Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/9Xk0V6YFaOjQPi_VTL78FVcougE.roa
File: 9Xk0V6YFaOjQPi_VTL78FVcougE.roa (raw, json)
Hash identifier: nDpcK4BRsENcbTWmgydUCsg2nzd4bAFP99SsW3WW1fw=
Subject key identifier: F5:79:34:57:A6:05:68:E8:D0:3E:2F:D5:4C:BE:FC:15:57:28:BA:01
Certificate issuer: /CN=a28815e43926af7eb961de7b703aed6328953e30
Certificate serial: 018DE4FC01EFC11B93E7179A0BE8F4C1E812
Authority key identifier: A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/9Xk0V6YFaOjQPi_VTL78FVcougE.roa
Signing time: Mon 26 Feb 2024 10:35:37 +0000
ROA not before: Mon 26 Feb 2024 10:35:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 45.15.204.0/22 maxlen: 22
85.208.216.0/22 maxlen: 22
91.212.236.0/24 maxlen: 24
91.229.136.0/24 maxlen: 24
94.158.180.0/22 maxlen: 22
94.158.183.0/24 maxlen: 24
109.197.240.0/21 maxlen: 21
185.31.148.0/22 maxlen: 22
185.39.168.0/22 maxlen: 22
185.181.4.0/22 maxlen: 22
185.218.212.0/22 maxlen: 22
195.90.116.0/22 maxlen: 22
195.190.27.0/24 maxlen: 24
2a00:ba60::/31 maxlen: 31
2a00:ba60::/32 maxlen: 32
2a00:ba61::/32 maxlen: 32
2a00:ba62::/32 maxlen: 32
2a00:ba67::/32 maxlen: 32
2a09:8c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:fc:01:ef:c1:1b:93:e7:17:9a:0b:e8:f4:c1:e8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a28815e43926af7eb961de7b703aed6328953e30
Validity
Not Before: Feb 26 10:35:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5793457a60568e8d03e2fd54cbefc155728ba01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:68:be:7d:f9:3d:05:37:3d:f4:ee:62:aa:81:
06:89:95:b9:d4:26:fe:7c:17:2a:7a:9d:b3:c3:32:
89:d3:97:58:44:df:be:fe:ca:61:57:6b:98:65:c5:
63:7c:f2:88:c7:af:2a:dc:f1:74:d7:be:fd:18:f9:
bc:45:86:a6:48:87:bc:ee:1e:54:9c:a0:0c:18:59:
f6:b1:8a:4a:b4:70:73:79:99:12:e9:86:96:85:db:
a3:8d:67:65:5c:57:4f:c2:36:3e:2d:63:f4:5e:43:
a7:d2:73:fc:6f:a0:21:21:c5:ea:b3:15:2b:d4:f8:
13:b0:b7:9b:69:98:18:9c:a9:f6:c7:bc:60:9a:44:
2b:f4:1b:53:8c:39:6f:66:5e:5a:6a:9a:ff:da:64:
7f:0d:6e:f0:45:c4:b8:85:48:a0:e9:a1:d5:57:95:
20:f6:f5:e6:82:50:e8:5c:dc:87:f0:5d:be:ac:07:
35:24:27:c3:89:07:68:c7:6b:d3:7a:7d:0c:44:b5:
ef:ae:47:c7:9c:f9:d5:ae:84:5c:68:7f:81:4b:b6:
49:b2:20:80:51:a1:16:05:ec:f7:7e:30:0c:79:09:
1c:c9:7e:1f:78:04:0c:e6:e2:ed:24:0e:90:ee:8f:
6b:75:bc:cb:83:70:83:52:05:05:21:2d:2a:c1:d4:
52:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:79:34:57:A6:05:68:E8:D0:3E:2F:D5:4C:BE:FC:15:57:28:BA:01
X509v3 Authority Key Identifier:
keyid:A2:88:15:E4:39:26:AF:7E:B9:61:DE:7B:70:3A:ED:63:28:95:3E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oogV5Dkmr365Yd57cDrtYyiVPjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/9Xk0V6YFaOjQPi_VTL78FVcougE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/67703c-0ef9-465e-8a5a-314f729fa595/1/oogV5Dkmr365Yd57cDrtYyiVPjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.204.0/22
85.208.216.0/22
91.212.236.0/24
91.229.136.0/24
94.158.180.0/22
109.197.240.0/21
185.31.148.0/22
185.39.168.0/22
185.181.4.0/22
185.218.212.0/22
195.90.116.0/22
195.190.27.0/24
IPv6:
2a00:ba60::-2a00:ba62:ffff:ffff:ffff:ffff:ffff:ffff
2a00:ba67::/32
2a09:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:fc:e6:47:ca:1d:b3:98:86:56:01:71:60:05:b1:5e:04:0f:
f2:7d:d2:b2:60:f0:ca:1d:c1:50:27:64:11:5a:6f:e7:28:58:
0c:3a:64:5f:2e:2e:1a:a8:c7:c6:c3:10:28:fa:43:ce:e1:24:
10:e3:56:54:82:56:cf:3d:91:c8:74:c7:8e:6a:2e:d5:d5:1c:
5d:82:71:29:a4:7b:3e:77:6e:ad:5c:cd:3b:aa:6f:4b:f0:83:
f8:fb:b2:e5:58:9d:20:be:1a:df:80:e7:bb:a5:d8:f9:0c:95:
c9:6b:bd:eb:95:95:b6:ce:ec:76:b1:5a:2f:9b:57:a5:c0:4d:
13:48:0b:4f:38:1d:34:83:a6:62:67:de:f5:c7:c3:eb:d1:02:
c6:a9:72:8c:0b:d5:6e:38:01:6c:20:31:b1:40:fd:df:2f:a0:
df:c6:63:79:7a:0e:51:e1:7b:c4:0f:60:71:5b:72:c0:e3:48:
ca:60:cc:24:ad:35:6c:e7:37:73:7a:ef:4f:53:c7:f5:dc:7b:
8e:5e:9a:e2:52:cf:b8:ef:f7:63:81:05:6d:5b:57:c7:b7:e2:
69:79:af:05:07:29:cd:8b:e6:50:62:fe:df:b0:00:61:6f:90:
69:6c:76:9b:98:0f:f4:d3:83:5e:ca:f5:6d:f1:9d:b9:01:b9:
ce:3c:58:cf
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY3k/AHvwRuT5xeaC+j0wegSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODgxNWU0MzkyNmFmN2ViOTYxZGU3YjcwM2FlZDYzMjg5
NTNlMzAwHhcNMjQwMjI2MTAzNTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc5MzQ1N2E2MDU2OGU4ZDAzZTJmZDU0Y2JlZmMxNTU3MjhiYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gi+ffk9BTc99O5iqoEGiZW51Cb+
fBcqep2zwzKJ05dYRN++/sphV2uYZcVjfPKIx68q3PF01779GPm8RYamSIe87h5U
nKAMGFn2sYpKtHBzeZkS6YaWhdujjWdlXFdPwjY+LWP0XkOn0nP8b6AhIcXqsxUr
1PgTsLebaZgYnKn2x7xgmkQr9BtTjDlvZl5aapr/2mR/DW7wRcS4hUig6aHVV5Ug
9vXmglDoXNyH8F2+rAc1JCfDiQdox2vTen0MRLXvrkfHnPnVroRcaH+BS7ZJsiCA
UaEWBez3fjAMeQkcyX4feAQM5uLtJA6Q7o9rdbzLg3CDUgUFIS0qwdRSXwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPV5NFemBWjo0D4v1Uy+/BVXKLoBMB8GA1UdIwQY
MBaAFKKIFeQ5Jq9+uWHee3A67WMolT4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEt
MzE0ZjcyOWZhNTk1LzEvOVhrMFY2WUZhT2pRUGlfVlRMNzhGVmNvdWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS82NzcwM2MtMGVmOS00NjVlLThhNWEtMzE0ZjcyOWZhNTk1
LzEvb29nVjVEa21yMzY1WWQ1N2NEcnRZeWlWUGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwTgQCAAEwSAMEAi0PzAME
AlXQ2AMEAFvU7AMEAFvliAMEAl6etAMEA23F8AMEArkflAMEArknqAMEArm1BAME
Arna1AMEAsNadAMEAMO+GzAkBAIAAjAeMA4DBQUqALpgAwUAKgC6YgMFACoAumcD
BQMqCYxAMA0GCSqGSIb3DQEBCwUAA4IBAQA+/OZHyh2zmIZWAXFgBbFeBA/yfdKy
YPDKHcFQJ2QRWm/nKFgMOmRfLi4aqMfGwxAo+kPO4SQQ41ZUglbPPZHIdMeOai7V
1RxdgnEppHs+d26tXM07qm9L8IP4+7LlWJ0gvhrfgOe7pdj5DJXJa73rlZW2zux2
sVovm1elwE0TSAtPOB00g6ZiZ971x8Pr0QLGqXKMC9VuOAFsIDGxQP3fL6DfxmN5
eg5R4XvED2BxW3LA40jKYMwkrTVs5zdzeu9PU8f13HuOXpriUs+47/djgQVtW1fH
t+Jpea8FBynNi+ZQYv7fsABhb5BpbHabmA/004NeyvVt8Z25AbnOPFjP
-----END CERTIFICATE-----
Generated at Mon Feb 26 17:25:42 2024 by rpki-client on console-fra.rpki-client.org