Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yHDyoJqupdp44rIROb4V0bEy-c4.roa
File: yHDyoJqupdp44rIROb4V0bEy-c4.roa (raw, json)
Hash identifier: 0Ae1BIACw+k+Zjc/WoYLoEVH/0oVpYks62vpluMmun8=
Subject key identifier: C8:70:F2:A0:9A:AE:A5:DA:78:E2:B2:11:39:BE:15:D1:B1:32:F9:CE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CCFD937C95D799EF30F38D583C3BCBE2E
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yHDyoJqupdp44rIROb4V0bEy-c4.roa
Signing time: Wed 03 Jan 2024 15:02:48 +0000
ROA not before: Wed 03 Jan 2024 15:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 45.151.2.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 11:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:d9:37:c9:5d:79:9e:f3:0f:38:d5:83:c3:bc:be:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 3 15:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c870f2a09aaea5da78e2b21139be15d1b132f9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:be:29:96:33:92:0d:61:6a:c8:54:6b:03:
28:b9:77:2c:00:10:ed:4a:ae:30:e2:db:3a:e4:f8:
3f:53:51:40:25:de:37:98:22:21:f5:4a:6d:66:fc:
5a:d7:73:63:d3:3f:38:61:cd:ad:a1:b3:a2:b9:61:
8f:5c:47:be:12:44:7c:c7:41:56:df:f8:c1:54:49:
07:4c:18:bd:8e:7a:c5:0c:56:23:d8:d5:cb:e9:bc:
0e:b2:eb:b6:34:8e:e0:2c:90:15:71:ae:65:57:d4:
cc:8c:34:e6:46:43:d9:06:81:0f:ca:7a:7b:89:13:
4c:97:8f:8d:1a:40:f0:f0:a9:b1:07:bb:b7:b2:f7:
2d:55:38:99:03:d6:0e:c9:23:1c:bf:ba:fc:34:cf:
7e:64:7a:22:7a:d0:51:91:9f:8b:e4:da:28:6a:ce:
2c:1c:a7:46:d0:b0:5d:d2:67:a1:40:a0:68:f0:6a:
6a:1f:5b:2d:e8:cf:00:49:b8:bb:73:5d:03:fe:7c:
2f:d5:ac:7f:79:fc:d0:49:34:8b:b2:a3:a7:c0:af:
80:c9:d4:20:a7:a8:d5:de:8f:e6:09:9d:54:08:5b:
8f:5f:ec:8a:35:43:fe:02:5c:37:79:0b:8c:d6:b2:
ec:f6:20:a2:cc:c5:9d:4d:67:6d:cd:b8:3d:f4:f9:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:70:F2:A0:9A:AE:A5:DA:78:E2:B2:11:39:BE:15:D1:B1:32:F9:CE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yHDyoJqupdp44rIROb4V0bEy-c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.112.0/24
45.88.138.0/24
45.144.214.0/24
45.151.2.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f9:89:b8:d4:cb:5b:56:be:ff:62:ab:73:87:77:8d:5e:53:
cc:75:59:da:59:53:e0:76:60:a8:7d:3a:d1:97:ed:1f:17:82:
7c:3d:30:a8:a7:83:a3:e7:91:d3:f2:8c:1b:a4:51:67:41:c9:
7d:fc:2d:c1:51:07:17:10:42:b6:f6:e7:81:43:e6:e0:23:46:
4e:03:31:e2:04:34:0d:b6:60:a7:40:3d:98:68:a1:ef:e3:85:
0e:bd:45:ad:72:77:a0:99:d5:95:d8:21:b7:e1:ca:be:15:54:
37:05:a4:3d:63:d6:f6:ce:d6:78:b7:7a:e5:8b:67:07:fd:ec:
db:55:ab:9e:43:9f:70:0a:2a:31:4f:0e:8e:87:84:dc:2d:6f:
45:7b:41:5d:65:b3:aa:4a:5c:da:86:19:4b:8d:0d:21:ce:83:
a8:50:6d:48:c1:9a:23:a4:e1:3c:af:82:31:43:4a:88:74:40:
fd:1e:29:23:c4:b7:d9:21:7b:af:00:1b:78:f3:a4:4b:16:4c:
55:a7:3c:1a:2d:68:44:10:15:31:de:bf:97:bf:dd:49:74:09:
81:72:fc:a9:f5:61:91:fa:49:f3:f7:8f:b8:03:d5:46:dd:fe:
ee:d9:36:a8:85:f3:82:e7:09:70:fc:6f:62:d0:4b:a2:4e:90:
27:cf:71:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzP2TfJXXme8w841YPDvL4uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAzMTUwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODcwZjJhMDlhYWVhNWRhNzhlMmIyMTEzOWJlMTVkMWIxMzJmOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGW+KZYzkg1hashUawMouXcsABDt
Sq4w4ts65Pg/U1FAJd43mCIh9UptZvxa13Nj0z84Yc2tobOiuWGPXEe+EkR8x0FW
3/jBVEkHTBi9jnrFDFYj2NXL6bwOsuu2NI7gLJAVca5lV9TMjDTmRkPZBoEPynp7
iRNMl4+NGkDw8KmxB7u3svctVTiZA9YOySMcv7r8NM9+ZHoietBRkZ+L5Nooas4s
HKdG0LBd0mehQKBo8GpqH1st6M8ASbi7c10D/nwv1ax/efzQSTSLsqOnwK+AydQg
p6jV3o/mCZ1UCFuPX+yKNUP+Alw3eQuM1rLs9iCizMWdTWdtzbg99PmulwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMhw8qCarqXaeOKyETm+FdGxMvnOMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveUhEeW9KcXVwZHA0NHJJUk9iNFYwYkV5LWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVFwAwQA
LViKAwQALZDWAwQALZcCAwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQAI+Ym41Mtb
Vr7/Yqtzh3eNXlPMdVnaWVPgdmCofTrRl+0fF4J8PTCop4Oj55HT8owbpFFnQcl9
/C3BUQcXEEK29ueBQ+bgI0ZOAzHiBDQNtmCnQD2YaKHv44UOvUWtcnegmdWV2CG3
4cq+FVQ3BaQ9Y9b2ztZ4t3rli2cH/ezbVaueQ59wCioxTw6Oh4TcLW9Fe0FdZbOq
SlzahhlLjQ0hzoOoUG1IwZojpOE8r4IxQ0qIdED9HikjxLfZIXuvABt486RLFkxV
pzwaLWhEEBUx3r+Xv91JdAmBcvyp9WGR+knz94+4A9VG3f7u2TaohfOC5wlw/G9i
0EuiTpAnz3EC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org