Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/27R9G2_ZvpNEUOsVw8MPqDVoeNQ.roa
File: 27R9G2_ZvpNEUOsVw8MPqDVoeNQ.roa (raw, json)
Hash identifier: N0dQ4JKeKdxcn/piPjjlTMwztRyg8h0tyidmzEpKGxY=
Subject key identifier: DB:B4:7D:1B:6F:D9:BE:93:44:50:EB:15:C3:C3:0F:A8:35:68:78:D4
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018607A83F5FA85A08DC1FDB381DDD2FC160
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/27R9G2_ZvpNEUOsVw8MPqDVoeNQ.roa
Signing time: Tue 31 Jan 2023 11:48:32 +0000
ROA not before: Tue 31 Jan 2023 11:48:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39650
IP address blocks: 188.240.196.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 08:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:a8:3f:5f:a8:5a:08:dc:1f:db:38:1d:dd:2f:c1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 31 11:48:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbb47d1b6fd9be934450eb15c3c30fa8356878d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0b:47:13:14:02:26:f3:3d:73:00:06:9a:9e:
cb:9f:cd:a6:27:69:3d:61:f9:27:d8:d5:23:d7:29:
48:13:c9:bc:41:2f:2d:26:a9:d4:00:11:c0:b7:be:
b2:c8:e2:cb:2f:9a:86:5e:4c:21:77:b2:5d:1d:5a:
9e:96:b3:41:3f:0f:89:b3:2c:7c:ba:ff:6b:9c:05:
a2:2c:67:4f:59:53:f1:05:ef:a0:9a:df:a8:33:5f:
d6:48:88:ab:ea:60:b1:63:eb:e3:9c:00:6a:a9:b1:
f9:79:fe:73:77:59:b7:c4:fe:2f:88:07:6e:39:97:
9b:7c:dc:98:f3:da:e1:cd:29:65:89:f9:4a:50:d3:
d6:fa:e2:fc:09:72:e9:fe:3c:98:49:99:88:95:83:
3b:01:03:20:32:f4:06:8f:72:a0:c3:3e:44:52:76:
d1:d9:63:ec:d4:dc:eb:65:c5:23:6e:43:aa:28:41:
59:9d:6c:1e:71:ec:20:12:4c:21:4b:7c:23:de:d3:
ec:6a:64:68:a0:0d:3a:15:da:45:e3:a3:83:8f:02:
a0:4a:d3:9a:43:b0:29:2f:9f:f9:94:aa:72:11:81:
a5:c0:ea:93:57:77:ab:2e:38:46:27:73:3e:69:77:
ee:a0:f2:8a:28:3a:ec:99:ae:63:45:cf:f2:66:9c:
df:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B4:7D:1B:6F:D9:BE:93:44:50:EB:15:C3:C3:0F:A8:35:68:78:D4
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/27R9G2_ZvpNEUOsVw8MPqDVoeNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0/24
45.94.215.0/24
89.46.217.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
31:20:52:5a:6d:c1:13:da:5e:f5:e5:c4:41:65:40:31:86:67:
04:71:7c:fa:79:18:37:dd:a5:55:47:7b:3a:b6:bd:4a:6d:bd:
35:a2:aa:89:e1:b5:6e:c6:ce:e0:ec:45:df:e7:07:60:a4:1f:
57:2f:b4:a3:76:9b:e6:aa:dc:0c:06:da:d6:d9:89:0a:5f:58:
cf:60:7b:d9:f9:5a:ac:26:6d:77:fe:95:c7:18:59:1e:0b:14:
3d:ae:3a:2f:39:11:d1:e1:f6:99:58:ea:29:99:21:7c:67:86:
0d:e3:ef:74:f7:ff:55:cd:75:ee:82:5e:2d:b2:15:83:47:4b:
52:39:3b:c3:06:a1:95:b4:d5:4f:31:29:d8:32:71:5e:6f:e0:
95:df:67:42:4d:0f:6e:18:91:1f:e1:dc:98:95:d2:85:09:53:
f7:f5:be:29:23:34:6f:cd:0c:61:ae:4b:29:2a:23:0f:0c:fb:
2c:0a:9b:d9:c5:dd:77:f4:53:7b:5e:59:ea:e0:c2:de:8f:12:
92:3a:5a:b5:36:4b:96:65:e1:bd:91:86:67:c6:33:c4:67:33:
f8:ef:0a:3a:e0:2a:0f:59:9f:ef:30:43:56:de:09:e7:4a:fd:
0e:39:ec:2b:00:ba:29:60:98:5c:e0:90:37:7d:57:08:07:24:
11:5d:c5:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYHqD9fqFoI3B/bOB3dL8FgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTMxMTE0ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI0N2QxYjZmZDliZTkzNDQ1MGViMTVjM2MzMGZhODM1Njg3OGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAtHExQCJvM9cwAGmp7Ln82mJ2k9
Yfkn2NUj1ylIE8m8QS8tJqnUABHAt76yyOLLL5qGXkwhd7JdHVqelrNBPw+Jsyx8
uv9rnAWiLGdPWVPxBe+gmt+oM1/WSIir6mCxY+vjnABqqbH5ef5zd1m3xP4viAdu
OZebfNyY89rhzSlliflKUNPW+uL8CXLp/jyYSZmIlYM7AQMgMvQGj3Kgwz5EUnbR
2WPs1NzrZcUjbkOqKEFZnWwecewgEkwhS3wj3tPsamRooA06FdpF46ODjwKgStOa
Q7ApL5/5lKpyEYGlwOqTV3erLjhGJ3M+aXfuoPKKKDrsma5jRc/yZpzfcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNu0fRtv2b6TRFDrFcPDD6g1aHjUMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMjdSOUcyX1p2cE5FVU9zVnc4TVBxRFZvZU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV7VAwQA
LV7XAwQAWS7ZAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQAxIFJabcET2l715cRB
ZUAxhmcEcXz6eRg33aVVR3s6tr1Kbb01oqqJ4bVuxs7g7EXf5wdgpB9XL7Sjdpvm
qtwMBtrW2YkKX1jPYHvZ+VqsJm13/pXHGFkeCxQ9rjovORHR4faZWOopmSF8Z4YN
4+909/9VzXXugl4tshWDR0tSOTvDBqGVtNVPMSnYMnFeb+CV32dCTQ9uGJEf4dyY
ldKFCVP39b4pIzRvzQxhrkspKiMPDPssCpvZxd139FN7Xlnq4MLejxKSOlq1NkuW
ZeG9kYZnxjPEZzP47wo64CoPWZ/vMENW3gnnSv0OOewrALopYJhc4JA3fVcIByQR
XcVT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org