Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZi8XThTLjdTfKVkf0vNNQ_ZHwc.roa
File: vZi8XThTLjdTfKVkf0vNNQ_ZHwc.roa (raw, json)
Hash identifier: CJj7eT6iAvETt/BiBLW7CYBwUaXesMmoi/6/H5tc0AY=
Subject key identifier: BD:98:BC:5D:38:53:2E:37:53:7C:A5:64:7F:4B:CD:35:0F:D9:1F:07
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F3FA4636D7F81F5D3666BA1560999
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZi8XThTLjdTfKVkf0vNNQ_ZHwc.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
193.57.41.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 14:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:3f:a4:63:6d:7f:81:f5:d3:66:6b:a1:56:09:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd98bc5d38532e37537ca5647f4bcd350fd91f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:52:aa:e9:4d:0a:0a:f6:be:ea:62:c5:0f:
5a:ac:e4:53:6d:48:3f:74:3e:db:b9:7b:b2:ad:48:
98:b4:45:66:53:46:57:84:4e:08:a9:5d:2e:22:9b:
94:4f:af:8a:d3:89:ad:4a:24:12:0a:79:d3:8f:41:
56:17:01:d2:32:6f:10:08:81:87:c1:03:dd:ee:09:
c0:d8:f1:e8:9d:1c:e1:00:b3:87:99:a9:aa:51:fe:
53:56:14:00:4a:3f:26:d0:37:0f:92:06:3a:fc:cb:
ca:1e:13:41:d7:82:65:a9:4e:a6:e1:6c:10:a0:96:
a0:33:0b:4f:b6:e3:a6:d3:38:01:17:63:e0:65:18:
fc:94:c6:06:9e:68:23:8e:22:5c:ba:de:39:b2:86:
29:6f:14:52:d8:ae:0e:e3:95:0c:04:da:b5:f4:9c:
87:b4:87:7b:16:d3:ec:dc:eb:e6:e6:51:f1:27:08:
33:af:a5:b5:80:c2:cb:bb:63:d1:72:da:2a:c8:eb:
be:6c:b9:24:3c:1a:99:0d:1b:b9:79:8d:b6:72:25:
ae:27:17:74:b3:ea:aa:c9:52:ff:b3:06:c1:89:99:
fb:25:ae:c6:bd:dc:7c:7a:8b:a6:96:f1:d6:8a:8a:
66:b6:df:0d:63:75:4d:e5:30:ed:fa:14:91:42:a8:
b0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:98:BC:5D:38:53:2E:37:53:7C:A5:64:7F:4B:CD:35:0F:D9:1F:07
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/vZi8XThTLjdTfKVkf0vNNQ_ZHwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.115.0/24
45.88.139.0/24
45.94.170.0/23
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
08:a0:34:f7:84:25:37:ac:ed:70:56:40:d9:a2:81:85:c7:d3:
0e:8a:ce:54:9d:cc:fb:5f:fc:6d:1d:94:a4:2b:31:6a:a1:54:
76:e8:0c:49:e7:87:2a:86:44:73:5f:3d:21:55:27:10:eb:d4:
7e:c6:58:41:b0:70:fb:4b:85:d4:ee:7d:41:c1:21:58:be:2c:
6e:e2:fa:3a:93:ac:92:f7:2c:3e:e0:52:77:4a:2e:10:9e:02:
d4:eb:75:74:72:2b:76:11:20:fe:c8:30:77:69:b7:5e:25:ce:
bd:39:35:88:51:30:2d:d6:46:8c:37:68:01:fb:45:c9:d0:62:
13:07:bc:15:24:0a:1d:4d:c8:2e:e6:35:69:be:fd:a5:d5:a9:
95:50:ad:e7:d5:ee:5f:d1:3d:57:f9:7c:30:2e:3c:93:10:d8:
f0:24:d9:1a:b9:e9:35:15:af:32:ca:b9:86:b8:34:bb:21:7e:
aa:ee:97:e0:03:7d:56:b1:15:72:c1:62:97:65:5f:5a:32:59:
e5:fa:a5:59:8e:9c:11:5c:60:6d:8f:90:a4:ca:39:d9:c1:16:
75:40:29:f0:08:d7:3f:04:83:2b:64:54:be:a2:a9:6d:0f:80:
67:6b:79:f4:81:02:f4:f4:7d:51:93:04:f4:64:7e:9c:3a:59:
b8:35:1c:a0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIbz+kY21/gfXTZmuhVgmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk4YmM1ZDM4NTMyZTM3NTM3Y2E1NjQ3ZjRiY2QzNTBmZDkxZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBZSqulNCgr2vupixQ9arORTbUg/
dD7buXuyrUiYtEVmU0ZXhE4IqV0uIpuUT6+K04mtSiQSCnnTj0FWFwHSMm8QCIGH
wQPd7gnA2PHonRzhALOHmamqUf5TVhQASj8m0DcPkgY6/MvKHhNB14JlqU6m4WwQ
oJagMwtPtuOm0zgBF2PgZRj8lMYGnmgjjiJcut45soYpbxRS2K4O45UMBNq19JyH
tId7FtPs3Ovm5lHxJwgzr6W1gMLLu2PRctoqyOu+bLkkPBqZDRu5eY22ciWuJxd0
s+qqyVL/swbBiZn7Ja7Gvdx8eoumlvHWiopmtt8NY3VN5TDt+hSRQqiwHQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL2YvF04Uy43U3ylZH9LzTUP2R8HMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdlppOFhUaFRMamRUZktWa2Ywdk5OUV9aSHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVFzAwQA
LViLAwQBLV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQAIoDT3hCU3rO1wVkDZooGFx9MOis5Uncz7X/xtHZSkKzFqoVR2
6AxJ54cqhkRzXz0hVScQ69R+xlhBsHD7S4XU7n1BwSFYvixu4vo6k6yS9yw+4FJ3
Si4QngLU63V0cit2ESD+yDB3abdeJc69OTWIUTAt1kaMN2gB+0XJ0GITB7wVJAod
Tcgu5jVpvv2l1amVUK3n1e5f0T1X+XwwLjyTENjwJNkauek1Fa8yyrmGuDS7IX6q
7pfgA31WsRVywWKXZV9aMlnl+qVZjpwRXGBtj5CkyjnZwRZ1QCnwCNc/BIMrZFS+
oqltD4Bna3n0gQL09H1RkwT0ZH6cOlm4NRyg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org