Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/TSt7-YVCEZ8J1aWW4NEtJb5KorI.roa
File: TSt7-YVCEZ8J1aWW4NEtJb5KorI.roa (raw, json)
Hash identifier: PvXzJNbFrD/0WCH38lQS/LX7mWnMc+E25NMCfOLVE0Y=
Subject key identifier: 4D:2B:7B:F9:85:42:11:9F:09:D5:A5:96:E0:D1:2D:25:BE:4A:A2:B2
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 01934078ED252D4EC164AF06222CE0927E0F
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/TSt7-YVCEZ8J1aWW4NEtJb5KorI.roa
Signing time: Mon 18 Nov 2024 18:11:26 +0000
ROA not before: Mon 18 Nov 2024 18:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.150.150.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
91.217.177.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.74.221.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.149.192.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 19 Nov 2024 13:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:78:ed:25:2d:4e:c1:64:af:06:22:2c:e0:92:7e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Nov 18 18:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d2b7bf98542119f09d5a596e0d12d25be4aa2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fa:5b:9b:83:14:7d:9f:7a:1b:3a:b6:7e:71:
d6:8f:d0:c6:53:5c:83:f8:ac:e0:35:5b:92:28:67:
9e:95:68:47:5b:01:c1:2a:8e:a1:be:bb:d1:11:37:
85:0a:f8:17:7f:f4:26:59:85:a6:bb:75:47:d1:ef:
ba:c6:3a:4d:56:6b:bb:ac:5a:ef:cc:03:ac:4b:4d:
5c:fe:b5:5b:80:7d:43:4b:23:9f:dd:14:fa:0b:7c:
80:b2:f7:e4:07:85:e1:24:86:80:2a:c8:d1:65:32:
9f:eb:d0:39:a1:f7:6a:1d:37:1e:c0:ae:dc:81:8e:
09:45:e4:86:b3:1e:4d:dc:03:29:48:bb:e4:23:44:
f8:7e:02:a6:3b:e8:eb:b0:8a:f5:f6:72:b8:70:2b:
92:c1:2d:1b:44:61:2b:0d:1a:78:61:51:f9:db:60:
26:70:19:6b:6b:4e:10:22:af:76:aa:ee:d0:d3:85:
6e:40:38:3d:e3:17:90:14:13:d1:94:f1:7e:f4:02:
6e:b0:9a:cc:8c:37:00:01:2c:a2:38:51:c0:4b:bd:
68:7d:61:08:ed:fe:e9:6c:2e:c7:b7:45:6a:32:73:
75:7e:01:a5:29:fd:26:c3:73:57:b9:a9:84:0c:70:
c7:df:c8:69:15:b6:9e:11:2a:02:6b:be:84:3a:40:
9a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2B:7B:F9:85:42:11:9F:09:D5:A5:96:E0:D1:2D:25:BE:4A:A2:B2
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/TSt7-YVCEZ8J1aWW4NEtJb5KorI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.252.0/24
45.94.254.0/23
45.150.150.0/24
45.159.196.0/22
91.217.177.0/24
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.74.221.0/24
185.86.180.0/23
185.128.40.0/24
185.149.192.0/24
185.236.36.0/22
185.238.143.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
2d:91:64:10:dd:b1:a3:ca:4e:4d:ae:fe:cd:94:3d:9b:fb:79:
4b:a2:a7:4f:d5:5c:8e:ef:aa:7f:c5:88:c8:15:d7:aa:5c:a8:
23:39:7f:7c:65:2a:1d:d5:59:bc:81:5d:30:0f:14:89:96:3d:
97:b8:43:1d:2a:73:1a:04:9b:84:48:d0:f2:16:71:8f:a9:13:
2a:49:18:3b:b7:29:7b:59:48:a3:2a:55:8b:76:d2:d6:8c:e2:
50:b9:3f:b3:ff:68:48:f2:a8:bb:93:b4:94:17:58:7f:22:09:
7f:ae:61:9e:dd:83:76:b4:e0:9a:d5:19:a7:37:b2:5e:f3:f6:
e4:da:06:bb:0e:bf:d3:f0:ed:54:c3:cf:06:c1:8c:11:77:24:
fa:98:d5:47:ab:78:df:b1:67:13:b9:b4:d6:ff:c6:b4:73:85:
b5:81:00:fc:7f:71:02:fc:a2:1a:a1:df:75:db:f3:a8:6c:32:
ab:23:07:fd:6d:5b:9c:d0:a0:32:02:db:91:cf:34:90:4c:77:
60:c8:af:2b:58:9f:0f:ce:4d:fc:df:f8:dd:97:66:55:18:65:
da:4e:76:b6:70:7a:18:ea:d3:6d:4a:47:17:f2:52:61:32:a7:
c1:04:76:b1:18:e3:3e:cf:64:3a:b9:37:a4:81:1f:83:e4:eb:
cd:8d:6e:e3
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZNAeO0lLU7BZK8GIizgkn4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMTE4MTgxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDJiN2JmOTg1NDIxMTlmMDlkNWE1OTZlMGQxMmQyNWJlNGFhMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfpbm4MUfZ96Gzq2fnHWj9DGU1yD
+KzgNVuSKGeelWhHWwHBKo6hvrvRETeFCvgXf/QmWYWmu3VH0e+6xjpNVmu7rFrv
zAOsS01c/rVbgH1DSyOf3RT6C3yAsvfkB4XhJIaAKsjRZTKf69A5ofdqHTcewK7c
gY4JReSGsx5N3AMpSLvkI0T4fgKmO+jrsIr19nK4cCuSwS0bRGErDRp4YVH522Am
cBlra04QIq92qu7Q04VuQDg94xeQFBPRlPF+9AJusJrMjDcAASyiOFHAS71ofWEI
7f7pbC7Ht0VqMnN1fgGlKf0mw3NXuamEDHDH38hpFbaeESoCa76EOkCajQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFE0re/mFQhGfCdWlluDRLSW+SqKyMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvVFN0Ny1ZVkNFWjhKMWFXVzRORXRKYjVLb3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAC1e/AME
AS1e/gMEAC2WlgMEAi2fxAMEAFvZsQMEAmfYPAMEAJ13vAMEAZ13vgMEALk/cgME
ALlK3QMEAblWtAMEALmAKAMEALmVwAMEArnsJAMEALnujwMEAcNyBAMEAcNyCDAN
BAIAAjAHAwUDKg2VADANBgkqhkiG9w0BAQsFAAOCAQEALZFkEN2xo8pOTa7+zZQ9
m/t5S6KnT9Vcju+qf8WIyBXXqlyoIzl/fGUqHdVZvIFdMA8UiZY9l7hDHSpzGgSb
hEjQ8hZxj6kTKkkYO7cpe1lIoypVi3bS1oziULk/s/9oSPKou5O0lBdYfyIJf65h
nt2DdrTgmtUZpzeyXvP25NoGuw6/0/DtVMPPBsGMEXck+pjVR6t437FnE7m01v/G
tHOFtYEA/H9xAvyiGqHfddvzqGwyqyMH/W1bnNCgMgLbkc80kEx3YMivK1ifD85N
/N/43ZdmVRhl2k52tnB6GOrTbUpHF/JSYTKnwQR2sRjjPs9kOrk3pIEfg+TrzY1u
4w==
-----END CERTIFICATE-----
Generated at Tue Nov 19 17:32:30 2024 by rpki-client on console-fra.rpki-client.org