Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CEpg9Kyx3_2nuT5tlpHWjTFRO80.roa
File: CEpg9Kyx3_2nuT5tlpHWjTFRO80.roa (raw, json)
Hash identifier: zttQBUhHuEwWeGinFTo5prtx5tbw6lV2jn+vW5bbQ9s=
Subject key identifier: 08:4A:60:F4:AC:B1:DF:FD:A7:B9:3E:6D:96:91:D6:8D:31:51:3B:CD
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1860B4B6E27451D7EB5F95196FD5
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CEpg9Kyx3_2nuT5tlpHWjTFRO80.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206077
IP address blocks: 217.26.188.0/22 maxlen: 22
217.26.189.0/24 maxlen: 24
217.26.188.0/23 maxlen: 23
185.226.192.0/23 maxlen: 24
217.26.188.0/24 maxlen: 24
45.80.81.0/24 maxlen: 24
201.49.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 11:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:18:60:b4:b6:e2:74:51:d7:eb:5f:95:19:6f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=084a60f4acb1dffda7b93e6d9691d68d31513bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:18:f8:61:f2:28:8d:2e:4f:89:ad:a7:ae:07:
43:d2:74:b5:53:fb:6f:b1:79:d9:bb:eb:71:ec:8d:
7c:9d:91:db:b9:2b:2e:a4:04:da:ba:6c:36:0d:65:
f2:3e:36:f5:32:eb:78:a0:be:fe:05:9c:7b:58:0d:
c8:28:ae:54:6e:41:5b:b5:7d:a0:a3:fd:aa:bd:5b:
47:8a:7a:21:84:8e:df:47:81:28:00:ee:94:05:ce:
83:0e:5f:fa:5b:05:4e:af:9f:80:41:49:bf:07:2d:
23:d9:39:cb:45:d7:fd:12:7e:9f:36:ca:a3:ea:8d:
81:86:9e:fb:27:87:41:ba:09:a3:ce:f1:3f:b8:73:
1a:77:1d:eb:94:7a:7f:df:00:b9:c1:4d:88:9e:18:
dd:e9:34:bf:42:fb:6a:28:8b:bd:63:dc:9b:8a:42:
67:3c:21:f5:71:3b:d5:1c:20:c2:04:bb:ac:2f:fa:
c4:38:7f:df:83:de:45:d5:34:c1:bf:a7:91:33:7e:
84:b7:d6:c6:d9:b6:75:f3:57:5a:ad:f7:ec:5f:b7:
13:89:e5:16:6a:f9:69:ad:43:46:00:fa:49:a3:7e:
86:69:2a:e4:c4:80:03:ba:a0:5a:00:f3:bc:fe:ca:
f8:4e:03:21:b1:5a:b1:3a:fa:4b:de:bc:93:af:6d:
c6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4A:60:F4:AC:B1:DF:FD:A7:B9:3E:6D:96:91:D6:8D:31:51:3B:CD
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/CEpg9Kyx3_2nuT5tlpHWjTFRO80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.81.0/24
185.226.192.0/23
201.49.191.0/24
217.26.188.0/22
Signature Algorithm: sha256WithRSAEncryption
63:fa:3d:69:0f:c1:a0:15:2b:99:cf:af:28:53:a8:a4:1f:fd:
5c:c3:2d:35:38:b8:79:5e:cc:24:1e:cf:99:86:1a:54:ab:5d:
8c:f7:c6:81:c1:d6:f1:df:3d:7e:b3:ec:a1:28:52:cd:a0:b6:
08:3d:f4:31:ba:aa:d1:56:46:f1:2e:17:d6:b8:f3:bf:0e:3d:
c2:c5:6d:00:4c:44:47:45:e0:5b:78:7e:80:41:00:5b:ae:de:
78:81:f6:b3:76:f2:23:e4:b9:f2:12:e9:bc:89:94:11:9f:9a:
d8:78:c3:b3:ef:f5:a0:31:84:21:76:44:5c:b8:e3:a7:39:9d:
ce:0e:ab:75:71:bc:cc:39:52:b1:e4:73:5a:e5:62:25:d7:97:
68:66:5d:88:94:bc:d6:81:25:73:c6:c7:37:20:ca:b9:8e:1f:
8b:2d:4d:5d:1f:bd:30:be:04:09:c8:cb:25:6f:93:75:da:c0:
ed:8d:20:d5:1f:3a:9a:88:86:c2:18:d6:9d:fc:b8:da:f3:bb:
ff:8d:4c:4a:8b:de:82:69:ea:03:00:f1:e3:30:e1:16:09:70:
9d:3b:36:15:6c:df:dd:b9:47:6b:d5:9a:e7:84:0e:0e:d9:fc:
60:a5:35:f4:96:57:0a:2c:2d:0d:46:09:af:5a:cf:61:41:34:
e1:a8:57:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbhhgtLbidFHX61+VGW/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRhNjBmNGFjYjFkZmZkYTdiOTNlNmQ5NjkxZDY4ZDMxNTEzYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhj4YfIojS5Pia2nrgdD0nS1U/tv
sXnZu+tx7I18nZHbuSsupATaumw2DWXyPjb1Mut4oL7+BZx7WA3IKK5UbkFbtX2g
o/2qvVtHinohhI7fR4EoAO6UBc6DDl/6WwVOr5+AQUm/By0j2TnLRdf9En6fNsqj
6o2Bhp77J4dBugmjzvE/uHMadx3rlHp/3wC5wU2Inhjd6TS/QvtqKIu9Y9ybikJn
PCH1cTvVHCDCBLusL/rEOH/fg95F1TTBv6eRM36Et9bG2bZ181darffsX7cTieUW
avlprUNGAPpJo36GaSrkxIADuqBaAPO8/sr4TgMhsVqxOvpL3ryTr23GVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAhKYPSssd/9p7k+bZaR1o0xUTvNMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQ0VwZzlLeXgzXzJudVQ1dGxwSFdqVEZSTzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVBRAwQB
ueLAAwQAyTG/AwQC2Rq8MA0GCSqGSIb3DQEBCwUAA4IBAQBj+j1pD8GgFSuZz68o
U6ikH/1cwy01OLh5XswkHs+ZhhpUq12M98aBwdbx3z1+s+yhKFLNoLYIPfQxuqrR
VkbxLhfWuPO/Dj3CxW0ATERHReBbeH6AQQBbrt54gfazdvIj5LnyEum8iZQRn5rY
eMOz7/WgMYQhdkRcuOOnOZ3ODqt1cbzMOVKx5HNa5WIl15doZl2IlLzWgSVzxsc3
IMq5jh+LLU1dH70wvgQJyMslb5N12sDtjSDVHzqaiIbCGNad/Lja87v/jUxKi96C
aeoDAPHjMOEWCXCdOzYVbN/duUdr1ZrnhA4O2fxgpTX0llcKLC0NRgmvWs9hQTTh
qFdm
-----END CERTIFICATE-----
Generated at Mon Jan 22 16:40:15 2024 by rpki-client on console-ams.rpki-client.org