Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8DviUSdDfcNl3tAQjVPXPkPfcfE.roa
File: 8DviUSdDfcNl3tAQjVPXPkPfcfE.roa (raw, json)
Hash identifier: 2TRTBwZ8LeKt6IoyCoDro12ns1FV4YIZg3lX9xORDSE=
Subject key identifier: F0:3B:E2:51:27:43:7D:C3:65:DE:D0:10:8D:53:D7:3E:43:DF:71:F1
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E9F31B19885C1322050C65675EAB9C916
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8DviUSdDfcNl3tAQjVPXPkPfcfE.roa
Signing time: Tue 02 Apr 2024 14:23:37 +0000
ROA not before: Tue 02 Apr 2024 14:23:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.86.3.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 12:28:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:31:b1:98:85:c1:32:20:50:c6:56:75:ea:b9:c9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 2 14:23:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f03be25127437dc365ded0108d53d73e43df71f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:bd:3d:59:e9:f5:30:0e:88:68:18:2d:59:
a7:ca:d0:d5:95:d0:60:4f:fa:13:1f:e9:78:97:fb:
38:94:4c:9c:5e:00:72:60:8b:87:56:cf:64:9e:43:
8a:25:76:e5:2f:83:1c:bb:4d:22:2e:ce:fc:c8:e8:
7c:ab:75:0d:0e:fc:24:7a:81:c6:6c:37:5b:cf:b8:
a6:5d:4c:b4:c9:9d:b1:59:2c:81:b0:57:20:9e:cc:
bf:c0:fa:49:d9:01:b3:1f:8f:9c:7e:2f:f2:01:cc:
7c:0c:4c:4d:84:4b:48:ea:c0:4e:24:9a:04:3a:91:
1a:4c:5b:93:07:9f:2b:07:55:a9:38:8e:8c:57:47:
02:bb:49:9c:a9:d5:7e:6a:72:48:0a:c9:2f:a3:dc:
8e:b8:d3:9d:33:14:ac:77:9f:8b:07:35:22:68:a8:
a8:52:c3:e6:87:05:dc:dd:b2:f7:78:7c:75:14:ea:
a0:62:c5:ee:7c:88:60:91:46:05:ab:44:3c:2b:06:
ce:5d:7d:ba:66:78:56:56:26:bc:de:3f:d5:a4:dc:
49:b6:e3:35:fe:1a:cf:76:56:5f:4b:c4:c1:5d:b9:
f3:6b:f3:3e:be:2c:95:82:a5:85:71:13:12:a2:f5:
17:d8:6e:81:16:e6:ba:db:7f:e6:d0:6c:f3:ad:ad:
5f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3B:E2:51:27:43:7D:C3:65:DE:D0:10:8D:53:D7:3E:43:DF:71:F1
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8DviUSdDfcNl3tAQjVPXPkPfcfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
45.128.130.0/23
46.149.174.0/24
46.174.192.0/21
62.204.32.0/24
185.253.2.0/24
188.64.140.0/24
195.96.141.0/24
212.60.6.0/24
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
34:55:ea:99:1e:b3:f3:16:c5:c7:7b:8c:5e:fd:f1:6a:a2:78:
61:e9:75:7a:93:c6:c5:55:9e:77:b2:4c:72:59:26:66:18:8d:
d2:3e:79:7f:1c:aa:c9:2f:c3:a7:ab:f5:ac:6c:be:13:3f:55:
7a:47:f3:9d:42:e8:e3:2b:4b:81:90:8f:cb:9b:06:90:cf:71:
6f:47:9c:77:e0:86:7b:c9:1a:a2:c5:78:3e:11:17:29:58:79:
c4:df:c9:6a:75:5a:99:04:4b:c0:3c:fb:58:7c:e1:80:e9:e6:
d5:55:19:e9:51:b0:db:da:6e:d7:cf:62:ca:65:08:ca:69:17:
82:68:7e:6a:ea:3e:f5:0e:c8:fb:05:13:55:f4:29:59:9c:cf:
3c:f2:13:e5:67:26:2d:1b:03:58:ce:16:12:e7:fa:ea:e3:30:
ee:6b:1d:84:5e:59:87:a5:60:e3:e1:22:e2:14:e4:9c:e4:92:
62:cd:2e:c8:ec:cd:29:78:f0:ae:76:b0:6e:fc:75:d8:2a:d5:
03:e2:9d:26:95:e1:0c:7c:41:e5:e3:19:9a:2b:fe:c1:1e:1f:
be:64:b0:75:a5:c6:1d:d8:90:b1:a7:63:37:bd:73:99:1e:eb:
8e:bd:55:04:bb:db:7d:83:d2:78:06:c3:ad:a8:a4:ce:50:e1:
4e:ba:63:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY6fMbGYhcEyIFDGVnXquckWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDAyMTQyMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNiZTI1MTI3NDM3ZGMzNjVkZWQwMTA4ZDUzZDczZTQzZGY3MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxK9PVnp9TAOiGgYLVmnytDVldBg
T/oTH+l4l/s4lEycXgByYIuHVs9knkOKJXblL4Mcu00iLs78yOh8q3UNDvwkeoHG
bDdbz7imXUy0yZ2xWSyBsFcgnsy/wPpJ2QGzH4+cfi/yAcx8DExNhEtI6sBOJJoE
OpEaTFuTB58rB1WpOI6MV0cCu0mcqdV+anJICskvo9yOuNOdMxSsd5+LBzUiaKio
UsPmhwXc3bL3eHx1FOqgYsXufIhgkUYFq0Q8KwbOXX26ZnhWVia83j/VpNxJtuM1
/hrPdlZfS8TBXbnza/M+viyVgqWFcRMSovUX2G6BFua623/m0Gzzra1f/QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPA74lEnQ33DZd7QEI1T1z5D33HxMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOER2aVVTZERmY05sM3RBUWpWUFhQa1BmY2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVYDAwQB
LYCCAwQALpWuAwQDLq7AAwQAPswgAwQAuf0CAwQAvECMAwQAw2CNAwQA1DwGAwQA
1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQA0VeqZHrPzFsXHe4xe/fFqonhh6XV6k8bF
VZ53skxyWSZmGI3SPnl/HKrJL8Onq/WsbL4TP1V6R/OdQujjK0uBkI/LmwaQz3Fv
R5x34IZ7yRqixXg+ERcpWHnE38lqdVqZBEvAPPtYfOGA6ebVVRnpUbDb2m7Xz2LK
ZQjKaReCaH5q6j71Dsj7BRNV9ClZnM888hPlZyYtGwNYzhYS5/rq4zDuax2EXlmH
pWDj4SLiFOSc5JJizS7I7M0pePCudrBu/HXYKtUD4p0mleEMfEHl4xmaK/7BHh++
ZLB1pcYd2JCxp2M3vXOZHuuOvVUEu9t9g9J4BsOtqKTOUOFOumNr
-----END CERTIFICATE-----
Generated at Mon Apr 8 16:48:51 2024 by rpki-client on console-ams.rpki-client.org