Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hXlkZBVZblPAIkCaoHoi0L3ZTDA.roa
File: hXlkZBVZblPAIkCaoHoi0L3ZTDA.roa (raw, json)
Hash identifier: nDO+jX2hM2JIWpX8qZ6RnSa3jF0wFiWfwEwNhCYCVIo=
Subject key identifier: 85:79:64:64:15:59:6E:53:C0:22:40:9A:A0:7A:22:D0:BD:D9:4C:30
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A6556961DD5384A14C5FECD5BC978E927
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hXlkZBVZblPAIkCaoHoi0L3ZTDA.roa
Signing time: Tue 05 Sep 2023 12:34:47 +0000
ROA not before: Tue 05 Sep 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:56:96:1d:d5:38:4a:14:c5:fe:cd:5b:c9:78:e9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 5 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8579646415596e53c022409aa07a22d0bdd94c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:60:43:4c:25:e5:f5:d7:5b:22:89:36:5f:51:
f3:ce:cb:8b:91:5f:0a:51:3a:ad:d1:b2:92:88:bd:
91:f6:20:88:16:96:dc:90:6e:36:6c:86:37:b1:08:
5c:91:8f:82:76:0f:7f:cd:16:3d:ea:67:5f:4a:56:
3d:62:86:8e:b2:92:b9:a4:9a:cb:78:0f:8b:b7:b9:
2c:2d:13:9f:01:df:0f:f3:54:11:8d:87:b1:d5:fc:
8f:0f:50:50:54:d7:ee:49:7c:26:af:50:1b:00:69:
99:72:c2:4e:fa:ef:e8:6f:6a:f2:b1:e4:b2:45:67:
9a:e1:9f:da:a2:23:75:e1:38:23:1c:27:b2:7e:9d:
71:f7:be:3c:37:10:d9:cb:3c:c7:47:93:62:0b:ed:
92:8a:81:9e:af:d4:fd:99:b2:1c:47:a9:6d:0b:3e:
de:72:b6:14:59:a3:b2:e3:88:ce:a4:12:3f:b6:f3:
36:0a:9e:89:51:79:9a:03:31:3c:a8:a8:76:1e:44:
58:f5:0b:80:a6:d2:83:4d:71:78:8a:71:e7:ce:17:
4b:68:62:d5:f0:eb:89:7a:1c:92:2d:67:f7:af:81:
7e:97:55:97:c6:a4:b5:8d:9c:96:3c:23:c0:d7:13:
8f:32:6b:ce:49:43:b4:43:0f:91:f1:c3:d0:b2:32:
be:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:64:64:15:59:6E:53:C0:22:40:9A:A0:7A:22:D0:BD:D9:4C:30
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/hXlkZBVZblPAIkCaoHoi0L3ZTDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:cb:72:6c:ee:11:bc:ae:56:e7:ef:f1:bc:e4:47:85:aa:81:
36:2d:00:b3:21:c6:bc:75:18:e9:bb:73:47:8e:bc:13:a4:69:
2d:22:3b:3e:ad:7d:3d:97:a1:37:b7:34:eb:56:3b:1b:23:69:
7b:ad:30:db:0b:cf:7c:ec:2e:42:2c:57:65:0c:ea:dd:4f:72:
cc:3c:d2:41:74:ea:66:80:02:5a:5b:cb:c1:03:8f:e2:62:5e:
02:d9:fe:c3:5a:0b:0d:72:71:fe:e6:88:e7:a2:ba:89:99:d1:
d6:08:89:93:8e:fe:26:b1:f9:30:37:91:e8:96:0a:18:cd:51:
87:70:34:80:fe:eb:23:f3:30:cf:42:24:a3:b0:88:c4:c8:53:
34:8a:9a:42:02:26:e0:9c:6a:c5:ff:93:bb:07:af:6d:9d:73:
fb:70:81:68:17:cf:e3:2a:a2:a7:1f:0e:d9:7a:7a:21:7d:f2:
9b:83:d4:35:b1:c5:cf:27:4e:82:bc:1c:09:fa:15:bb:73:e3:
7c:0c:41:8e:9f:b5:d0:71:c8:bd:fc:4d:78:ae:f1:e5:86:a2:
21:20:41:0e:21:6a:00:ad:db:a2:41:1c:7c:eb:ef:63:c8:87:
a7:4a:6f:dd:f6:15:e3:6b:5c:04:86:c9:88:d3:66:76:7f:9b:
d2:80:d8:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYplVpYd1ThKFMX+zVvJeOknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA1MTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTc5NjQ2NDE1NTk2ZTUzYzAyMjQwOWFhMDdhMjJkMGJkZDk0YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2BDTCXl9ddbIok2X1HzzsuLkV8K
UTqt0bKSiL2R9iCIFpbckG42bIY3sQhckY+Cdg9/zRY96mdfSlY9YoaOspK5pJrL
eA+Lt7ksLROfAd8P81QRjYex1fyPD1BQVNfuSXwmr1AbAGmZcsJO+u/ob2ryseSy
RWea4Z/aoiN14TgjHCeyfp1x9748NxDZyzzHR5NiC+2SioGer9T9mbIcR6ltCz7e
crYUWaOy44jOpBI/tvM2Cp6JUXmaAzE8qKh2HkRY9QuAptKDTXF4inHnzhdLaGLV
8OuJehySLWf3r4F+l1WXxqS1jZyWPCPA1xOPMmvOSUO0Qw+R8cPQsjK+HQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIV5ZGQVWW5TwCJAmqB6ItC92UwwMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaFhsa1pCVlpibFBBSWtDYW9Ib2kwTDNaVERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV6rAwQA
LYq3AwQATVMnAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQBOy3Js7hG8rlbn7/G8
5EeFqoE2LQCzIca8dRjpu3NHjrwTpGktIjs+rX09l6E3tzTrVjsbI2l7rTDbC898
7C5CLFdlDOrdT3LMPNJBdOpmgAJaW8vBA4/iYl4C2f7DWgsNcnH+5ojnorqJmdHW
CImTjv4msfkwN5HolgoYzVGHcDSA/usj8zDPQiSjsIjEyFM0ippCAibgnGrF/5O7
B69tnXP7cIFoF8/jKqKnHw7ZenohffKbg9Q1scXPJ06CvBwJ+hW7c+N8DEGOn7XQ
cci9/E14rvHlhqIhIEEOIWoArduiQRx86+9jyIenSm/d9hXja1wEhsmI02Z2f5vS
gNhR
-----END CERTIFICATE-----
Generated at Fri Sep 8 18:44:03 2023 by rpki-client on console-ams.rpki-client.org