Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CchcdZLQ7mbs9ZEpL9zhTIVqFQw.roa
File: CchcdZLQ7mbs9ZEpL9zhTIVqFQw.roa (raw, json)
Hash identifier: TuDVoPGMFhFtCPrpboe5A0cARvkQyXUcrvYMpT4aLlM=
Subject key identifier: 09:C8:5C:75:92:D0:EE:66:EC:F5:91:29:2F:DC:E1:4C:85:6A:15:0C
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D84C457AB01778101FEA94BB881A1EC80
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CchcdZLQ7mbs9ZEpL9zhTIVqFQw.roa
Signing time: Wed 07 Feb 2024 18:11:16 +0000
ROA not before: Wed 07 Feb 2024 18:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35751
IP address blocks: 45.11.124.0/22 maxlen: 22
45.81.76.0/22 maxlen: 22
45.129.204.0/22 maxlen: 22
45.132.20.0/22 maxlen: 22
45.133.224.0/22 maxlen: 22
45.134.52.0/22 maxlen: 22
45.135.28.0/22 maxlen: 22
45.139.108.0/22 maxlen: 22
45.144.168.0/22 maxlen: 22
192.109.91.0/24 maxlen: 24
192.109.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:c4:57:ab:01:77:81:01:fe:a9:4b:b8:81:a1:ec:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 7 18:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c85c7592d0ee66ecf591292fdce14c856a150c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b0:77:36:5d:47:33:a7:5b:b4:07:60:96:e0:
4c:46:4e:eb:88:00:97:03:b7:aa:0d:2d:8a:9f:44:
65:4e:7d:f1:ee:a5:5e:8c:f1:59:0e:38:1c:a8:6b:
7c:b3:55:ff:39:14:6e:e1:b0:2d:5a:c5:2d:7a:a2:
d7:e3:e2:21:a8:a0:17:61:59:7c:22:32:9f:29:20:
20:96:25:84:4b:f8:a9:51:bf:a7:40:29:e7:d5:61:
83:73:35:42:f6:d2:28:51:38:f9:31:09:55:2c:7f:
57:e1:59:be:ac:42:3d:35:47:a0:88:28:65:69:63:
b0:b7:9d:cc:b8:08:b5:94:5c:b2:51:e9:cc:3a:2d:
5d:82:e8:dd:61:aa:8e:44:0d:ad:b1:54:c0:70:96:
14:09:3e:3c:47:1b:e6:4b:12:4c:2a:b3:3b:ae:9b:
b4:7b:e5:e9:6d:ae:10:65:76:0e:b0:4d:c3:17:10:
69:a3:c2:15:a1:5f:16:76:28:ca:8c:d7:50:46:eb:
e4:8b:77:1d:f6:ae:f5:59:09:ac:c0:ce:28:41:be:
43:f8:04:3f:52:aa:42:bc:a5:98:91:3a:dd:47:61:
8a:4e:28:3f:87:72:55:56:90:be:23:de:02:9c:81:
8c:3f:c7:2f:18:19:47:3a:41:3a:f5:a4:72:51:81:
26:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C8:5C:75:92:D0:EE:66:EC:F5:91:29:2F:DC:E1:4C:85:6A:15:0C
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CchcdZLQ7mbs9ZEpL9zhTIVqFQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.124.0/22
45.81.76.0/22
45.129.204.0/22
45.132.20.0/22
45.133.224.0/22
45.134.52.0/22
45.135.28.0/22
45.139.108.0/22
45.144.168.0/22
192.109.91.0/24
192.109.100.0/24
Signature Algorithm: sha256WithRSAEncryption
94:95:bf:d6:29:75:62:a4:c3:f2:e4:da:91:0d:a7:70:34:8c:
6b:47:e3:60:33:66:b7:5c:1b:09:81:c0:86:7e:45:c8:43:73:
2f:cc:38:ad:3f:9f:ce:0d:75:49:f7:b4:95:e8:76:ca:da:4a:
82:51:0e:2e:0a:0d:db:dd:82:bd:f2:d1:b8:df:8b:9e:07:73:
71:b1:9b:b6:d1:45:bd:72:15:9b:37:ea:39:ef:8a:f0:a7:a2:
ec:04:31:2d:66:54:a5:93:43:12:a8:75:a8:38:77:4d:16:95:
87:12:84:b9:cc:55:b7:fc:82:a6:7e:3f:a8:f5:47:49:6c:02:
30:72:58:e6:8b:e7:e4:99:ec:78:c6:a5:3f:54:0e:1e:33:1a:
c0:12:26:76:d3:18:c7:0d:4e:02:54:48:29:6a:12:08:5b:0a:
9f:00:ae:3c:2c:02:17:f5:92:f6:9a:42:35:cf:bf:3b:5c:10:
df:0a:29:52:29:c9:f6:46:e0:b5:8b:f5:5c:7a:8e:e3:09:d1:
30:ee:2b:06:6f:36:96:76:fc:96:5f:a4:81:ed:31:4a:45:3c:
e4:69:02:0a:9d:48:f6:d3:eb:80:2a:62:99:89:96:40:e6:f7:
e5:e0:dc:16:1d:4c:67:48:80:4b:52:62:02:85:a5:d3:1c:73:
12:ec:63:c2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY2ExFerAXeBAf6pS7iBoeyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA3MTgxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWM4NWM3NTkyZDBlZTY2ZWNmNTkxMjkyZmRjZTE0Yzg1NmExNTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97B3Nl1HM6dbtAdgluBMRk7riACX
A7eqDS2Kn0RlTn3x7qVejPFZDjgcqGt8s1X/ORRu4bAtWsUteqLX4+IhqKAXYVl8
IjKfKSAgliWES/ipUb+nQCnn1WGDczVC9tIoUTj5MQlVLH9X4Vm+rEI9NUegiChl
aWOwt53MuAi1lFyyUenMOi1dgujdYaqORA2tsVTAcJYUCT48RxvmSxJMKrM7rpu0
e+Xpba4QZXYOsE3DFxBpo8IVoV8WdijKjNdQRuvki3cd9q71WQmswM4oQb5D+AQ/
UqpCvKWYkTrdR2GKTig/h3JVVpC+I94CnIGMP8cvGBlHOkE69aRyUYEmkQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAnIXHWS0O5m7PWRKS/c4UyFahUMMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQ2NoY2RaTFE3bWJzOVpFcEw5emhUSVZxRlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQt8AwQC
LVFMAwQCLYHMAwQCLYQUAwQCLYXgAwQCLYY0AwQCLYccAwQCLYtsAwQCLZCoAwQA
wG1bAwQAwG1kMA0GCSqGSIb3DQEBCwUAA4IBAQCUlb/WKXVipMPy5NqRDadwNIxr
R+NgM2a3XBsJgcCGfkXIQ3MvzDitP5/ODXVJ97SV6HbK2kqCUQ4uCg3b3YK98tG4
34ueB3NxsZu20UW9chWbN+o574rwp6LsBDEtZlSlk0MSqHWoOHdNFpWHEoS5zFW3
/IKmfj+o9UdJbAIwcljmi+fkmex4xqU/VA4eMxrAEiZ20xjHDU4CVEgpahIIWwqf
AK48LAIX9ZL2mkI1z787XBDfCilSKcn2RuC1i/Vceo7jCdEw7isGbzaWdvyWX6SB
7TFKRTzkaQIKnUj20+uAKmKZiZZA5vfl4NwWHUxnSIBLUmIChaXTHHMS7GPC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org