de:b1:88:19:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 30 14:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84a4e6e4f2f6022f809b75207291781c5370d031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:db:b8:e3:ab:84:8f:d7:36:b5:ff:7f:b0:66:
fb:32:97:0f:55:38:10:52:50:df:63:f6:85:c9:08:
ee:21:c8:6f:bf:75:08:c7:93:16:2c:52:3e:5f:62:
90:9e:cc:73:ef:69:12:f8:e2:3c:6a:03:f8:21:67:
d9:cc:a1:d9:af:b6:82:68:1e:f5:ae:0e:db:7b:d7:
9a:2d:f8:f8:80:82:fe:f9:71:a3:cc:b1:fb:a1:d2:
84:9d:ae:36:23:2d:f2:1a:fc:5f:2f:2a:95:a9:72:
7f:15:eb:59:ce:c3:ea:c1:35:29:3b:4f:8c:ef:1b:
0e:cf:52:0e:82:51:b0:95:c9:96:f5:de:01:fd:a2:
7c:f2:27:cc:65:db:79:3a:b4:7e:a2:3b:b8:2a:38:
05:b4:1f:97:19:44:df:21:43:7c:e2:09:83:2f:13:
23:19:04:24:96:ce:0d:a4:c4:36:de:b7:d3:0a:eb:
9a:16:9f:24:54:29:db:f0:40:8b:a9:4a:c8:f9:bf:
6b:5c:58:d0:d3:74:b8:eb:1d:01:0f:42:e5:e8:44:
4c:42:76:c9:9b:7e:7c:8c:f7:42:7b:89:25:c3:53:
a4:64:42:40:d9:4e:90:ca:09:65:95:18:ff:29:e4:
6d:8b:d7:e6:1f:08:05:ac:2e:30:de:bc:fa:aa:45:
33:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A4:E6:E4:F2:F6:02:2F:80:9B:75:20:72:91:78:1C:53:70:D0:31
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hKTm5PL2Ai-Am3UgcpF4HFNw0DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
193.30.241.0/24
195.62.24.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f1:00:fa:5b:84:c9:4e:ff:35:6a:40:ff:ea:9e:64:7e:7d:
1e:7d:0e:bd:10:5d:aa:18:94:44:8f:c1:9f:56:d2:eb:33:46:
43:80:f4:61:04:db:45:5f:f4:80:88:83:38:fb:42:53:c7:72:
00:85:f5:a0:b8:55:c7:65:2b:4a:25:6c:95:88:0e:f9:4a:df:
51:13:7e:c5:1b:a4:be:7d:ab:d4:14:80:f5:e9:6f:4e:6d:f5:
f8:ab:65:94:0d:e7:e0:c4:fe:54:9a:be:10:0c:d6:e1:5e:a2:
c8:c5:9e:bc:fd:dc:85:b6:8e:33:03:eb:c8:62:b6:c8:10:b7:
54:58:5f:e2:bf:d3:64:8d:e1:ba:28:8a:10:9b:5b:26:65:41:
9e:b4:fc:b8:7d:f6:76:0c:90:c8:0b:9c:70:a0:ff:d9:2d:de:
e5:a2:19:fc:5d:fd:37:35:3c:6f:56:97:b0:8e:39:71:34:bd:
c0:78:15:f4:73:3f:b5:42:48:d6:66:ec:7c:b5:48:af:67:8c:
95:9f:e7:ca:5f:a4:53:82:1d:cf:af:88:26:f0:f2:e1:f6:4f:
bf:11:c7:dd:13:21:05:f9:2f:04:3a:4c:81:16:ed:f1:11:ee:
d0:00:4d:75:fe:84:4c:60:8e:17:ee:f1:12:d8:e4:03:e5:02:
c1:10:5f:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpGwFXDg8seFUI+Cd6xiBnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODMwMTQwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE0ZTZlNGYyZjYwMjJmODA5Yjc1MjA3MjkxNzgxYzUzNzBkMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitu446uEj9c2tf9/sGb7MpcPVTgQ
UlDfY/aFyQjuIchvv3UIx5MWLFI+X2KQnsxz72kS+OI8agP4IWfZzKHZr7aCaB71
rg7be9eaLfj4gIL++XGjzLH7odKEna42Iy3yGvxfLyqVqXJ/FetZzsPqwTUpO0+M
7xsOz1IOglGwlcmW9d4B/aJ88ifMZdt5OrR+oju4KjgFtB+XGUTfIUN84gmDLxMj
GQQkls4NpMQ23rfTCuuaFp8kVCnb8ECLqUrI+b9rXFjQ03S46x0BD0Ll6ERMQnbJ
m358jPdCe4klw1OkZEJA2U6QyglllRj/KeRti9fmHwgFrC4w3rz6qkUz4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFISk5uTy9gIvgJt1IHKReBxTcNAxMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaEtUbTVQTDJBaS1BbTNVZ2NwRjRIRk53MERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV6rAwQA
LYq3AwQATVMnAwQBVdF4AwQAwR7xAwQAwz4YAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQAJ8QD6W4TJTv81akD/6p5kfn0efQ69EF2qGJREj8GfVtLrM0ZDgPRhBNtF
X/SAiIM4+0JTx3IAhfWguFXHZStKJWyViA75St9RE37FG6S+favUFID16W9ObfX4
q2WUDefgxP5Umr4QDNbhXqLIxZ68/dyFto4zA+vIYrbIELdUWF/iv9NkjeG6KIoQ
m1smZUGetPy4ffZ2DJDIC5xwoP/ZLd7lohn8Xf03NTxvVpewjjlxNL3AeBX0cz+1
QkjWZux8tUivZ4yVn+fKX6RTgh3Pr4gm8PLh9k+/EcfdEyEF+S8EOkyBFu3xEe7Q
AE11/oRMYI4X7vES2OQD5QLBEF+A
-----END CERTIFICATE-----
Generated at Tue Sep 5 13:11:04 2023 by rpki-client on console-ams.rpki-client.org