Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/A9LBbOu-Jtnt1di9rfcx-W5vpK8.roa
File: A9LBbOu-Jtnt1di9rfcx-W5vpK8.roa (raw, json)
Hash identifier: 9jAQ620iRgyoUBqkMY8+RrzIJ5tIJtGWB15oL8a1zhw=
Subject key identifier: 03:D2:C1:6C:EB:BE:26:D9:ED:D5:D8:BD:AD:F7:31:F9:6E:6F:A4:AF
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CC5DC314806076597A052D079DF5D55C3
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/A9LBbOu-Jtnt1di9rfcx-W5vpK8.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48359
IP address blocks: 185.239.1.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 08:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:31:48:06:07:65:97:a0:52:d0:79:df:5d:55:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d2c16cebbe26d9edd5d8bdadf731f96e6fa4af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b7:7b:97:0c:a9:20:60:16:85:7c:e7:b4:76:
9a:fd:da:94:da:29:f7:8a:1f:87:f2:e6:8a:7e:37:
04:bd:75:0e:08:af:94:4c:c8:6e:13:3f:d0:7e:42:
c3:de:94:81:3b:c1:0c:fc:36:43:19:5a:1e:b7:ad:
ab:50:27:30:5a:27:43:64:7c:5a:37:31:5c:91:5d:
48:e7:6f:80:68:45:3b:af:9b:81:fd:3c:79:cb:52:
d7:e1:19:77:19:20:f2:4f:a6:a8:3c:7c:12:44:ca:
8f:6b:6c:c3:88:15:dd:60:03:78:b6:8c:3f:5e:33:
7f:c0:c8:63:67:fd:3c:05:ad:41:bc:3d:4e:84:a9:
da:e5:bc:a8:58:ab:20:98:a7:81:44:94:77:e8:52:
20:6e:49:d0:1b:62:94:e2:1b:dd:f9:29:cc:0f:a6:
bf:93:1d:04:80:41:f9:49:12:30:15:48:55:86:6a:
ed:ec:ea:d9:81:17:29:c5:cc:80:7d:22:8c:fe:a0:
4e:a2:e3:4f:de:21:89:83:9b:a9:04:ca:17:84:56:
eb:e3:2c:5f:7d:05:08:46:a1:25:0d:8e:d0:18:3f:
0a:54:f9:31:f2:5c:4b:27:0e:78:99:e8:2d:b6:14:
4e:b5:02:ab:dc:d4:a0:a5:b5:87:6a:03:c6:8f:96:
42:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D2:C1:6C:EB:BE:26:D9:ED:D5:D8:BD:AD:F7:31:F9:6E:6F:A4:AF
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/A9LBbOu-Jtnt1di9rfcx-W5vpK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.44.240.0/23
89.46.217.0/24
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
63:12:37:06:fa:57:50:dc:fb:c1:20:b8:2f:46:e2:02:1f:15:
b7:4e:bc:74:aa:10:8a:34:ac:0a:ef:93:19:ed:d8:35:99:88:
01:c7:9f:b6:0a:93:ff:49:0f:ac:5a:ab:c6:10:c4:ae:16:0d:
48:76:1a:83:57:da:73:7e:23:51:5f:75:88:f2:b3:9e:c3:18:
f9:03:60:64:b7:c5:5d:a3:ab:61:62:16:2a:46:7e:1d:08:00:
0f:e1:20:11:12:a0:53:30:cb:6b:99:67:0d:05:9a:17:1b:9f:
ef:c8:d4:a8:19:45:4f:bd:08:05:f5:2b:af:35:11:63:5b:33:
29:6c:8f:8e:bc:e4:56:9f:36:fd:69:91:7b:0b:59:bc:a4:eb:
6e:80:11:e5:03:dc:2c:67:e6:70:6e:fe:18:92:cd:29:5e:1b:
97:a3:99:ee:f2:ba:9f:d4:54:a6:6c:71:81:7e:3e:7c:d6:23:
79:bd:2f:fb:37:3f:b7:7a:57:a6:2f:13:91:06:12:2f:58:d7:
67:8f:42:ce:92:10:8c:ba:01:39:a9:d0:8e:d2:ce:37:e5:6f:
9b:0a:aa:fc:dc:0b:f6:cd:6a:08:6e:ee:28:84:a8:ab:ba:95:
e1:a7:0d:2e:d0:87:96:15:49:a9:75:8f:39:f5:3f:45:d0:b0:
e7:be:4b:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3DFIBgdll6BS0HnfXVXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QyYzE2Y2ViYmUyNmQ5ZWRkNWQ4YmRhZGY3MzFmOTZlNmZhNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrd7lwypIGAWhXzntHaa/dqU2in3
ih+H8uaKfjcEvXUOCK+UTMhuEz/QfkLD3pSBO8EM/DZDGVoet62rUCcwWidDZHxa
NzFckV1I52+AaEU7r5uB/Tx5y1LX4Rl3GSDyT6aoPHwSRMqPa2zDiBXdYAN4tow/
XjN/wMhjZ/08Ba1BvD1OhKna5byoWKsgmKeBRJR36FIgbknQG2KU4hvd+SnMD6a/
kx0EgEH5SRIwFUhVhmrt7OrZgRcpxcyAfSKM/qBOouNP3iGJg5upBMoXhFbr4yxf
fQUIRqElDY7QGD8KVPkx8lxLJw54megtthROtQKr3NSgpbWHagPGj5ZC1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAPSwWzrvibZ7dXYva33Mflub6SvMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvQTlMQmJPdS1KdG50MWRpOXJmY3gtVzV2cEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLV7WAwQC
WSosAwQBWSzwAwQAWS7ZAwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQBjEjcG+ldQ
3PvBILgvRuICHxW3Trx0qhCKNKwK75MZ7dg1mYgBx5+2CpP/SQ+sWqvGEMSuFg1I
dhqDV9pzfiNRX3WI8rOewxj5A2Bkt8Vdo6thYhYqRn4dCAAP4SAREqBTMMtrmWcN
BZoXG5/vyNSoGUVPvQgF9SuvNRFjWzMpbI+OvORWnzb9aZF7C1m8pOtugBHlA9ws
Z+Zwbv4Yks0pXhuXo5nu8rqf1FSmbHGBfj581iN5vS/7Nz+3elemLxORBhIvWNdn
j0LOkhCMugE5qdCO0s435W+bCqr83Av2zWoIbu4ohKirupXhpw0u0IeWFUmpdY85
9T9F0LDnvkvT
-----END CERTIFICATE-----
Generated at Sun Jan 14 09:14:46 2024 by rpki-client on console-ams.rpki-client.org