Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/bApo0ekUc7W1-o6gtJqpOWF0ADQ.roa
File: bApo0ekUc7W1-o6gtJqpOWF0ADQ.roa (raw, json)
Hash identifier: xO9q2oevZgyonxnDpggISlrpMRS6fp2eSvLYPu8zTL0=
Subject key identifier: 6C:0A:68:D1:E9:14:73:B5:B5:FA:8E:A0:B4:9A:A9:39:61:74:00:34
Certificate issuer: /CN=d29dc792adfcfe88c79e7958fbfec525630b62f9
Certificate serial: 01895AF104766440415DAF8EA776813648A5
Authority key identifier: D2:9D:C7:92:AD:FC:FE:88:C7:9E:79:58:FB:FE:C5:25:63:0B:62:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0p3Hkq38_ojHnnlY-_7FJWMLYvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/bApo0ekUc7W1-o6gtJqpOWF0ADQ.roa
Signing time: Sat 15 Jul 2023 19:04:52 +0000
ROA not before: Sat 15 Jul 2023 19:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60757
IP address blocks: 45.132.84.0/24 maxlen: 24
45.143.89.0/24 maxlen: 24
85.92.120.0/24 maxlen: 24
85.92.122.0/24 maxlen: 24
85.92.121.0/24 maxlen: 24
85.92.123.0/24 maxlen: 24
185.217.189.0/24 maxlen: 24
185.217.188.0/24 maxlen: 24
185.217.191.0/24 maxlen: 24
185.217.190.0/24 maxlen: 24
2a0d:bcc0::/32 maxlen: 48
2a0d:bcc1::/32 maxlen: 48
2a0d:bcc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5a:f1:04:76:64:40:41:5d:af:8e:a7:76:81:36:48:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d29dc792adfcfe88c79e7958fbfec525630b62f9
Validity
Not Before: Jul 15 19:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c0a68d1e91473b5b5fa8ea0b49aa93961740034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:f0:4e:e2:04:51:d1:b1:87:63:07:91:45:
b4:4a:50:45:b8:71:a3:c3:81:5f:fc:dc:37:7d:a6:
f2:9f:fb:df:9f:03:22:c5:fd:0a:82:68:d3:f0:ef:
10:c5:07:4e:0f:0a:17:68:4f:68:cc:03:b6:52:0c:
65:94:5c:7b:02:7e:86:ca:c2:c8:d1:32:0b:f2:5f:
6b:98:7b:04:f0:a9:73:62:41:21:a4:86:10:92:12:
b9:14:ae:62:a9:72:8b:46:4e:d4:58:71:81:0d:5b:
57:4e:30:28:85:c5:96:1e:e0:b8:49:e5:4f:1b:68:
d3:9c:8a:a9:c7:75:73:e8:d3:d7:d3:cf:b0:e2:a1:
c7:98:bf:b1:f5:ad:e4:bb:d2:b1:d7:34:40:b7:5b:
d4:bd:19:42:30:84:41:9e:db:78:00:51:76:06:a4:
f8:af:c3:a5:60:d5:f1:75:62:64:7a:87:b4:f5:f4:
f5:b5:84:62:54:6e:d9:39:c0:15:79:5c:12:41:24:
e4:7c:40:07:d1:2d:4f:36:d3:ba:ea:ce:99:43:7c:
6f:e6:dc:7c:12:0b:63:03:6b:bb:1b:a0:18:7a:53:
c7:cc:7d:af:35:f2:d2:74:8b:77:f8:7b:47:67:7c:
fa:fa:b3:77:16:41:f8:0a:d1:71:58:b3:c2:bd:e0:
6c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0A:68:D1:E9:14:73:B5:B5:FA:8E:A0:B4:9A:A9:39:61:74:00:34
X509v3 Authority Key Identifier:
keyid:D2:9D:C7:92:AD:FC:FE:88:C7:9E:79:58:FB:FE:C5:25:63:0B:62:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0p3Hkq38_ojHnnlY-_7FJWMLYvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/bApo0ekUc7W1-o6gtJqpOWF0ADQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/d8f8cf-188a-4bd0-8dba-41e7fba6d6e1/1/0p3Hkq38_ojHnnlY-_7FJWMLYvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.84.0/24
45.143.89.0/24
85.92.120.0/22
185.217.188.0/22
IPv6:
2a0d:bcc0::-2a0d:bcc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:0d:69:96:16:09:51:8b:b7:40:7a:f8:81:a8:aa:99:81:1d:
3c:39:50:22:bc:fb:2f:3f:ad:52:2e:fb:37:22:c0:42:03:69:
2e:fd:15:6e:70:99:f4:dd:e9:d5:41:0b:b5:5a:23:d3:9a:20:
85:d7:05:12:d5:a6:7d:24:2c:bb:b0:c1:62:82:e7:40:b0:eb:
58:75:b7:b0:bb:51:12:ae:5e:77:77:b4:89:3d:34:97:2e:97:
3a:4d:71:eb:6d:1c:13:ee:b3:2b:c7:b4:49:d1:de:3e:24:82:
39:49:c7:7c:0d:12:7e:1a:4a:cf:78:8f:3c:a5:c2:dc:c5:ba:
af:64:56:fb:00:c0:9e:2e:62:4c:80:84:39:cb:7d:94:f3:b2:
96:56:71:bb:46:34:49:9b:24:45:18:4c:65:0b:c8:ea:db:06:
0d:2d:fe:5e:8d:d8:df:2b:14:a0:ea:62:f0:71:6e:0a:9b:f5:
44:a8:51:82:2b:9b:58:8f:2f:58:39:cc:78:7c:e8:04:7e:62:
b5:06:e5:99:0c:76:72:b2:78:c4:97:0f:c5:46:0b:cd:f6:72:
72:02:3c:fe:c5:12:e7:4e:cf:c9:a7:7e:37:f3:19:d2:27:4b:
b2:f3:ed:5b:e7:a7:5c:45:9d:be:7f:35:ff:65:94:74:9d:01:
58:b2:7c:1a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYla8QR2ZEBBXa+Op3aBNkilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOWRjNzkyYWRmY2ZlODhjNzllNzk1OGZiZmVjNTI1NjMw
YjYyZjkwHhcNMjMwNzE1MTkwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBhNjhkMWU5MTQ3M2I1YjVmYThlYTBiNDlhYTkzOTYxNzQwMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrvwTuIEUdGxh2MHkUW0SlBFuHGj
w4Ff/Nw3fabyn/vfnwMixf0KgmjT8O8QxQdODwoXaE9ozAO2UgxllFx7An6GysLI
0TIL8l9rmHsE8KlzYkEhpIYQkhK5FK5iqXKLRk7UWHGBDVtXTjAohcWWHuC4SeVP
G2jTnIqpx3Vz6NPX08+w4qHHmL+x9a3ku9Kx1zRAt1vUvRlCMIRBntt4AFF2BqT4
r8OlYNXxdWJkeoe09fT1tYRiVG7ZOcAVeVwSQSTkfEAH0S1PNtO66s6ZQ3xv5tx8
EgtjA2u7G6AYelPHzH2vNfLSdIt3+HtHZ3z6+rN3FkH4CtFxWLPCveBsNQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGwKaNHpFHO1tfqOoLSaqTlhdAA0MB8GA1UdIwQY
MBaAFNKdx5Kt/P6Ix555WPv+xSVjC2L5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHAzSGtxMzhfb2pIbm5sWS1fN0ZKV01MWXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kOGY4Y2YtMTg4YS00YmQwLThkYmEt
NDFlN2ZiYTZkNmUxLzEvYkFwbzBla1VjN1cxLW82Z3RKcXBPV0YwQURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kOGY4Y2YtMTg4YS00YmQwLThkYmEtNDFlN2ZiYTZkNmUx
LzEvMHAzSGtxMzhfb2pIbm5sWS1fN0ZKV01MWXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQALYRUAwQA
LY9ZAwQCVVx4AwQCudm8MBYEAgACMBAwDgMFBioNvMADBQAqDbzCMA0GCSqGSIb3
DQEBCwUAA4IBAQBADWmWFglRi7dAeviBqKqZgR08OVAivPsvP61SLvs3IsBCA2ku
/RVucJn03enVQQu1WiPTmiCF1wUS1aZ9JCy7sMFigudAsOtYdbewu1ESrl53d7SJ
PTSXLpc6TXHrbRwT7rMrx7RJ0d4+JII5Scd8DRJ+GkrPeI88pcLcxbqvZFb7AMCe
LmJMgIQ5y32U87KWVnG7RjRJmyRFGExlC8jq2wYNLf5ejdjfKxSg6mLwcW4Km/VE
qFGCK5tYjy9YOcx4fOgEfmK1BuWZDHZysnjElw/FRgvN9nJyAjz+xRLnTs/Jp343
8xnSJ0uy8+1b56dcRZ2+fzX/ZZR0nQFYsnwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:25 2024 by rpki-client on console-fra.rpki-client.org