Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/CcIk02c7nJryO8cMqDrNz6DdmUk.roa
File: CcIk02c7nJryO8cMqDrNz6DdmUk.roa (raw, json)
Hash identifier: QRgsHf8KXAsqtjpMIWH57XsQHIS7vPQD59+Z7DYLfnE=
Subject key identifier: 09:C2:24:D3:67:3B:9C:9A:F2:3B:C7:0C:A8:3A:CD:CF:A0:DD:99:49
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018C15A23755CC0FB0331DACFA452E4ED3D9
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/CcIk02c7nJryO8cMqDrNz6DdmUk.roa
Signing time: Tue 28 Nov 2023 11:13:21 +0000
ROA not before: Tue 28 Nov 2023 11:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.100.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:a2:37:55:cc:0f:b0:33:1d:ac:fa:45:2e:4e:d3:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 28 11:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09c224d3673b9c9af23bc70ca83acdcfa0dd9949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:78:dc:4f:08:53:c5:31:8e:37:26:1c:41:59:
c1:d5:e5:4d:91:a3:93:48:5c:5e:07:8b:3a:43:5c:
33:9f:bd:ab:20:14:23:b3:05:c2:3e:99:93:4a:78:
88:ed:ff:6e:e9:c8:21:5f:a1:61:fb:7f:44:6f:98:
4d:ae:5e:10:66:f2:71:4e:90:f7:16:26:43:99:95:
a9:ac:d8:1e:e4:38:3a:b5:ed:b3:ab:11:81:a3:fe:
51:b5:1f:09:a6:d0:fd:88:d9:01:29:f5:30:b2:50:
0c:04:2b:b9:a0:83:84:a9:83:44:9e:0a:0d:f8:25:
e9:0c:f7:0b:55:d6:7b:3d:f6:d6:42:31:69:2b:48:
b7:08:67:af:4f:b0:87:21:83:50:3d:fa:ac:be:b9:
53:bd:b9:e0:a9:10:a8:5e:7d:e6:f6:a6:a7:98:ec:
be:48:aa:7d:18:a3:fb:de:e6:7e:c2:64:17:b3:69:
9f:19:88:2f:b9:51:ad:04:5f:53:ca:4d:36:4d:73:
f9:b0:1a:5f:bc:88:6a:31:18:13:cb:e7:c3:15:61:
d4:67:82:20:ee:e8:6d:e2:bb:c2:94:b8:ac:8b:aa:
2e:a6:15:c4:90:c9:7b:45:02:54:0e:27:79:ef:54:
b2:53:25:9d:1e:08:cb:62:f1:bf:8e:51:32:cc:8b:
3f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C2:24:D3:67:3B:9C:9A:F2:3B:C7:0C:A8:3A:CD:CF:A0:DD:99:49
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/CcIk02c7nJryO8cMqDrNz6DdmUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.178.96.0-5.178.100.255
5.178.104.0-5.178.106.255
5.178.109.0/24
31.192.240.0/21
45.12.216.0/23
45.12.219.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:42:84:48:13:48:d0:6f:b7:6e:d4:3c:f2:1c:ca:d0:83:ed:
4a:73:86:00:a3:e6:6e:1a:f0:cb:bf:7a:3e:b0:65:fd:d0:19:
c6:88:9e:8a:00:7c:70:7d:4f:64:6d:53:8b:31:e0:84:e6:a2:
5f:4b:72:64:b6:c7:53:ff:fc:dc:38:1c:bb:df:ce:13:9f:11:
8e:58:0e:2f:fd:d6:0f:8d:c0:78:de:3e:6c:7a:82:41:79:ab:
6b:fa:aa:40:1a:61:3f:ea:42:e8:24:ac:f1:87:eb:00:84:73:
68:47:1c:e2:dd:38:d9:49:c3:1d:25:2a:35:dc:6c:7c:6c:0b:
61:01:f7:f3:13:37:06:a5:2f:47:26:b4:9b:8d:4d:51:5c:df:
35:a3:5f:d7:df:df:69:09:f9:d9:4d:c3:0d:fb:d5:18:90:54:
41:97:5b:31:27:69:e0:9b:2a:22:55:14:4c:3d:d6:14:a5:33:
76:8f:55:16:e8:74:d3:19:0b:d1:08:05:fd:37:24:14:fa:e0:
94:d0:64:c2:16:ad:43:df:f0:e3:11:a6:55:a1:b0:ab:e1:73:
fa:be:55:a7:4c:1a:a7:47:ee:a0:68:bc:ba:cd:f7:12:d3:5b:
9a:13:0b:43:54:b0:c3:ce:94:ff:bf:b5:61:01:b1:3d:b5:00:
e0:68:0f:e1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYwVojdVzA+wMx2s+kUuTtPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMTI4MTExMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMyMjRkMzY3M2I5YzlhZjIzYmM3MGNhODNhY2RjZmEwZGQ5OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXjcTwhTxTGONyYcQVnB1eVNkaOT
SFxeB4s6Q1wzn72rIBQjswXCPpmTSniI7f9u6cghX6Fh+39Eb5hNrl4QZvJxTpD3
FiZDmZWprNge5Dg6te2zqxGBo/5RtR8JptD9iNkBKfUwslAMBCu5oIOEqYNEngoN
+CXpDPcLVdZ7PfbWQjFpK0i3CGevT7CHIYNQPfqsvrlTvbngqRCoXn3m9qanmOy+
SKp9GKP73uZ+wmQXs2mfGYgvuVGtBF9Tyk02TXP5sBpfvIhqMRgTy+fDFWHUZ4Ig
7uht4rvClLisi6ouphXEkMl7RQJUDid571SyUyWdHgjLYvG/jlEyzIs/uQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAnCJNNnO5ya8jvHDKg6zc+g3ZlJMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvQ2NJazAyYzduSnJ5TzhjTXFEck56NkRkbVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNAwQABSf4MAsD
BAEFJ/oDAwMFIDAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmoDBAAFsm0DBAMf
wPADBAEtDNgDBAAtDNsDBAK5BSQwDQYJKoZIhvcNAQELBQADggEBAKJChEgTSNBv
t27UPPIcytCD7UpzhgCj5m4a8Mu/ej6wZf3QGcaInooAfHB9T2RtU4sx4ITmol9L
cmS2x1P//Nw4HLvfzhOfEY5YDi/91g+NwHjePmx6gkF5q2v6qkAaYT/qQugkrPGH
6wCEc2hHHOLdONlJwx0lKjXcbHxsC2EB9/MTNwalL0cmtJuNTVFc3zWjX9ff32kJ
+dlNww371RiQVEGXWzEnaeCbKiJVFEw91hSlM3aPVRbodNMZC9EIBf03JBT64JTQ
ZMIWrUPf8OMRplWhsKvhc/q+VadMGqdH7qBovLrN9xLTW5oTC0NUsMPOlP+/tWEB
sT21AOBoD+E=
-----END CERTIFICATE-----
Generated at Sat Dec 2 10:45:45 2023 by rpki-client on console-fra.rpki-client.org