Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tLsvRrvRxZ3ojPb1yGiLiX-s2Mk.roa
File: tLsvRrvRxZ3ojPb1yGiLiX-s2Mk.roa (raw, json)
Hash identifier: qsS/I7iD9ENuN2yTHw6qxZjvhe6/y8NZns0gdkgqr9Q=
Subject key identifier: B4:BB:2F:46:BB:D1:C5:9D:E8:8C:F6:F5:C8:68:8B:89:7F:AC:D8:C9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0187B4AFA4BE53106198DB4D85904E20052C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tLsvRrvRxZ3ojPb1yGiLiX-s2Mk.roa
Signing time: Mon 24 Apr 2023 19:13:42 +0000
ROA not before: Mon 24 Apr 2023 19:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 May 2023 09:53:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b4:af:a4:be:53:10:61:98:db:4d:85:90:4e:20:05:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 24 19:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4bb2f46bbd1c59de88cf6f5c8688b897facd8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ef:bf:a1:58:44:49:ff:67:08:9d:b3:3c:33:
64:ba:bc:1e:95:47:e5:b8:21:ce:14:56:78:1a:15:
3d:3c:1f:68:d0:3b:63:8d:f0:a1:65:87:ca:50:c2:
89:6f:b5:ff:67:4c:74:83:9b:2b:c5:11:05:1c:a1:
49:df:4b:58:f1:c1:a4:1e:b3:b9:89:55:bf:4d:8e:
04:cd:a2:a0:3f:c2:6f:bb:ae:92:10:be:86:8b:f2:
54:0b:47:50:f7:41:dd:92:47:d3:fb:fd:9b:b8:4f:
83:9d:81:a6:ff:d4:76:8a:b2:bc:99:d9:0f:1a:6f:
aa:43:dd:b1:be:9c:7d:d2:89:9b:1f:ee:2c:df:61:
e4:ae:04:27:37:45:38:08:75:3c:a6:8e:a3:77:25:
88:6b:50:88:e2:ce:a6:2e:c4:86:64:35:17:b5:b0:
d3:57:4c:f0:58:3b:ab:0a:7c:79:88:1a:7a:1f:ef:
c4:72:f0:40:af:8c:90:96:2e:72:29:dc:a3:ce:6d:
68:fc:40:d1:2b:64:b8:d0:7b:e6:b4:2e:4a:68:68:
82:e9:fb:7d:4f:96:28:f4:c2:09:29:4d:2f:87:51:
f2:2f:69:44:55:23:36:47:56:7a:d4:c9:a1:f6:2f:
52:46:de:68:1b:56:c4:a8:56:c1:71:70:d8:d5:80:
1f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BB:2F:46:BB:D1:C5:9D:E8:8C:F6:F5:C8:68:8B:89:7F:AC:D8:C9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tLsvRrvRxZ3ojPb1yGiLiX-s2Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.138.0/24
45.94.171.0/24
77.83.38.0/23
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:6e:70:10:01:b8:9e:5c:77:e6:ae:36:3c:22:b6:78:dc:7c:
25:85:d4:c1:a0:52:8b:c6:bf:c3:e5:a0:ad:7c:35:e9:23:e0:
40:70:cf:99:9e:b4:ba:0d:04:c9:dd:bc:7a:fe:51:18:d9:71:
17:98:d7:11:c1:8b:9c:8d:69:d1:2f:02:07:96:62:2a:6b:50:
18:93:21:d2:53:c9:cc:d5:63:68:ba:14:f0:1c:87:c6:0d:dc:
69:ee:bb:66:aa:53:d6:bc:2f:fa:99:37:fb:9e:4d:b4:33:c6:
36:40:a6:48:f5:04:d4:2e:1f:f8:f7:eb:5b:c2:1c:86:63:c1:
fc:9e:83:e6:1c:91:58:24:cd:f9:19:9b:70:54:ab:58:96:da:
3a:57:6c:90:66:e8:19:d5:53:56:e9:6b:dc:d7:19:c3:a3:de:
4d:d8:9f:4f:93:fa:c1:ea:ec:ff:4d:99:97:f0:f0:72:08:c4:
b6:92:1e:65:3d:5e:22:bf:89:d9:7a:4b:87:65:fa:7d:27:d3:
d6:0a:a8:4d:f5:5a:9c:13:0b:c0:05:d0:34:80:5f:80:18:27:
72:3d:aa:ca:1f:34:6e:79:45:cb:09:ba:3e:26:fa:31:ed:9f:
d9:9e:e8:23:57:2d:c4:6a:6d:ce:37:ff:52:4e:39:90:f0:70:
c8:7d:ac:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe0r6S+UxBhmNtNhZBOIAUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNDI0MTkxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJiMmY0NmJiZDFjNTlkZTg4Y2Y2ZjVjODY4OGI4OTdmYWNkOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse+/oVhESf9nCJ2zPDNkurwelUfl
uCHOFFZ4GhU9PB9o0DtjjfChZYfKUMKJb7X/Z0x0g5srxREFHKFJ30tY8cGkHrO5
iVW/TY4EzaKgP8Jvu66SEL6Gi/JUC0dQ90HdkkfT+/2buE+DnYGm/9R2irK8mdkP
Gm+qQ92xvpx90ombH+4s32HkrgQnN0U4CHU8po6jdyWIa1CI4s6mLsSGZDUXtbDT
V0zwWDurCnx5iBp6H+/EcvBAr4yQli5yKdyjzm1o/EDRK2S40HvmtC5KaGiC6ft9
T5Yo9MIJKU0vh1HyL2lEVSM2R1Z61Mmh9i9SRt5oG1bEqFbBcXDY1YAfHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLS7L0a70cWd6Iz29choi4l/rNjJMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdExzdlJydlJ4WjNvalBiMXlHaUxpWC1zMk1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALViKAwQA
LV6rAwQBTVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQAfbnAQAbieXHfmrjY8
IrZ43HwlhdTBoFKLxr/D5aCtfDXpI+BAcM+ZnrS6DQTJ3bx6/lEY2XEXmNcRwYuc
jWnRLwIHlmIqa1AYkyHSU8nM1WNouhTwHIfGDdxp7rtmqlPWvC/6mTf7nk20M8Y2
QKZI9QTULh/49+tbwhyGY8H8noPmHJFYJM35GZtwVKtYlto6V2yQZugZ1VNW6Wvc
1xnDo95N2J9Pk/rB6uz/TZmX8PByCMS2kh5lPV4iv4nZekuHZfp9J9PWCqhN9Vqc
EwvABdA0gF+AGCdyParKHzRueUXLCbo+Jvox7Z/ZnugjVy3Eam3ON/9STjmQ8HDI
faxY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org