Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/cjLJpz5Sv6dTjIqBV7h_moh4umU.roa
File: cjLJpz5Sv6dTjIqBV7h_moh4umU.roa (raw, json)
Hash identifier: F2Hwz1IkLxnhyP1r81Ufiv08VwxGGHPwNbK3J9dA92c=
Subject key identifier: 72:32:C9:A7:3E:52:BF:A7:53:8C:8A:81:57:B8:7F:9A:88:78:BA:65
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 01856D0AD871997662B33BF9146ED62E2C80
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/cjLJpz5Sv6dTjIqBV7h_moh4umU.roa
Signing time: Sun 01 Jan 2023 11:15:05 +0000
ROA not before: Sun 01 Jan 2023 11:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
95.130.225.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d8:71:99:76:62:b3:3b:f9:14:6e:d6:2e:2c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 1 11:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7232c9a73e52bfa7538c8a8157b87f9a8878ba65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:77:fa:29:49:11:4e:4c:cc:c7:6f:85:03:b9:
0e:90:9f:fb:b2:e4:4a:82:b6:6b:8e:f5:a8:a6:08:
8c:a0:4f:17:aa:a9:3a:12:c6:23:af:60:d4:8d:54:
0e:f9:d6:33:84:44:cc:bc:61:9e:89:d9:5a:1c:2d:
b6:ba:d8:87:59:4c:9e:5b:e8:24:18:05:f9:35:0b:
90:44:d9:69:b4:18:9f:9e:f8:92:6d:52:39:4f:85:
0a:4a:f7:65:1a:ab:51:ee:4c:ee:6c:cf:fd:ad:f2:
f2:69:26:6c:14:ea:16:dd:0d:e8:23:8b:0a:60:5a:
0b:ce:ba:5b:38:39:c1:03:fe:f2:d5:43:b7:ad:55:
94:e1:d4:7e:48:d0:ca:ee:54:a7:e2:28:18:fd:3f:
5e:0d:6e:35:e2:fc:87:76:54:2e:91:4f:df:67:4a:
cb:a9:a4:c8:cc:30:c8:c3:1a:dc:8e:66:59:b5:3f:
43:30:79:a4:de:b6:14:2f:46:ba:3f:8e:e4:e7:56:
e9:29:5b:7c:6e:f1:e5:b5:f0:04:a6:c0:86:69:4c:
74:5a:29:96:6e:fa:b0:60:b4:f6:af:e9:0b:06:5d:
7f:f4:7f:b9:f4:81:82:82:03:37:87:c6:6f:61:3d:
fb:2d:37:85:2a:3e:f5:b3:18:32:d2:ea:8c:05:56:
7e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:32:C9:A7:3E:52:BF:A7:53:8C:8A:81:57:B8:7F:9A:88:78:BA:65
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/cjLJpz5Sv6dTjIqBV7h_moh4umU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.6.0/23
45.148.248.0/24
45.148.250.0/23
95.130.225.0/24
185.140.232.0/24
185.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
30:a9:d7:92:62:f6:f2:64:9a:85:62:a2:f9:ce:59:91:10:97:
cb:a0:fb:e5:36:4d:f0:8a:6a:65:f1:3e:c8:78:b8:20:98:3f:
4e:bb:02:00:ac:38:2a:08:c7:bc:7f:9f:42:47:06:cd:b6:8f:
7c:cf:f1:f9:35:5f:f5:97:8d:f6:4c:eb:88:41:4c:b9:2c:8e:
09:a2:d8:2d:26:b2:d0:c0:40:ce:f5:46:f0:73:be:74:a6:08:
ae:39:18:2c:34:84:f1:87:47:ab:a6:90:fe:2c:46:1d:b2:95:
62:ab:0f:a2:22:96:2e:1d:b9:9a:e2:d1:d1:30:58:12:82:4b:
8f:eb:89:6e:c2:7c:93:3f:74:c1:4d:c5:e6:df:de:b3:e8:74:
3b:44:e7:85:00:36:9d:5a:a8:5b:b1:ce:2b:37:18:22:38:4d:
b5:dd:58:f5:00:2c:5a:df:3a:51:e4:cd:90:dc:d3:6f:2d:95:
16:65:1e:3c:4b:c9:60:5e:e8:f0:b1:ba:8b:8d:f3:06:b5:4b:
a5:6e:b1:83:65:8e:60:23:f8:9e:56:2c:f7:52:ab:dc:01:52:
b2:97:d1:5a:f3:80:89:6b:d3:58:ab:91:f4:16:00:c8:70:c8:
5e:ca:e1:2a:e5:b9:31:56:ee:71:62:4b:bf:3e:d9:83:76:c2:
34:91:00:01
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtCthxmXZiszv5FG7WLiyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjMwMTAxMTExNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjMyYzlhNzNlNTJiZmE3NTM4YzhhODE1N2I4N2Y5YTg4NzhiYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnf6KUkRTkzMx2+FA7kOkJ/7suRK
grZrjvWopgiMoE8Xqqk6EsYjr2DUjVQO+dYzhETMvGGeidlaHC22utiHWUyeW+gk
GAX5NQuQRNlptBifnviSbVI5T4UKSvdlGqtR7kzubM/9rfLyaSZsFOoW3Q3oI4sK
YFoLzrpbODnBA/7y1UO3rVWU4dR+SNDK7lSn4igY/T9eDW414vyHdlQukU/fZ0rL
qaTIzDDIwxrcjmZZtT9DMHmk3rYUL0a6P47k51bpKVt8bvHltfAEpsCGaUx0WimW
bvqwYLT2r+kLBl1/9H+59IGCggM3h8ZvYT37LTeFKj71sxgy0uqMBVZ+CwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHIyyac+Ur+nU4yKgVe4f5qIeLplMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvY2pMSnB6NVN2NmRUaklxQlY3aF9tb2g0dW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLQmQAwQB
LVYGAwQALZT4AwQBLZT6AwQAX4LhAwQAuYzoAwQBuYzqMA0GCSqGSIb3DQEBCwUA
A4IBAQAwqdeSYvbyZJqFYqL5zlmREJfLoPvlNk3wimpl8T7IeLggmD9OuwIArDgq
CMe8f59CRwbNto98z/H5NV/1l432TOuIQUy5LI4JotgtJrLQwEDO9Ubwc750pgiu
ORgsNITxh0erppD+LEYdspViqw+iIpYuHbma4tHRMFgSgkuP64luwnyTP3TBTcXm
396z6HQ7ROeFADadWqhbsc4rNxgiOE213Vj1ACxa3zpR5M2Q3NNvLZUWZR48S8lg
XujwsbqLjfMGtUulbrGDZY5gI/ieViz3UqvcAVKyl9Fa84CJa9NYq5H0FgDIcMhe
yuEq5bkxVu5xYku/PtmDdsI0kQAB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:43 2024 by rpki-client on console-ams.rpki-client.org