Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/uznshsNZoewP3GwCWf48pv-VvP0.roa
File: uznshsNZoewP3GwCWf48pv-VvP0.roa (raw, json)
Hash identifier: LsaJzheoJcE4lMF8PGPn6rJJG+vwhFvWPep/rB4RgAo=
Subject key identifier: BB:39:EC:86:C3:59:A1:EC:0F:DC:6C:02:59:FE:3C:A6:FF:95:BC:FD
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 018871FAF46F6E5592D3C0EB73F339B99FA1
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/uznshsNZoewP3GwCWf48pv-VvP0.roa
Signing time: Wed 31 May 2023 13:24:11 +0000
ROA not before: Wed 31 May 2023 13:24:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203501
IP address blocks: 45.91.44.0/22 maxlen: 24
45.91.45.0/24 maxlen: 24
194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.199.0/24 maxlen: 24
45.87.198.0/24 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Aug 2023 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:fa:f4:6f:6e:55:92:d3:c0:eb:73:f3:39:b9:9f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: May 31 13:24:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb39ec86c359a1ec0fdc6c0259fe3ca6ff95bcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:30:e1:cb:44:94:18:cd:33:f4:5d:2b:a7:
3a:21:46:24:51:9b:d5:60:f0:8c:04:36:0c:ec:a0:
24:80:71:0d:88:eb:c5:5b:25:a1:ee:df:cd:41:52:
9b:3f:9d:81:64:ba:62:c8:3d:52:16:9e:4d:f3:a3:
2a:f7:b6:0d:47:ee:e0:29:a8:61:09:2a:e8:a4:37:
8c:df:dd:7e:31:4d:2a:4e:c7:bc:8b:43:0d:33:2e:
d1:2d:42:35:49:5d:1b:33:e0:32:ce:16:da:54:40:
55:ce:a1:84:8f:50:ed:20:c8:72:76:e2:6d:a8:6d:
73:16:13:52:0e:60:76:70:11:e8:a4:9e:8e:bf:6b:
1e:03:82:93:e4:2b:4d:67:d2:3b:d4:99:5c:0f:cf:
3c:c6:e1:e0:52:d9:f1:24:65:40:ea:9a:1a:55:31:
56:dd:3b:c5:9b:a0:c8:90:d7:3e:0e:f5:9e:51:59:
f9:9d:cf:ca:ac:3c:92:57:ac:fb:e7:c6:43:ac:cc:
d5:8a:48:c4:47:79:4a:56:fe:7a:7d:36:1d:96:15:
e7:98:f7:e4:b1:82:a6:89:3e:69:49:7e:8b:c6:8e:
19:f8:64:e4:4b:70:a5:9a:55:d1:ed:0b:58:5a:15:
cd:88:7f:1a:b9:c8:96:69:d3:e1:1a:47:41:9d:4f:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:39:EC:86:C3:59:A1:EC:0F:DC:6C:02:59:FE:3C:A6:FF:95:BC:FD
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/uznshsNZoewP3GwCWf48pv-VvP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/22
45.91.44.0/22
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
46:ad:17:cb:59:39:f6:ac:35:00:64:72:41:a2:28:c4:fd:65:
bf:f3:eb:30:6e:26:4d:76:e6:14:e5:36:59:0c:0c:6d:09:d0:
69:ff:0e:05:4b:9e:2d:8f:07:7c:66:5b:68:4b:05:77:cc:e6:
95:87:24:44:1f:13:d3:73:8e:29:f6:70:5f:25:d3:12:8d:7c:
38:38:fd:3f:32:36:74:bb:b9:cd:3a:62:8a:f4:09:2f:56:e0:
20:00:28:e0:c5:3b:3c:f3:a0:d1:53:21:1c:02:12:a1:87:19:
1b:91:1d:f0:45:fa:76:3a:fa:db:d0:07:66:5d:e3:f2:ae:af:
57:ea:cc:fd:6b:76:a9:bc:70:ee:99:7e:31:d8:61:ae:88:cd:
88:84:59:07:74:ed:71:45:de:3b:8c:72:89:40:bc:b9:30:e6:
4b:98:e2:d9:15:02:f4:73:ea:05:66:84:21:6c:94:a8:54:80:
d0:6d:3a:c8:4f:23:e5:28:8a:1e:39:3e:dd:55:dd:82:3b:62:
c4:2b:59:97:53:52:4c:f3:ad:36:9e:c2:3a:3e:31:2f:b8:cb:
a8:83:c3:d0:ae:0f:74:2c:18:77:a6:5d:2d:97:4e:50:1e:7d:
a2:e9:c5:20:a6:bb:09:87:15:dc:15:ba:35:05:fb:c4:93:a5:
14:d9:81:d4
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYhx+vRvblWS08Drc/M5uZ+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjMwNTMxMTMyNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM5ZWM4NmMzNTlhMWVjMGZkYzZjMDI1OWZlM2NhNmZmOTViY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Qw4ctElBjNM/RdK6c6IUYkUZvV
YPCMBDYM7KAkgHENiOvFWyWh7t/NQVKbP52BZLpiyD1SFp5N86Mq97YNR+7gKahh
CSropDeM391+MU0qTse8i0MNMy7RLUI1SV0bM+AyzhbaVEBVzqGEj1DtIMhyduJt
qG1zFhNSDmB2cBHopJ6Ov2seA4KT5CtNZ9I71JlcD888xuHgUtnxJGVA6poaVTFW
3TvFm6DIkNc+DvWeUVn5nc/KrDySV6z758ZDrMzVikjER3lKVv56fTYdlhXnmPfk
sYKmiT5pSX6Lxo4Z+GTkS3ClmlXR7QtYWhXNiH8auciWadPhGkdBnU9v6QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLs57IbDWaHsD9xsAln+PKb/lbz9MB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvdXpuc2hzTlpvZXdQM0d3Q1dmNDhwdi1WdlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCLVZ0AwQC
LVfEAwQCLVssAwQCWSVYAwQBwnEaMA4EAgACMAgDBgAqAnBA/zANBgkqhkiG9w0B
AQsFAAOCAQEARq0Xy1k59qw1AGRyQaIoxP1lv/PrMG4mTXbmFOU2WQwMbQnQaf8O
BUueLY8HfGZbaEsFd8zmlYckRB8T03OOKfZwXyXTEo18ODj9PzI2dLu5zTpiivQJ
L1bgIAAo4MU7PPOg0VMhHAISoYcZG5Ed8EX6djr629AHZl3j8q6vV+rM/Wt2qbxw
7pl+MdhhrojNiIRZB3TtcUXeO4xyiUC8uTDmS5ji2RUC9HPqBWaEIWyUqFSA0G06
yE8j5SiKHjk+3VXdgjtixCtZl1NSTPOtNp7COj4xL7jLqIPD0K4PdCwYd6ZdLZdO
UB59ounFIKa7CYcV3BW6NQX7xJOlFNmB1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:51 2024 by rpki-client on console-fra.rpki-client.org