Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rvacTFCKbNOtYPqH_h6PuH5TMNk.roa
File: rvacTFCKbNOtYPqH_h6PuH5TMNk.roa (raw, json)
Hash identifier: ODzvfhcDhbS7jrCs+M+FwmLfuM9WG9Ihjr51cOWj8SA=
Subject key identifier: AE:F6:9C:4C:50:8A:6C:D3:AD:60:FA:87:FE:1E:8F:B8:7E:53:30:D9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0185776CD0AADAA9FD0CB2F2825BD25695E8
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rvacTFCKbNOtYPqH_h6PuH5TMNk.roa
Signing time: Tue 03 Jan 2023 11:38:18 +0000
ROA not before: Tue 03 Jan 2023 11:38:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
45.94.169.0/24 maxlen: 24
45.94.168.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jan 2023 10:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:6c:d0:aa:da:a9:fd:0c:b2:f2:82:5b:d2:56:95:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 3 11:38:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aef69c4c508a6cd3ad60fa87fe1e8fb87e5330d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7d:7a:c5:64:3f:7d:b5:03:18:0e:bc:73:70:
dc:58:9a:4c:66:55:7c:e4:fd:f7:8a:48:3b:97:e4:
9c:e8:be:dc:7f:1e:b7:48:bb:a1:bf:b7:53:e7:1a:
fc:3c:ab:5d:c6:13:c7:01:52:d0:0d:2d:f8:8a:ce:
7e:f5:32:18:1c:1c:03:e8:c6:61:df:17:93:73:fc:
34:bf:e2:78:de:ad:45:58:7f:28:16:ef:0b:b2:7f:
f4:28:b1:84:c8:99:4a:d9:32:f9:5b:49:e9:7f:f0:
d3:35:87:d2:0a:4a:53:e0:bf:4f:7f:ae:12:e5:10:
61:cf:fd:a5:c9:2b:23:20:e0:68:02:d0:2a:bd:2e:
97:13:d5:02:ca:87:69:70:2e:c6:e0:c3:30:5b:fb:
10:dd:8d:f9:2f:8c:60:da:25:01:6f:ac:18:c7:83:
11:6f:4f:bb:ae:47:63:54:2d:6e:eb:13:e4:29:c2:
b8:83:cf:72:a4:f3:25:83:e5:ea:6c:23:b6:e4:c8:
69:85:6b:3e:7e:1c:db:7e:4d:4b:e2:d3:fb:a0:a5:
9d:a9:51:4c:8f:aa:8a:dd:ef:89:b0:48:92:5a:10:
77:d0:78:3e:9e:ed:e7:1c:7d:34:a2:b4:45:ee:21:
58:ad:d2:b9:c7:b9:75:3e:e0:4f:60:6c:d0:0f:c4:
f2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F6:9C:4C:50:8A:6C:D3:AD:60:FA:87:FE:1E:8F:B8:7E:53:30:D9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rvacTFCKbNOtYPqH_h6PuH5TMNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
45.94.168.0/22
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:e4:42:5b:12:d1:a9:c8:bb:f8:1b:0c:46:90:0f:0a:b0:6b:
90:3c:48:2e:73:48:9d:df:15:9c:6e:14:7b:f6:9b:09:d9:d5:
82:d8:b3:a1:b1:b0:4c:eb:df:a9:80:5a:0c:18:c5:b2:c4:ba:
ed:f2:ee:1a:7e:98:c1:c2:af:82:da:b5:b3:05:34:86:bd:eb:
dc:57:52:d8:ec:7a:36:0d:b0:ea:9d:0c:2b:d9:5f:35:c7:7e:
79:f2:f7:cd:85:00:44:f9:4a:cb:65:bc:bd:00:cd:77:da:bf:
1e:92:6f:9d:87:38:18:06:5b:f1:d9:b9:04:65:d9:c1:1e:bd:
26:2a:7c:69:f4:27:34:61:d3:12:91:cd:f0:25:f4:dc:66:4d:
29:c6:7e:ca:a9:5c:5c:db:7d:84:a3:b2:1d:c5:98:61:60:26:
f6:45:09:c1:84:54:e7:f3:43:24:11:e5:b2:74:0f:6a:fe:39:
90:76:3d:90:60:63:32:6c:ba:55:7d:d9:5c:27:ad:04:06:24:
bc:60:16:e6:d6:ad:4f:67:6b:28:3d:c6:07:9a:84:59:4e:70:
50:bf:13:2b:3a:ee:2e:97:ed:c3:76:07:d9:ca:92:5a:0a:f1:
12:5d:30:11:0d:e6:d1:df:3c:e8:de:b3:f1:ff:40:01:65:96:
bc:5d:98:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYV3bNCq2qn9DLLyglvSVpXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAzMTEzODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWY2OWM0YzUwOGE2Y2QzYWQ2MGZhODdmZTFlOGZiODdlNTMzMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4316xWQ/fbUDGA68c3DcWJpMZlV8
5P33ikg7l+Sc6L7cfx63SLuhv7dT5xr8PKtdxhPHAVLQDS34is5+9TIYHBwD6MZh
3xeTc/w0v+J43q1FWH8oFu8Lsn/0KLGEyJlK2TL5W0npf/DTNYfSCkpT4L9Pf64S
5RBhz/2lySsjIOBoAtAqvS6XE9UCyodpcC7G4MMwW/sQ3Y35L4xg2iUBb6wYx4MR
b0+7rkdjVC1u6xPkKcK4g89ypPMlg+XqbCO25MhphWs+fhzbfk1L4tP7oKWdqVFM
j6qK3e+JsEiSWhB30Hg+nu3nHH00orRF7iFYrdK5x7l1PuBPYGzQD8TywQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK72nExQimzTrWD6h/4ej7h+UzDZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcnZhY1RGQ0tiTk90WVBxSF9oNlB1SDVUTU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ28AwQC
LV6oAwQATVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQBd5EJbEtGpyLv4GwxG
kA8KsGuQPEguc0id3xWcbhR79psJ2dWC2LOhsbBM69+pgFoMGMWyxLrt8u4afpjB
wq+C2rWzBTSGvevcV1LY7Ho2DbDqnQwr2V81x3558vfNhQBE+UrLZby9AM132r8e
km+dhzgYBlvx2bkEZdnBHr0mKnxp9Cc0YdMSkc3wJfTcZk0pxn7KqVxc232Eo7Id
xZhhYCb2RQnBhFTn80MkEeWydA9q/jmQdj2QYGMybLpVfdlcJ60EBiS8YBbm1q1P
Z2soPcYHmoRZTnBQvxMrOu4ul+3DdgfZypJaCvESXTARDebR3zzo3rPx/0ABZZa8
XZiE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org