Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jIHDtJAHZXNLIUNMxphRguCGdow.roa
File: jIHDtJAHZXNLIUNMxphRguCGdow.roa (raw, json)
Hash identifier: b8/ik7aucMpOGeGAfib4gciUvXePCa4Ymf0CqQHz8jA=
Subject key identifier: 8C:81:C3:B4:90:07:65:73:4B:21:43:4C:C6:98:51:82:E0:86:76:8C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EBDAE7B3C40FBA9E9DB3C7618D4F5DB17
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jIHDtJAHZXNLIUNMxphRguCGdow.roa
Signing time: Mon 08 Apr 2024 12:28:32 +0000
ROA not before: Mon 08 Apr 2024 12:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.86.3.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
178.212.78.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 19:59:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ae:7b:3c:40:fb:a9:e9:db:3c:76:18:d4:f5:db:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 8 12:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c81c3b4900765734b21434cc6985182e086768c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:84:d5:25:14:d1:fd:0e:bf:0c:13:59:1d:27:
52:76:79:be:61:e5:cd:fa:d0:7e:5a:ba:81:a3:74:
9e:b7:cc:8b:a7:c7:6b:f8:c9:45:b3:8c:02:0d:e2:
d4:79:01:77:ee:1d:38:6f:49:11:d2:f1:c1:92:b1:
52:fa:37:3c:bf:04:f4:7b:87:a1:44:36:c0:be:02:
35:f6:e5:f5:8e:fb:47:a0:0b:a5:df:70:4b:ab:05:
b3:ec:bb:8c:60:0f:15:62:c5:d1:26:36:94:5a:08:
e1:0c:82:4f:b0:35:7a:75:4e:83:ff:39:8b:59:ce:
2f:c5:c9:a2:47:4b:da:20:10:10:9f:6b:6d:1e:85:
32:87:7d:b7:69:42:48:97:5d:f7:20:7b:ba:04:08:
5f:d3:c6:a0:8f:98:52:26:e8:13:93:fe:8e:6b:f5:
a5:fa:17:ca:6c:68:5e:ec:74:03:e1:b3:24:61:c3:
94:fa:ac:6e:78:5c:04:9c:46:03:8d:ef:7d:96:53:
e3:39:4c:bb:23:01:2b:ca:99:d0:aa:0e:fa:ca:ea:
20:4b:ba:2a:c6:3e:91:d7:c5:7e:1a:ed:27:b4:1c:
b2:f8:08:60:2c:98:fa:d3:8b:22:ce:2a:bc:2d:b4:
6f:36:be:64:88:06:2d:e1:73:4e:b6:2d:52:c6:95:
13:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:81:C3:B4:90:07:65:73:4B:21:43:4C:C6:98:51:82:E0:86:76:8C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/jIHDtJAHZXNLIUNMxphRguCGdow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.3.0/24
45.128.130.0/23
46.149.174.0/24
62.204.32.0/24
83.171.212.0/22
178.212.78.0/24
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
212.60.6.0/24
212.107.24.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ed:e5:22:9a:d3:6c:e9:a7:7e:ae:be:57:d9:08:3f:40:81:
eb:6d:4d:f6:70:97:4b:89:9a:ee:5e:6d:9a:24:b4:99:b6:07:
8c:dc:cd:e4:c5:61:04:69:88:01:f3:5d:63:81:80:e4:7c:2a:
04:42:f1:0c:f9:6e:d3:5c:66:bc:0a:6e:36:f0:4d:4e:3b:05:
18:51:2c:e7:b9:46:6c:58:a1:84:51:de:1a:06:cc:c9:d8:6b:
80:18:11:5e:6a:1b:12:c1:21:74:e9:6e:98:7f:9d:9d:92:78:
ab:4d:1e:22:84:ed:1e:97:81:fa:75:30:e7:f7:24:0b:2e:de:
6c:3f:96:72:7c:78:cf:78:8a:5a:66:71:ca:ba:53:56:62:b6:
5d:55:d3:84:d6:7a:4e:b8:0d:35:fd:06:f3:22:03:c9:a1:d2:
b7:59:37:4d:ea:38:75:5d:be:f5:99:08:16:84:02:63:1a:55:
45:3d:5c:2a:0c:14:36:fa:bf:ef:ea:bf:1f:59:8d:bd:85:87:
75:e0:28:d8:11:3e:60:5b:ad:95:06:40:a9:f9:4c:fe:c5:c8:
17:c5:e6:38:86:a6:a4:49:98:fa:24:a8:61:c7:ad:9e:ad:b0:
a3:b4:4d:a1:9a:77:42:67:05:60:00:02:32:6e:8e:40:e9:85:
83:85:e5:fd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY69rns8QPup6ds8dhjU9dsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzgxYzNiNDkwMDc2NTczNGIyMTQzNGNjNjk4NTE4MmUwODY3NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoTVJRTR/Q6/DBNZHSdSdnm+YeXN
+tB+WrqBo3Set8yLp8dr+MlFs4wCDeLUeQF37h04b0kR0vHBkrFS+jc8vwT0e4eh
RDbAvgI19uX1jvtHoAul33BLqwWz7LuMYA8VYsXRJjaUWgjhDIJPsDV6dU6D/zmL
Wc4vxcmiR0vaIBAQn2ttHoUyh323aUJIl133IHu6BAhf08agj5hSJugTk/6Oa/Wl
+hfKbGhe7HQD4bMkYcOU+qxueFwEnEYDje99llPjOUy7IwErypnQqg76yuogS7oq
xj6R18V+Gu0ntByy+AhgLJj604siziq8LbRvNr5kiAYt4XNOti1SxpUTkQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIyBw7SQB2VzSyFDTMaYUYLghnaMMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaklIRHRKQUhaWE5MSVVOTXhwaFJndUNHZG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVYDAwQB
LYCCAwQALpWuAwQAPswgAwQCU6vUAwQAstROAwQAuf0CAwQAvECMAwQAvF2IAwQA
1DwGAwQA1GsYMA0GCSqGSIb3DQEBCwUAA4IBAQCS7eUimtNs6ad+rr5X2Qg/QIHr
bU32cJdLiZruXm2aJLSZtgeM3M3kxWEEaYgB811jgYDkfCoEQvEM+W7TXGa8Cm42
8E1OOwUYUSznuUZsWKGEUd4aBszJ2GuAGBFeahsSwSF06W6Yf52dknirTR4ihO0e
l4H6dTDn9yQLLt5sP5ZyfHjPeIpaZnHKulNWYrZdVdOE1npOuA01/QbzIgPJodK3
WTdN6jh1Xb71mQgWhAJjGlVFPVwqDBQ2+r/v6r8fWY29hYd14CjYET5gW62VBkCp
+Uz+xcgXxeY4hqakSZj6JKhhx62erbCjtE2hmndCZwVgAAIybo5A6YWDheX9
-----END CERTIFICATE-----
Generated at Mon Apr 15 22:46:51 2024 by rpki-client on console-ams.rpki-client.org