Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/d8znQYSz6g_O_h53hCQEEA2uEos.roa
File: d8znQYSz6g_O_h53hCQEEA2uEos.roa (raw, json)
Hash identifier: 4g0Ezykl3NETfwzIcBOVyQRAurq40evwjQxt6ENOHuI=
Subject key identifier: 77:CC:E7:41:84:B3:EA:0F:CE:FE:1E:77:84:24:04:10:0D:AE:12:8B
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 018BB0636807F16BB57B07BCF51918C494CC
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/d8znQYSz6g_O_h53hCQEEA2uEos.roa
Signing time: Wed 08 Nov 2023 19:23:06 +0000
ROA not before: Wed 08 Nov 2023 19:23:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.97.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:63:68:07:f1:6b:b5:7b:07:bc:f5:19:18:c4:94:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Nov 8 19:23:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77cce74184b3ea0fcefe1e77842404100dae128b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:f7:4f:c6:6b:3f:cb:66:45:d1:05:08:44:
dd:73:42:b3:14:22:b4:83:7f:5a:33:68:dc:84:fc:
01:fd:eb:b3:32:2f:3e:f7:5e:ee:8b:06:9a:ea:4f:
1a:53:af:53:6f:26:3f:43:a8:b8:ad:d4:ef:d6:b2:
78:a6:6c:53:c5:a2:7e:7b:ad:da:8a:a3:31:d6:c2:
55:1d:b8:bd:cc:d4:3c:1e:b4:af:71:83:87:cf:2d:
4b:f4:52:d2:4e:e2:b6:7e:b7:ee:52:93:12:79:82:
86:94:a8:f7:46:73:98:e6:66:86:a8:57:70:94:59:
85:5b:c7:f9:17:57:34:73:16:c8:bc:9e:5d:54:6e:
4e:c2:12:6c:40:61:41:ea:62:7c:bb:33:34:66:c8:
70:cb:5c:76:66:52:c5:7f:ee:60:32:67:c5:99:e7:
d6:4e:ec:fe:3f:e2:32:61:80:2e:51:b3:ee:4a:20:
4d:de:c0:63:da:3a:cc:9a:37:39:97:84:80:bf:76:
12:cb:96:4f:be:cc:34:25:59:56:cb:25:f2:18:04:
64:96:5f:5a:34:35:96:94:5b:f2:b0:41:0f:28:2d:
50:f5:0f:e8:fa:9a:68:ff:6a:ae:dd:21:66:24:f1:
61:05:a0:c9:09:5f:f4:a7:fb:d0:37:61:86:56:2f:
58:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:CC:E7:41:84:B3:EA:0F:CE:FE:1E:77:84:24:04:10:0D:AE:12:8B
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/d8znQYSz6g_O_h53hCQEEA2uEos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0/24
94.137.72.0/24
94.137.78.0/24
94.137.89.0-94.137.91.255
Signature Algorithm: sha256WithRSAEncryption
0c:a9:3a:66:cb:06:f0:4a:64:15:61:6f:a9:bf:ce:3b:29:46:
a1:6f:43:fc:64:c6:31:d2:db:8f:ff:13:5b:18:d8:26:5d:1c:
d9:8a:eb:2a:90:ac:3e:65:45:e3:1e:0c:b1:28:7e:b7:39:de:
a6:4b:00:34:aa:9f:b6:16:0b:93:75:f3:b4:e2:f4:f6:f0:f6:
b4:01:4d:17:da:89:1b:60:bf:ec:34:8f:fc:01:b1:2c:8b:e7:
0a:5a:24:f7:5b:1e:e6:ad:9a:de:57:bf:a8:4c:05:4f:22:b5:
8e:02:ff:96:93:c8:8f:30:a6:fc:c1:5b:02:d2:d0:88:f4:0b:
99:93:53:c4:fb:d6:49:84:95:09:17:57:05:eb:fc:35:4f:6d:
8d:3b:5d:a6:27:29:d6:f7:27:94:4d:fc:8d:15:e6:e0:8c:b6:
27:b1:59:8c:de:85:88:f2:2b:86:31:e0:67:30:be:cd:a2:ce:
fa:cf:ec:0b:b0:d7:5d:67:4c:66:fe:29:05:12:95:da:d7:b4:
78:bf:08:36:6e:a8:07:6f:7c:90:18:26:de:96:5d:40:2d:3c:
7e:eb:fe:15:a1:39:13:58:52:cf:af:7c:ba:c9:62:27:6d:39:
e9:38:da:17:14:69:7b:fd:c8:5f:8a:e1:9e:eb:1c:6b:a3:0b:
7d:30:50:3a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYuwY2gH8Wu1ewe89RkYxJTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjMxMTA4MTkyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2NjZTc0MTg0YjNlYTBmY2VmZTFlNzc4NDI0MDQxMDBkYWUxMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquL3T8ZrP8tmRdEFCETdc0KzFCK0
g39aM2jchPwB/euzMi8+917uiwaa6k8aU69TbyY/Q6i4rdTv1rJ4pmxTxaJ+e63a
iqMx1sJVHbi9zNQ8HrSvcYOHzy1L9FLSTuK2frfuUpMSeYKGlKj3RnOY5maGqFdw
lFmFW8f5F1c0cxbIvJ5dVG5OwhJsQGFB6mJ8uzM0Zshwy1x2ZlLFf+5gMmfFmefW
Tuz+P+IyYYAuUbPuSiBN3sBj2jrMmjc5l4SAv3YSy5ZPvsw0JVlWyyXyGARkll9a
NDWWlFvysEEPKC1Q9Q/o+ppo/2qu3SFmJPFhBaDJCV/0p/vQN2GGVi9YJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHfM50GEs+oPzv4ed4QkBBANrhKLMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvZDh6blFZU3o2Z19PX2g1M2hDUUVFQTJ1RW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALZdhAwQA
XolIAwQAXolOMAwDBABeiVkDBAJeiVgwDQYJKoZIhvcNAQELBQADggEBAAypOmbL
BvBKZBVhb6m/zjspRqFvQ/xkxjHS24//E1sY2CZdHNmK6yqQrD5lReMeDLEofrc5
3qZLADSqn7YWC5N187Ti9Pbw9rQBTRfaiRtgv+w0j/wBsSyL5wpaJPdbHuatmt5X
v6hMBU8itY4C/5aTyI8wpvzBWwLS0Ij0C5mTU8T71kmElQkXVwXr/DVPbY07XaYn
Kdb3J5RN/I0V5uCMtiexWYzehYjyK4Yx4Gcwvs2izvrP7Auw111nTGb+KQUSldrX
tHi/CDZuqAdvfJAYJt6WXUAtPH7r/hWhORNYUs+vfLrJYidtOek42hcUaXv9yF+K
4Z7rHGujC30wUDo=
-----END CERTIFICATE-----
Generated at Wed Nov 15 17:50:23 2023 by rpki-client on console-ams.rpki-client.org