Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Fj2DOifZtZv480xaQXCzqRdNrNE.roa
File: Fj2DOifZtZv480xaQXCzqRdNrNE.roa (raw, json)
Hash identifier: rmx2d5J51azgcRYbRZSP8IgtoqYXmq4ZpREE8nd4lCo=
Subject key identifier: 16:3D:83:3A:27:D9:B5:9B:F8:F3:4C:5A:41:70:B3:A9:17:4D:AC:D1
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 0192D725938627D398AA99B46843264D2FA6
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Fj2DOifZtZv480xaQXCzqRdNrNE.roa
Signing time: Tue 29 Oct 2024 07:20:16 +0000
ROA not before: Tue 29 Oct 2024 07:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.150.150.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
91.217.177.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.149.192.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 18 Nov 2024 18:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:25:93:86:27:d3:98:aa:99:b4:68:43:26:4d:2f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Oct 29 07:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=163d833a27d9b59bf8f34c5a4170b3a9174dacd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:52:6d:1b:77:d8:59:d2:00:95:5f:8d:7f:e1:
86:9b:8d:61:e2:7c:7f:a0:2c:2a:d8:71:fd:ce:02:
65:ab:b0:73:f2:3a:96:69:fb:07:4d:f1:5b:1e:82:
cc:46:66:da:fc:80:b0:1a:37:b7:80:a5:d4:6e:d1:
1e:10:9d:40:43:74:60:47:eb:69:70:4d:e7:3b:72:
b9:77:21:17:57:52:7d:82:68:76:70:98:84:33:99:
27:69:d5:de:e4:53:9e:13:fe:a2:d5:2d:f7:f4:5e:
bb:36:8c:66:e7:0c:cb:7a:c8:4f:a9:35:6e:b0:93:
be:68:d0:1d:ad:d0:c3:ed:6e:2a:07:be:cd:89:4c:
3e:95:5e:f7:56:a6:42:69:9e:c0:ab:54:e6:19:65:
e3:bc:29:f9:97:b1:9f:71:3b:1e:17:fe:0d:5d:3c:
3e:20:2d:d7:94:81:b1:50:4f:e3:48:5f:c1:85:f4:
a5:a5:80:2b:e4:e3:5a:e8:c9:48:60:af:ef:60:4b:
75:25:49:f0:3d:0c:ab:c5:cb:bf:2a:7b:e9:c4:ef:
15:92:0b:e9:d9:d1:a6:45:bd:c0:fd:a0:e5:f8:e8:
b5:9e:20:e8:5d:da:d9:5b:24:75:23:72:c2:87:28:
88:a8:c6:1c:e2:a0:6c:61:4f:56:e9:69:dd:fe:7f:
8c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3D:83:3A:27:D9:B5:9B:F8:F3:4C:5A:41:70:B3:A9:17:4D:AC:D1
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/Fj2DOifZtZv480xaQXCzqRdNrNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.150.150.0/24
45.159.196.0/22
91.217.177.0/24
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.86.180.0/23
185.128.40.0/24
185.149.192.0/24
185.236.36.0/22
185.238.143.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
31:90:58:3e:2a:45:1e:a3:d6:92:69:aa:ce:0a:c5:f5:be:94:
4b:c7:b5:38:a4:a2:fc:74:a5:15:1c:89:d5:29:a2:cd:76:d6:
4b:6c:f7:a7:4e:0d:26:8b:bf:35:8d:41:d7:e2:20:46:f3:49:
99:06:d4:97:0d:1c:64:78:cf:42:bb:39:c6:eb:49:21:7e:49:
17:b7:3c:3f:b1:bb:60:99:00:c1:bf:5b:96:ed:57:81:51:aa:
24:06:ea:22:39:f9:3b:e8:4e:06:c6:fa:05:aa:49:51:46:f8:
08:20:b1:0d:61:29:cc:cf:ba:75:e3:20:89:1c:c2:72:23:4d:
6a:4c:a4:4d:32:8e:e7:d9:76:4b:40:b7:2f:e7:fe:88:d5:78:
70:de:9d:f3:77:76:b0:14:c3:15:23:80:a8:5a:c0:6c:bd:9d:
03:00:fc:a7:75:7d:88:24:6e:1d:38:85:1c:a2:28:57:93:fd:
e2:89:bd:af:29:b5:e6:93:da:19:40:ec:29:a4:7f:2a:f6:aa:
4c:f6:7f:dc:58:c9:99:87:bb:71:6c:58:85:f7:16:03:c5:a2:
8a:fe:a4:16:fa:66:75:0f:d1:bc:04:af:ec:1c:e7:6f:5a:c6:
86:ee:12:23:ec:83:86:f5:11:a1:69:c7:5e:ed:de:af:44:83:
9e:55:dd:ee
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZLXJZOGJ9OYqpm0aEMmTS+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMDI5MDcyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjNkODMzYTI3ZDliNTliZjhmMzRjNWE0MTcwYjNhOTE3NGRhY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VJtG3fYWdIAlV+Nf+GGm41h4nx/
oCwq2HH9zgJlq7Bz8jqWafsHTfFbHoLMRmba/ICwGje3gKXUbtEeEJ1AQ3RgR+tp
cE3nO3K5dyEXV1J9gmh2cJiEM5knadXe5FOeE/6i1S339F67Noxm5wzLeshPqTVu
sJO+aNAdrdDD7W4qB77NiUw+lV73VqZCaZ7Aq1TmGWXjvCn5l7GfcTseF/4NXTw+
IC3XlIGxUE/jSF/BhfSlpYAr5ONa6MlIYK/vYEt1JUnwPQyrxcu/KnvpxO8Vkgvp
2dGmRb3A/aDl+Oi1niDoXdrZWyR1I3LChyiIqMYc4qBsYU9W6Wnd/n+MNwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFBY9gzon2bWb+PNMWkFws6kXTazRMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvRmoyRE9pZlp0WnY0ODB4YVFYQ3pxUmROck5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAC1e/AME
AS1e/gMEAC2WlgMEAi2fxAMEAFvZsQMEAmfYPAMEAJ13vAMEAZ13vgMEALk/cgME
AblWtAMEALmAKAMEALmVwAMEArnsJAMEALnujwMEAcNyBAMEAcNyCDANBAIAAjAH
AwUDKg2VADANBgkqhkiG9w0BAQsFAAOCAQEAMZBYPipFHqPWkmmqzgrF9b6US8e1
OKSi/HSlFRyJ1SmizXbWS2z3p04NJou/NY1B1+IgRvNJmQbUlw0cZHjPQrs5xutJ
IX5JF7c8P7G7YJkAwb9blu1XgVGqJAbqIjn5O+hOBsb6BapJUUb4CCCxDWEpzM+6
deMgiRzCciNNakykTTKO59l2S0C3L+f+iNV4cN6d83d2sBTDFSOAqFrAbL2dAwD8
p3V9iCRuHTiFHKIoV5P94om9rym15pPaGUDsKaR/KvaqTPZ/3FjJmYe7cWxYhfcW
A8Wiiv6kFvpmdQ/RvASv7Bznb1rGhu4SI+yDhvURoWnHXu3er0SDnlXd7g==
-----END CERTIFICATE-----
Generated at Mon Nov 18 20:59:20 2024 by rpki-client on console-fra.rpki-client.org