Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/g1DOI7lUNd3plJg-iVeNrd2v89I.roa
File: g1DOI7lUNd3plJg-iVeNrd2v89I.roa (raw, json)
Hash identifier: HU3J0UwgO1ICJg6m6092qjbXh6IZk4SQs9955XZ3qgo=
Subject key identifier: 83:50:CE:23:B9:54:35:DD:E9:94:98:3E:89:57:8D:AD:DD:AF:F3:D2
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EBDAE7E8F9A876B37A295535681E99E44
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/g1DOI7lUNd3plJg-iVeNrd2v89I.roa
Signing time: Mon 08 Apr 2024 12:28:33 +0000
ROA not before: Mon 08 Apr 2024 12:28:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.86.3.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
46.174.192.0/24 maxlen: 24
46.174.193.0/24 maxlen: 24
46.174.194.0/24 maxlen: 24
46.174.195.0/24 maxlen: 24
46.174.196.0/24 maxlen: 24
46.174.197.0/24 maxlen: 24
46.174.198.0/24 maxlen: 24
46.174.199.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
195.96.141.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 19:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ae:7e:8f:9a:87:6b:37:a2:95:53:56:81:e9:9e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 8 12:28:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8350ce23b95435dde994983e89578dadddaff3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0e:d6:55:1f:6f:ad:8d:ea:b0:91:c9:67:a2:
3c:4e:a9:2b:34:5a:12:df:31:00:70:64:13:c3:d3:
c6:ec:8e:38:43:5b:65:9d:f9:66:68:2d:95:ba:30:
14:64:12:a9:ae:d0:80:4d:35:79:7a:48:f4:3e:ee:
59:e1:72:d6:91:eb:a6:89:7a:36:f1:64:4e:7c:74:
66:f8:78:33:a0:1d:2d:6c:62:4b:f7:8c:cd:62:4e:
48:bd:bc:31:3e:e6:40:2f:f8:ba:e5:e3:41:3c:4a:
32:fd:4a:01:23:1f:b7:d5:5d:46:a6:22:0d:9e:a0:
fd:6f:b9:72:7d:79:76:98:5e:ff:6d:a9:36:5b:60:
98:5c:b4:3a:dd:d7:f3:f5:14:df:36:56:e4:38:0c:
a1:37:87:d4:88:9d:04:00:3d:d4:fd:5f:08:40:08:
ec:44:c9:28:f4:89:23:92:fa:09:95:8b:63:6f:7b:
1c:49:4a:8a:b4:9b:a9:b2:85:56:62:c1:32:3c:b6:
d6:a5:5c:0f:95:d2:67:c6:72:ed:98:5f:8c:40:f9:
63:42:a5:e7:61:a2:c9:bd:47:f8:b2:d4:59:24:a0:
06:8f:77:1c:33:5f:a3:e9:23:4c:ce:a0:ef:f9:f8:
57:e7:4e:f8:0b:05:60:d3:52:d3:b3:83:f8:66:09:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:50:CE:23:B9:54:35:DD:E9:94:98:3E:89:57:8D:AD:DD:AF:F3:D2
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/g1DOI7lUNd3plJg-iVeNrd2v89I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
45.128.130.0/23
46.149.174.0/24
46.174.192.0/21
62.204.32.0/24
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
195.96.141.0/24
212.60.6.0/24
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
59:88:4d:df:51:71:dd:e9:e8:38:3b:d9:3d:cc:92:73:8a:13:
00:b4:c7:fc:3e:ad:ed:62:28:9c:2d:b9:18:2e:d9:4c:3a:28:
f9:62:7a:c9:92:e5:d6:60:dd:85:e9:73:51:24:eb:92:84:c4:
8a:97:6e:49:2e:be:30:dd:a7:f9:d2:16:e4:9c:91:43:39:fe:
d0:fd:d0:3b:2f:71:ef:ff:2e:69:c6:48:dd:6b:0b:c5:39:a5:
05:7c:ca:43:b9:b5:ee:4b:a3:3c:1c:3f:f4:93:79:76:f1:6a:
37:7a:59:21:64:27:53:00:e7:e0:d5:59:2c:26:4c:33:cd:f7:
64:35:57:89:fc:04:bb:04:76:f0:cb:91:81:e6:c9:3f:da:7a:
71:3b:71:37:93:4d:d5:ed:05:ac:98:4a:48:17:58:b1:10:c3:
c8:76:4f:8e:92:03:51:a6:06:3e:78:35:96:91:42:dc:46:d7:
d6:3d:2d:73:2c:01:8b:cd:c3:71:1d:55:86:a4:fa:04:7f:8c:
a8:18:d5:2e:95:f2:2a:34:a4:7b:bc:ef:7d:d9:6f:79:a1:d6:
12:97:a6:50:ba:ff:a0:9b:22:63:5a:32:77:c1:d8:c3:35:dd:
0b:5e:02:72:ef:2d:1d:24:81:62:d9:20:d0:ea:a9:9b:0b:3d:
a8:0f:f8:0f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY69rn6PmodrN6KVU1aB6Z5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUwY2UyM2I5NTQzNWRkZTk5NDk4M2U4OTU3OGRhZGRkYWZmM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ7WVR9vrY3qsJHJZ6I8TqkrNFoS
3zEAcGQTw9PG7I44Q1tlnflmaC2VujAUZBKprtCATTV5ekj0Pu5Z4XLWkeumiXo2
8WROfHRm+HgzoB0tbGJL94zNYk5IvbwxPuZAL/i65eNBPEoy/UoBIx+31V1GpiIN
nqD9b7lyfXl2mF7/bak2W2CYXLQ63dfz9RTfNlbkOAyhN4fUiJ0EAD3U/V8IQAjs
RMko9IkjkvoJlYtjb3scSUqKtJupsoVWYsEyPLbWpVwPldJnxnLtmF+MQPljQqXn
YaLJvUf4stRZJKAGj3ccM1+j6SNMzqDv+fhX5074CwVg01LTs4P4ZgnnxQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFINQziO5VDXd6ZSYPolXja3dr/PSMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZzFET0k3bFVOZDNwbEpnLWlWZU5yZDJ2ODlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALVYDAwQB
LYCCAwQALpWuAwQDLq7AAwQAPswgAwQAstROAwQAuf0CAwQAvECMAwQAvF2IAwQA
w2CNAwQA1DwGAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQBZiE3fUXHd6eg4O9k9
zJJzihMAtMf8Pq3tYiicLbkYLtlMOij5YnrJkuXWYN2F6XNRJOuShMSKl25JLr4w
3af50hbknJFDOf7Q/dA7L3Hv/y5pxkjdawvFOaUFfMpDubXuS6M8HD/0k3l28Wo3
elkhZCdTAOfg1VksJkwzzfdkNVeJ/AS7BHbwy5GB5sk/2npxO3E3k03V7QWsmEpI
F1ixEMPIdk+OkgNRpgY+eDWWkULcRtfWPS1zLAGLzcNxHVWGpPoEf4yoGNUulfIq
NKR7vO992W95odYSl6ZQuv+gmyJjWjJ3wdjDNd0LXgJy7y0dJIFi2SDQ6qmbCz2o
D/gP
-----END CERTIFICATE-----
Generated at Mon Apr 15 21:59:39 2024 by rpki-client on console-fra.rpki-client.org