Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/b8ygExC_hbBiMYgE21GkvrpdbB4.roa
File: b8ygExC_hbBiMYgE21GkvrpdbB4.roa (raw, json)
Hash identifier: 0nrWB1mjZV1FyCV07+QqYdgiCyRZlGbf6SqDJZdoszI=
Subject key identifier: 6F:CC:A0:13:10:BF:85:B0:62:31:88:04:DB:51:A4:BE:BA:5D:6C:1E
Certificate issuer: /CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
Certificate serial: 018A8D950C3F572C0EBA3D3E368259799EC9
Authority key identifier: 84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/b8ygExC_hbBiMYgE21GkvrpdbB4.roa
Signing time: Wed 13 Sep 2023 08:07:50 +0000
ROA not before: Wed 13 Sep 2023 08:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212752
IP address blocks: 45.90.80.0/24 maxlen: 24
45.90.83.0/24 maxlen: 24
45.90.82.0/24 maxlen: 24
91.240.165.0/24 maxlen: 24
2a10:b480::/29 maxlen: 64
Validation: Failed, certificate revoked on Fri 01 Dec 2023 07:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:95:0c:3f:57:2c:0e:ba:3d:3e:36:82:59:79:9e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84c17102b6e92e292ec8acaf659e3c290a8d0b68
Validity
Not Before: Sep 13 08:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fcca01310bf85b062318804db51a4beba5d6c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:fc:b8:64:f6:a4:d6:5f:6f:31:2c:50:2b:
79:57:fb:a6:09:fb:fa:b2:3f:e9:ba:eb:ac:d8:45:
22:10:42:03:f9:b6:b9:9f:c1:b9:a8:ac:82:f8:88:
e8:d6:eb:73:b9:c8:0c:76:16:8f:42:23:dc:a8:53:
ed:08:db:95:98:16:1c:8c:02:6b:ba:1f:8e:5d:3a:
f3:80:9e:17:f9:a2:98:40:11:ad:81:b1:d7:ff:7c:
01:e2:32:6f:22:aa:f0:76:32:f7:d2:1a:85:36:91:
a6:0b:6d:b8:22:69:5e:ae:c2:7d:54:c7:81:ee:d7:
84:00:b4:15:19:4c:62:83:d2:94:91:30:ce:93:97:
f6:54:26:27:f1:2c:cb:ff:30:20:3a:5d:8e:67:76:
c4:ee:6a:65:8c:e7:c1:d2:e7:ed:64:af:7c:09:d2:
34:bb:f3:b5:c9:94:b1:6f:76:05:3d:9d:bb:0e:f6:
67:66:85:07:9b:2b:9a:83:dd:e7:4a:8a:9a:5f:19:
ae:a5:f1:b6:d6:3d:19:08:c3:58:f2:96:00:e6:f6:
1c:5f:94:e2:77:a4:dc:66:1a:ea:53:a4:56:b7:9b:
32:bb:b1:3f:11:18:86:78:90:36:3d:a6:f9:60:3c:
6c:6c:94:cb:71:3d:99:cc:bc:09:1e:af:8f:58:f4:
f5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CC:A0:13:10:BF:85:B0:62:31:88:04:DB:51:A4:BE:BA:5D:6C:1E
X509v3 Authority Key Identifier:
keyid:84:C1:71:02:B6:E9:2E:29:2E:C8:AC:AF:65:9E:3C:29:0A:8D:0B:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hMFxArbpLikuyKyvZZ48KQqNC2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/b8ygExC_hbBiMYgE21GkvrpdbB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6d569d-c44b-4c34-a159-d583f9a66e3b/1/hMFxArbpLikuyKyvZZ48KQqNC2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.80.0/24
45.90.82.0/23
91.240.165.0/24
IPv6:
2a10:b480::/29
Signature Algorithm: sha256WithRSAEncryption
68:b5:a7:ab:b7:e4:7e:47:90:cb:39:d7:06:97:dd:35:b8:85:
c9:42:0b:76:1c:ff:b0:aa:30:f7:ee:41:5a:9d:b4:a8:b7:6b:
e7:d0:db:6b:ed:27:4d:cb:e2:c7:3a:f0:08:bb:60:6a:e1:87:
bb:32:5d:ee:b0:c5:74:48:58:71:d2:69:f7:b8:8f:9d:55:bf:
c4:86:1e:7f:9a:e2:0d:4f:86:d4:ac:1c:5f:de:a9:f1:33:18:
f4:22:b5:eb:9b:26:db:e9:dd:5b:b1:ca:91:40:dc:9c:96:81:
dd:b9:f2:26:ee:90:78:6b:ab:c8:84:5a:45:d1:20:e8:b5:03:
12:fc:cc:de:fd:af:a7:2e:7b:c4:af:ed:0e:1e:e7:9c:57:4e:
2b:86:0e:b7:5d:15:32:77:cb:56:10:de:d9:e9:30:3d:c7:bb:
73:d8:9c:cd:e3:b2:55:3d:7b:47:12:27:15:26:eb:35:e9:17:
d1:29:d4:67:73:bf:0e:c2:97:6f:20:bf:0d:a4:89:e0:e4:9e:
d5:56:ea:ed:aa:67:22:64:94:b3:29:cf:39:23:34:e2:c7:bb:
cf:8d:cb:0c:5e:a3:b7:4b:cc:35:a1:9f:77:22:ef:f3:21:a5:
ce:f7:7c:a8:e8:e1:3e:d9:d6:34:d0:eb:89:9d:8d:ba:c3:e2:
c6:f4:b8:9b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqNlQw/VywOuj0+NoJZeZ7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YzE3MTAyYjZlOTJlMjkyZWM4YWNhZjY1OWUzYzI5MGE4
ZDBiNjgwHhcNMjMwOTEzMDgwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNjYTAxMzEwYmY4NWIwNjIzMTg4MDRkYjUxYTRiZWJhNWQ2YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9/8uGT2pNZfbzEsUCt5V/umCfv6
sj/puuus2EUiEEID+ba5n8G5qKyC+Ijo1utzucgMdhaPQiPcqFPtCNuVmBYcjAJr
uh+OXTrzgJ4X+aKYQBGtgbHX/3wB4jJvIqrwdjL30hqFNpGmC224ImlersJ9VMeB
7teEALQVGUxig9KUkTDOk5f2VCYn8SzL/zAgOl2OZ3bE7mpljOfB0uftZK98CdI0
u/O1yZSxb3YFPZ27DvZnZoUHmyuag93nSoqaXxmupfG21j0ZCMNY8pYA5vYcX5Ti
d6TcZhrqU6RWt5syu7E/ERiGeJA2Pab5YDxsbJTLcT2ZzLwJHq+PWPT12wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG/MoBMQv4WwYjGIBNtRpL66XWweMB8GA1UdIwQY
MBaAFITBcQK26S4pLsisr2WePCkKjQtoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTkt
ZDU4M2Y5YTY2ZTNiLzEvYjh5Z0V4Q19oYkJpTVlnRTIxR2t2cnBkYkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82ZDU2OWQtYzQ0Yi00YzM0LWExNTktZDU4M2Y5YTY2ZTNi
LzEvaE1GeEFyYnBMaWt1eUt5dlpaNDhLUXFOQzJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVpQAwQB
LVpSAwQAW/ClMA0EAgACMAcDBQMqELSAMA0GCSqGSIb3DQEBCwUAA4IBAQBotaer
t+R+R5DLOdcGl901uIXJQgt2HP+wqjD37kFanbSot2vn0Ntr7SdNy+LHOvAIu2Bq
4Ye7Ml3usMV0SFhx0mn3uI+dVb/Ehh5/muINT4bUrBxf3qnxMxj0IrXrmybb6d1b
scqRQNycloHdufIm7pB4a6vIhFpF0SDotQMS/Mze/a+nLnvEr+0OHuecV04rhg63
XRUyd8tWEN7Z6TA9x7tz2JzN47JVPXtHEicVJus16RfRKdRnc78OwpdvIL8NpIng
5J7VVurtqmciZJSzKc85IzTix7vPjcsMXqO3S8w1oZ93Iu/zIaXO93yo6OE+2dY0
0OuJnY26w+LG9Lib
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:40 2024 by rpki-client on console-fra.rpki-client.org