Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R6ABCOCM0uLIiEnORrN4vXPr24I.roa
File: R6ABCOCM0uLIiEnORrN4vXPr24I.roa (raw, json)
Hash identifier: 0E6i0bbh2AV8eImPHu/l54sWNRk7fPIzqhTvL5ILxV8=
Subject key identifier: 47:A0:01:08:E0:8C:D2:E2:C8:88:49:CE:46:B3:78:BD:73:EB:DB:82
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0187617CD0EEC3F155F62ED3D52509553D35
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R6ABCOCM0uLIiEnORrN4vXPr24I.roa
Signing time: Sat 08 Apr 2023 15:29:42 +0000
ROA not before: Sat 08 Apr 2023 15:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207177
IP address blocks: 91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
171.22.52.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/22 maxlen: 22
45.86.16.0/24 maxlen: 24
45.86.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 18:56:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:61:7c:d0:ee:c3:f1:55:f6:2e:d3:d5:25:09:55:3d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 8 15:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47a00108e08cd2e2c88849ce46b378bd73ebdb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:c3:b5:5b:18:a6:2b:ef:98:c7:db:41:07:
b1:e9:8f:3c:06:49:86:59:1b:5e:12:9b:1a:39:da:
b7:7f:a8:98:b1:49:5f:15:ab:ad:c6:e1:1c:01:ab:
b0:44:ce:dd:b5:81:ee:01:68:c0:d2:7e:2d:f4:8f:
51:3b:63:3b:c7:f6:46:e8:9e:a2:04:24:7f:ae:33:
b3:46:59:7c:fc:4f:3d:9b:8e:91:41:fb:0d:54:25:
cb:33:2e:77:95:97:f4:11:af:08:d8:a5:9e:73:3a:
47:fd:ce:35:44:8a:06:04:44:b5:0a:4a:a2:f6:7b:
f2:ec:69:bd:25:e5:ff:8d:ac:18:cf:be:c7:00:64:
c7:68:bb:05:de:a7:5a:3c:3b:11:66:d4:1a:c7:8f:
8f:5d:e6:e5:28:f1:09:51:eb:76:ce:f5:44:89:c0:
ba:dd:22:17:e0:d6:2e:7b:1f:e1:41:80:9d:9b:17:
2f:22:a5:59:eb:d0:53:6d:de:63:7d:2d:40:55:07:
da:42:19:bd:b0:24:19:93:04:07:fa:db:ba:d3:fa:
ba:bc:56:8f:fd:bc:53:35:c3:22:be:d7:3b:a8:76:
4a:e5:fa:85:f4:6d:a1:21:87:15:2b:bb:fa:7a:78:
31:04:1b:6a:66:09:e9:9c:79:8c:03:36:b6:45:8e:
c4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A0:01:08:E0:8C:D2:E2:C8:88:49:CE:46:B3:78:BD:73:EB:DB:82
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R6ABCOCM0uLIiEnORrN4vXPr24I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
45.86.16.0/22
91.242.81.0/24
171.22.52.0/22
185.212.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:77:63:b1:00:ac:6f:29:4f:79:50:d6:ad:f0:49:1b:e3:df:
de:d3:0b:d8:2e:f4:32:c0:42:5f:e7:f4:58:39:3a:1a:67:e2:
36:3b:1e:a5:7a:ce:ef:3b:f8:3c:8a:fb:08:46:d1:a0:ab:ef:
28:86:f4:ea:e9:cc:49:68:cf:d1:fe:a4:8f:f8:51:32:63:ca:
be:26:b5:1f:57:2d:fb:2c:a5:63:a0:fa:d0:15:a0:1a:ea:6d:
d1:5a:e8:8e:39:55:27:2a:a7:fe:d3:49:f9:d5:e7:62:1d:38:
2c:b7:17:b5:1b:56:99:67:fd:d3:68:27:bc:72:34:38:a5:12:
ce:9d:98:ac:6f:cc:ff:a4:f3:56:73:18:cb:88:67:fb:ce:12:
9e:68:de:3d:6c:34:c1:76:32:f8:4c:0b:50:c2:e7:19:1e:f4:
0a:02:13:fa:30:b8:a7:25:87:99:03:df:2a:32:c1:02:07:bf:
b3:9f:f6:55:ac:a0:ff:24:ec:e6:f1:a9:ea:00:97:61:9a:a6:
14:d2:fd:db:83:87:8b:e8:fc:b7:c0:30:d3:83:24:9a:1c:69:
7d:6e:5d:5c:87:69:e5:67:e8:a9:67:42:2c:ad:e9:b1:84:d4:
b7:c3:76:09:c1:5e:4b:bc:18:94:55:a9:60:68:86:82:37:03:
5a:84:31:4a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdhfNDuw/FV9i7T1SUJVT01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwNDA4MTUyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2EwMDEwOGUwOGNkMmUyYzg4ODQ5Y2U0NmIzNzhiZDczZWJkYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLHDtVsYpivvmMfbQQex6Y88BkmG
WRteEpsaOdq3f6iYsUlfFautxuEcAauwRM7dtYHuAWjA0n4t9I9RO2M7x/ZG6J6i
BCR/rjOzRll8/E89m46RQfsNVCXLMy53lZf0Ea8I2KWeczpH/c41RIoGBES1Ckqi
9nvy7Gm9JeX/jawYz77HAGTHaLsF3qdaPDsRZtQax4+PXeblKPEJUet2zvVEicC6
3SIX4NYuex/hQYCdmxcvIqVZ69BTbd5jfS1AVQfaQhm9sCQZkwQH+tu60/q6vFaP
/bxTNcMivtc7qHZK5fqF9G2hIYcVK7v6engxBBtqZgnpnHmMAza2RY7EhQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEegAQjgjNLiyIhJzkazeL1z69uCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUjZBQkNPQ00wdUxJaUVuT1JyTjR2WFByMjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALUN1AwQC
LVYQAwQAW/JRAwQCqxY0AwQAudQLMA0GCSqGSIb3DQEBCwUAA4IBAQBMd2OxAKxv
KU95UNat8Ekb49/e0wvYLvQywEJf5/RYOToaZ+I2Ox6les7vO/g8ivsIRtGgq+8o
hvTq6cxJaM/R/qSP+FEyY8q+JrUfVy37LKVjoPrQFaAa6m3RWuiOOVUnKqf+00n5
1ediHTgstxe1G1aZZ/3TaCe8cjQ4pRLOnZisb8z/pPNWcxjLiGf7zhKeaN49bDTB
djL4TAtQwucZHvQKAhP6MLinJYeZA98qMsECB7+zn/ZVrKD/JOzm8anqAJdhmqYU
0v3bg4eL6Py3wDDTgySaHGl9bl1ch2nlZ+ipZ0IsremxhNS3w3YJwV5LvBiUValg
aIaCNwNahDFK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org