Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ocjFU9-jKG6XTM07BdkR-X8-8IY.roa
File: ocjFU9-jKG6XTM07BdkR-X8-8IY.roa (raw, json)
Hash identifier: RLJ8IMXi7STmtcRPlworPeh/ZcR5p9Y+8Pgz8ssVu8c=
Subject key identifier: A1:C8:C5:53:DF:A3:28:6E:97:4C:CD:3B:05:D9:11:F9:7F:3E:F0:86
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0188C8552ACF652A22D515F57C6CEDE30E81
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ocjFU9-jKG6XTM07BdkR-X8-8IY.roa
Signing time: Sat 17 Jun 2023 07:50:04 +0000
ROA not before: Sat 17 Jun 2023 07:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Aug 2023 18:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c8:55:2a:cf:65:2a:22:d5:15:f5:7c:6c:ed:e3:0e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 17 07:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1c8c553dfa3286e974ccd3b05d911f97f3ef086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9d:6e:55:cc:b4:14:b7:8f:4d:9d:aa:b8:35:
d1:17:9c:2c:a6:be:62:0e:21:46:40:d1:78:9c:cd:
68:e2:f5:72:84:5e:d6:eb:f0:ff:a8:9e:d2:22:85:
e7:a9:60:fa:92:b5:dd:f7:31:99:1a:be:95:10:4f:
a7:7d:07:e3:79:ea:eb:f0:3b:c1:57:da:91:ae:e9:
dd:8d:04:1c:72:de:9f:8e:44:e7:c7:93:ae:ee:39:
0a:8d:41:77:d7:f9:bc:73:3d:e1:a2:73:0c:fc:eb:
6b:ea:26:2e:4f:72:53:97:ec:e5:25:a8:23:12:51:
73:d8:d5:8c:7a:c7:46:d6:f5:22:ca:a5:0f:eb:51:
80:bd:16:10:a7:15:91:9d:22:77:54:1f:a8:58:66:
0e:6a:46:2c:5b:21:f8:de:ba:e3:d4:8a:8d:b6:90:
8f:54:1b:8d:9d:28:c0:42:40:a9:7c:fd:de:24:cb:
fe:d1:8d:ff:a1:20:ae:b1:b9:79:53:5b:19:99:c2:
16:e2:95:8c:bb:33:5a:19:1e:16:47:b9:3c:fd:fd:
a8:ee:72:a0:e4:47:aa:12:fd:35:95:e6:d6:80:42:
ad:80:8a:1d:59:3c:6f:ac:12:40:d7:79:68:95:9f:
f7:5c:d3:37:ad:ab:04:16:b5:26:8a:f9:4e:c9:34:
25:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C8:C5:53:DF:A3:28:6E:97:4C:CD:3B:05:D9:11:F9:7F:3E:F0:86
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ocjFU9-jKG6XTM07BdkR-X8-8IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:2b:9d:94:f2:c8:bb:d2:96:96:06:a1:0d:d0:fe:6f:24:dd:
a1:3a:91:0e:4e:1d:f8:d6:4a:53:4b:b4:7f:7b:c0:fc:86:69:
82:6c:ab:53:0d:60:18:3b:f1:08:10:b7:8e:02:fe:0b:ec:e4:
10:58:3e:5a:cb:c2:0e:22:a4:2d:7f:06:f3:41:c0:4e:6b:48:
c2:0f:01:f3:b2:2f:39:96:bb:d3:f8:6d:40:d8:42:01:f3:8a:
d9:98:b4:c9:07:a6:35:c6:b4:36:b8:e1:7c:08:52:be:6c:ae:
ff:db:dc:97:f5:b6:3a:12:ce:49:28:2d:99:71:f5:5d:4f:80:
3b:49:0d:9f:3c:08:68:99:a8:f8:14:e9:d6:18:ed:24:84:26:
6a:49:2a:12:47:9a:dd:d8:37:58:c9:62:f4:65:4a:3c:6c:b7:
37:f6:46:12:a1:51:e1:bb:13:80:84:13:e2:25:0a:7f:94:e5:
ec:51:dd:54:93:c8:d9:42:8f:69:e3:a4:de:5b:ab:32:38:27:
ef:f4:98:2b:0f:d5:ec:77:9b:48:f1:74:39:03:88:d0:6c:1b:
0f:a2:ef:ca:23:5b:56:04:cf:6f:5b:a1:f0:42:62:8b:ba:ac:
a3:e4:21:4a:8e:30:49:53:95:9f:ae:11:a4:54:97:33:fa:ec:
ac:10:6b:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjIVSrPZSoi1RX1fGzt4w6BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNjE3MDc1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM4YzU1M2RmYTMyODZlOTc0Y2NkM2IwNWQ5MTFmOTdmM2VmMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ1uVcy0FLePTZ2quDXRF5wspr5i
DiFGQNF4nM1o4vVyhF7W6/D/qJ7SIoXnqWD6krXd9zGZGr6VEE+nfQfjeerr8DvB
V9qRrundjQQcct6fjkTnx5Ou7jkKjUF31/m8cz3honMM/Otr6iYuT3JTl+zlJagj
ElFz2NWMesdG1vUiyqUP61GAvRYQpxWRnSJ3VB+oWGYOakYsWyH43rrj1IqNtpCP
VBuNnSjAQkCpfP3eJMv+0Y3/oSCusbl5U1sZmcIW4pWMuzNaGR4WR7k8/f2o7nKg
5EeqEv01lebWgEKtgIodWTxvrBJA13lolZ/3XNM3rasEFrUmivlOyTQlsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHIxVPfoyhul0zNOwXZEfl/PvCGMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvb2NqRlU5LWpLRzZYVE0wN0Jka1ItWDgtOElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQkeAwQA
LViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQA6K52U8si70paWBqEN0P5vJN2h
OpEOTh341kpTS7R/e8D8hmmCbKtTDWAYO/EIELeOAv4L7OQQWD5ay8IOIqQtfwbz
QcBOa0jCDwHzsi85lrvT+G1A2EIB84rZmLTJB6Y1xrQ2uOF8CFK+bK7/29yX9bY6
Es5JKC2ZcfVdT4A7SQ2fPAhomaj4FOnWGO0khCZqSSoSR5rd2DdYyWL0ZUo8bLc3
9kYSoVHhuxOAhBPiJQp/lOXsUd1Uk8jZQo9p46TeW6syOCfv9JgrD9Xsd5tI8XQ5
A4jQbBsPou/KI1tWBM9vW6HwQmKLuqyj5CFKjjBJU5WfrhGkVJcz+uysEGuf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org