Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0PoIJIgYMOlFzJAFgr_HIdo-6g0.roa
File: 0PoIJIgYMOlFzJAFgr_HIdo-6g0.roa (raw, json)
Hash identifier: 1slGkvev2+8X4XuFtsRoyaAoor2GMx2/0mTspYrnje8=
Subject key identifier: D0:FA:08:24:88:18:30:E9:45:CC:90:05:82:BF:C7:21:DA:3E:EA:0D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C72865F7276A4FD712E7BD94B54A11
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0PoIJIgYMOlFzJAFgr_HIdo-6g0.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.87.254.0/24 maxlen: 24
45.91.9.0/24 maxlen: 24
77.83.192.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 21:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:28:65:f7:27:6a:4f:d7:12:e7:bd:94:b5:4a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0fa0824881830e945cc900582bfc721da3eea0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:85:0b:cb:ec:e1:c5:cb:7a:a2:01:c0:c5:a7:
0c:9a:7b:f7:81:66:be:5e:4f:f2:1f:e4:62:7c:33:
da:93:1e:ba:3b:81:ad:9c:4e:da:44:b9:e9:bf:a7:
77:4b:53:f0:6b:58:1d:6c:a2:b9:c5:b7:41:60:44:
ef:1d:7e:94:14:fd:23:4d:bd:45:85:9c:f5:16:82:
01:31:ad:66:39:92:7c:de:95:78:f3:71:e5:1c:1d:
fb:78:de:06:8a:d2:3d:48:9b:a3:a7:1f:3d:b8:0f:
6a:3e:32:ad:e0:5f:06:ca:b7:04:1f:6c:99:60:c6:
1c:93:3f:0d:f7:58:da:42:51:1d:a8:68:ba:43:02:
6c:c0:d2:48:8a:07:97:28:24:56:f1:48:f9:fa:05:
f3:f6:2d:eb:23:7b:44:ac:2c:23:76:c9:32:8f:a8:
de:32:eb:65:7e:2e:8c:b6:fb:b6:d1:4b:da:17:69:
1b:fc:14:70:9c:64:4f:13:1c:b4:71:c4:74:c1:8c:
e1:53:dc:07:fe:ee:96:14:85:d1:68:5a:fd:08:3f:
9d:11:00:00:38:71:68:79:c7:7c:17:5d:d8:4e:a0:
42:e1:c0:2f:2f:cb:66:74:1c:ed:ce:48:07:06:5d:
ff:af:85:af:f0:56:54:dc:48:89:32:02:19:d9:36:
e6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FA:08:24:88:18:30:E9:45:CC:90:05:82:BF:C7:21:DA:3E:EA:0D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/0PoIJIgYMOlFzJAFgr_HIdo-6g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.254.0/24
45.91.9.0/24
77.83.192.0/24
77.83.194.0/23
Signature Algorithm: sha256WithRSAEncryption
74:57:b1:a8:c0:7a:c7:94:8e:91:c9:2f:94:51:8c:31:9e:9f:
e5:d8:9a:3f:b4:45:03:07:27:55:ff:0e:96:2b:41:83:ca:76:
3a:55:fb:08:7e:a3:07:3f:49:82:ce:fb:31:e2:65:f3:29:8f:
e7:65:55:e8:a9:00:51:0e:bd:96:bf:d9:83:10:91:f2:2b:80:
b3:ea:da:30:f8:98:9e:2a:f2:ad:08:7a:b0:a6:a7:0f:86:ec:
07:26:01:cd:55:2f:e8:20:30:56:9a:7d:2c:8c:b9:80:f9:8c:
b6:29:95:75:32:63:b3:4b:70:55:eb:13:99:81:1c:b8:5c:b5:
d3:ff:d4:a5:49:8e:1f:0a:25:c9:ca:27:df:07:b8:b6:10:b9:
73:fe:6a:eb:b1:4f:8a:7c:8f:23:99:9c:26:6e:30:95:fe:33:
86:89:b1:4a:65:8f:5a:fc:e0:18:bb:4a:68:c5:99:41:29:95:
94:df:77:81:78:16:a1:80:1f:b9:68:32:9c:1c:8e:a8:e0:cf:
62:46:c0:da:39:d4:8b:ed:2c:c3:af:eb:c3:d9:c2:76:6e:75:
44:75:01:26:45:bb:05:f5:ea:46:57:32:06:cc:b3:ca:ce:5c:
5d:89:37:e1:1f:71:38:6a:c5:9d:8d:02:7f:1f:12:88:1c:07:
a0:47:c2:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6Fxyhl9ydqT9cS572UtUoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGZhMDgyNDg4MTgzMGU5NDVjYzkwMDU4MmJmYzcyMWRhM2VlYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIULy+zhxct6ogHAxacMmnv3gWa+
Xk/yH+RifDPakx66O4GtnE7aRLnpv6d3S1Pwa1gdbKK5xbdBYETvHX6UFP0jTb1F
hZz1FoIBMa1mOZJ83pV483HlHB37eN4GitI9SJujpx89uA9qPjKt4F8GyrcEH2yZ
YMYckz8N91jaQlEdqGi6QwJswNJIigeXKCRW8Uj5+gXz9i3rI3tErCwjdskyj6je
Mutlfi6Mtvu20UvaF2kb/BRwnGRPExy0ccR0wYzhU9wH/u6WFIXRaFr9CD+dEQAA
OHFoecd8F13YTqBC4cAvL8tmdBztzkgHBl3/r4Wv8FZU3EiJMgIZ2TbmKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFND6CCSIGDDpRcyQBYK/xyHaPuoNMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMFBvSUpJZ1lNT2xGekpBRmdyX0hJZG8tNmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVf+AwQA
LVsJAwQATVPAAwQBTVPCMA0GCSqGSIb3DQEBCwUAA4IBAQB0V7GowHrHlI6RyS+U
UYwxnp/l2Jo/tEUDBydV/w6WK0GDynY6VfsIfqMHP0mCzvsx4mXzKY/nZVXoqQBR
Dr2Wv9mDEJHyK4Cz6tow+JieKvKtCHqwpqcPhuwHJgHNVS/oIDBWmn0sjLmA+Yy2
KZV1MmOzS3BV6xOZgRy4XLXT/9SlSY4fCiXJyiffB7i2ELlz/mrrsU+KfI8jmZwm
bjCV/jOGibFKZY9a/OAYu0poxZlBKZWU33eBeBahgB+5aDKcHI6o4M9iRsDaOdSL
7SzDr+vD2cJ2bnVEdQEmRbsF9epGVzIGzLPKzlxdiTfhH3E4asWdjQJ/HxKIHAeg
R8Iz
-----END CERTIFICATE-----
Generated at Mon Aug 12 23:53:59 2024 by rpki-client on console-ams.rpki-client.org