Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa
File: tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa (raw, json)
Hash identifier: zc6Rzls1473pgf6uWjkSxLk18fhhCx7IhymLtLuXvg8=
Subject key identifier: B4:1D:AE:AC:14:16:B4:79:82:66:D5:1C:D9:95:C2:FF:50:A9:80:98
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CF946925A9E9BC70701AC4CA15CD3A948
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa
Signing time: Thu 11 Jan 2024 16:06:40 +0000
ROA not before: Thu 11 Jan 2024 16:06:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 06:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:46:92:5a:9e:9b:c7:07:01:ac:4c:a1:5c:d3:a9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 11 16:06:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b41daeac1416b4798266d51cd995c2ff50a98098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4e:f8:3b:59:92:8e:98:65:9e:32:42:ae:77:
ad:00:0c:33:08:8b:cb:02:46:20:6e:be:23:de:31:
a6:e1:fa:92:9f:b4:21:f6:03:21:52:d1:6d:43:6a:
30:24:73:5f:94:e8:d1:cf:01:58:69:3a:33:8c:26:
ff:c2:ad:ed:1a:61:22:4e:e4:f2:8c:28:46:2f:4e:
b5:4c:88:7f:02:88:6a:61:05:6d:29:52:45:a6:0e:
ec:df:ac:aa:bd:08:7e:24:25:11:81:a0:47:d0:30:
88:31:17:12:ab:fe:74:42:de:74:fb:8a:28:c1:4d:
e2:44:33:89:19:ab:70:15:37:ac:85:4f:79:c7:35:
89:a1:50:cd:75:0c:24:bc:37:69:64:11:ea:53:ed:
68:79:7b:c4:0e:c8:22:7a:c5:ab:f4:86:df:17:f4:
57:2c:41:ff:46:0c:a1:07:86:68:9b:74:be:72:0f:
14:d3:03:52:95:e0:e5:21:a1:ca:93:27:64:21:9f:
b8:20:16:9c:75:d0:dd:40:dd:a0:66:28:1f:3c:0b:
3e:34:cc:59:d2:c0:cb:8a:16:cc:19:06:8c:ba:fd:
8a:f6:9f:f4:97:26:a9:72:f5:52:33:bf:0f:1b:8f:
31:8b:29:c0:49:13:6d:96:47:92:ae:34:b4:eb:a5:
83:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1D:AE:AC:14:16:B4:79:82:66:D5:1C:D9:95:C2:FF:50:A9:80:98
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tB2urBQWtHmCZtUc2ZXC_1CpgJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.139.0/24
45.94.171.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:cd:c9:70:40:71:c7:d2:1d:5a:2e:e6:58:9c:93:c5:11:16:
bf:57:68:2d:ef:56:0c:ac:ed:b4:d2:45:2a:e2:d0:6e:a1:79:
73:eb:3f:aa:34:21:78:6e:b7:e7:1f:49:34:84:fa:2b:97:bf:
a8:45:af:1d:87:4c:1c:69:7d:62:ae:07:86:33:e7:1f:54:6e:
6e:4b:7f:52:4b:c7:5f:dd:54:59:b5:5b:8b:41:77:28:9d:f3:
d2:a1:bf:25:4f:32:ea:ca:3b:36:6c:41:03:54:8b:1d:46:6a:
85:40:4f:3e:a2:bb:c1:b1:2f:79:a8:15:06:a5:d7:21:0b:63:
3c:da:6c:fa:1e:10:50:83:4f:f2:d6:ad:7f:fc:7a:77:be:01:
ea:80:c6:50:ca:68:df:4b:c1:81:9a:06:0c:df:3c:78:3c:88:
24:60:96:e1:3e:30:18:19:4a:b9:25:1b:bf:ab:96:90:6d:61:
e9:6a:5c:54:0d:2e:f2:bd:10:43:29:09:4e:50:81:72:fd:36:
71:3f:63:a3:72:7c:16:26:8e:81:87:f2:2b:ff:de:a3:dc:e2:
71:9f:7e:d1:a8:c5:89:7c:67:35:01:7a:d3:b7:ed:e6:ba:16:
c7:55:c8:20:65:57:6b:7e:87:c6:f2:b3:33:36:2e:9b:4e:ef:
22:d1:ce:6d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYz5RpJanpvHBwGsTKFc06lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTExMTYwNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFkYWVhYzE0MTZiNDc5ODI2NmQ1MWNkOTk1YzJmZjUwYTk4MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok74O1mSjphlnjJCrnetAAwzCIvL
AkYgbr4j3jGm4fqSn7Qh9gMhUtFtQ2owJHNflOjRzwFYaTozjCb/wq3tGmEiTuTy
jChGL061TIh/AohqYQVtKVJFpg7s36yqvQh+JCURgaBH0DCIMRcSq/50Qt50+4oo
wU3iRDOJGatwFTeshU95xzWJoVDNdQwkvDdpZBHqU+1oeXvEDsgiesWr9IbfF/RX
LEH/RgyhB4Zom3S+cg8U0wNSleDlIaHKkydkIZ+4IBacddDdQN2gZigfPAs+NMxZ
0sDLihbMGQaMuv2K9p/0lyapcvVSM78PG48xiynASRNtlkeSrjS066WDqwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLQdrqwUFrR5gmbVHNmVwv9QqYCYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdEIydXJCUVd0SG1DWnRVYzJaWENfMUNwZ0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALViLAwQA
LV6rAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3DQEBCwUA
A4IBAQCrzclwQHHH0h1aLuZYnJPFERa/V2gt71YMrO200kUq4tBuoXlz6z+qNCF4
brfnH0k0hPorl7+oRa8dh0wcaX1irgeGM+cfVG5uS39SS8df3VRZtVuLQXconfPS
ob8lTzLqyjs2bEEDVIsdRmqFQE8+orvBsS95qBUGpdchC2M82mz6HhBQg0/y1q1/
/Hp3vgHqgMZQymjfS8GBmgYM3zx4PIgkYJbhPjAYGUq5JRu/q5aQbWHpalxUDS7y
vRBDKQlOUIFy/TZxP2OjcnwWJo6Bh/Ir/96j3OJxn37RqMWJfGc1AXrTt+3muhbH
VcggZVdrfofG8rMzNi6bTu8i0c5t
-----END CERTIFICATE-----
Generated at Fri Jan 12 08:02:23 2024 by rpki-client on console-ams.rpki-client.org