Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa
File: 0kZ71jasCARN7mLFIJ1jyI_h6go.roa (raw, json)
Hash identifier: 7xTCXN278y66Y4vmb7obcwC3bp7CuiZwB9Ou4XUj2DY=
Subject key identifier: D2:46:7B:D6:36:AC:08:04:4D:EE:62:C5:20:9D:63:C8:8F:E1:EA:0A
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018D2D6E2ED28EDACE5F9C514EB00C33B9A1
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa
Signing time: Sun 21 Jan 2024 19:10:12 +0000
ROA not before: Sun 21 Jan 2024 19:10:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.144.38.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
194.61.234.0/24 maxlen: 24
194.61.235.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:6e:2e:d2:8e:da:ce:5f:9c:51:4e:b0:0c:33:b9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 21 19:10:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2467bd636ac08044dee62c5209d63c88fe1ea0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:4a:98:86:2d:b5:25:8e:ef:3e:b9:c6:1a:
c7:50:f4:37:ff:78:99:f4:d1:bc:c0:b0:3a:60:55:
84:08:55:ce:7b:ed:8e:43:c0:28:20:5f:1e:79:e5:
34:9a:38:0c:c7:10:8c:b8:9d:63:b0:b3:d9:c6:38:
0f:13:81:e0:e8:be:ba:34:f0:1a:46:ed:4b:6b:32:
29:df:a5:c8:13:50:70:d8:df:70:79:3e:52:ee:94:
f9:35:8d:fe:ff:06:99:51:a3:8c:40:90:b3:c3:1e:
8e:ce:c0:13:53:68:d0:a0:c6:54:48:39:09:a7:f7:
32:1f:4f:b5:be:65:7f:73:24:3a:4b:3f:eb:ca:e9:
41:b5:4f:1a:fc:57:cd:de:85:f0:75:fd:6b:8e:3a:
84:4d:f8:ed:f1:b3:ec:8f:23:1e:c7:2f:74:4c:09:
3f:3a:7f:c4:98:95:c9:88:b0:f2:63:4a:26:91:20:
81:ea:08:de:17:f4:bb:be:d4:6f:55:b0:17:7e:0c:
24:79:a8:7f:1d:6b:01:f0:31:db:48:0f:4f:9a:53:
0b:0d:7f:6e:47:d8:43:9f:12:fe:ce:3b:42:8a:f8:
ba:34:50:4d:ea:05:6a:2a:21:c8:63:0c:19:a0:c9:
2d:43:55:22:ee:c1:3c:4b:d5:ea:f1:0f:a3:c9:c5:
8e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:46:7B:D6:36:AC:08:04:4D:EE:62:C5:20:9D:63:C8:8F:E1:EA:0A
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/0kZ71jasCARN7mLFIJ1jyI_h6go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.144.38.0/24
45.145.3.0/24
85.8.187.0/24
194.32.250.0/24
194.61.234.0/23
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:41:23:72:02:0b:4a:28:98:7a:03:c5:be:cb:41:9f:78:8a:
42:13:01:5a:f8:cd:ef:15:fa:ca:3f:b0:79:f5:20:67:da:e4:
dc:75:16:d7:67:7f:6c:50:1c:6c:1a:33:e6:6a:55:5c:8e:82:
2c:cb:7d:ef:65:fa:34:1d:10:62:9b:97:72:51:13:be:e5:da:
07:37:d7:57:ab:2f:ee:b7:d9:35:f9:1f:12:3a:cb:cd:a5:f5:
46:12:7c:d5:ff:e5:5d:77:b6:1e:2e:3c:51:24:31:b8:cd:90:
76:3a:c3:ca:35:23:bf:96:2c:9e:35:c5:69:1d:e4:f6:31:f4:
e0:43:7f:af:dd:89:53:a4:93:a3:68:18:12:b8:a2:32:20:ff:
13:57:cf:f2:38:c3:60:6b:75:e0:95:0f:1a:a0:3f:db:7d:23:
2e:33:f0:88:34:9b:0b:4c:ef:2f:1d:6f:28:73:69:8f:2d:66:
17:32:df:26:57:94:1b:a4:c8:5e:5b:ff:3f:d5:ad:09:02:50:
85:21:3f:c2:99:bb:f6:97:77:11:75:8a:f6:3a:2f:cf:98:1d:
96:b7:65:07:fa:d3:60:2f:77:65:c0:ac:86:83:58:72:af:15:
29:32:85:73:ca:9a:a2:80:6c:bf:e2:28:13:79:f8:29:87:8b:
e8:18:94:8b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY0tbi7SjtrOX5xRTrAMM7mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTIxMTkxMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQ2N2JkNjM2YWMwODA0NGRlZTYyYzUyMDlkNjNjODhmZTFlYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudpKmIYttSWO7z65xhrHUPQ3/3iZ
9NG8wLA6YFWECFXOe+2OQ8AoIF8eeeU0mjgMxxCMuJ1jsLPZxjgPE4Hg6L66NPAa
Ru1LazIp36XIE1Bw2N9weT5S7pT5NY3+/waZUaOMQJCzwx6OzsATU2jQoMZUSDkJ
p/cyH0+1vmV/cyQ6Sz/ryulBtU8a/FfN3oXwdf1rjjqETfjt8bPsjyMexy90TAk/
On/EmJXJiLDyY0omkSCB6gjeF/S7vtRvVbAXfgwkeah/HWsB8DHbSA9PmlMLDX9u
R9hDnxL+zjtCivi6NFBN6gVqKiHIYwwZoMktQ1Ui7sE8S9Xq8Q+jycWO8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNJGe9Y2rAgETe5ixSCdY8iP4eoKMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvMGtaNzFqYXNDQVJON21MRklKMWp5SV9oNmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAwiD6AwQBwj3qAwQA1YvnMA0G
CSqGSIb3DQEBCwUAA4IBAQBPQSNyAgtKKJh6A8W+y0GfeIpCEwFa+M3vFfrKP7B5
9SBn2uTcdRbXZ39sUBxsGjPmalVcjoIsy33vZfo0HRBim5dyURO+5doHN9dXqy/u
t9k1+R8SOsvNpfVGEnzV/+Vdd7YeLjxRJDG4zZB2OsPKNSO/liyeNcVpHeT2MfTg
Q3+v3YlTpJOjaBgSuKIyIP8TV8/yOMNga3XglQ8aoD/bfSMuM/CINJsLTO8vHW8o
c2mPLWYXMt8mV5QbpMheW/8/1a0JAlCFIT/Cmbv2l3cRdYr2Oi/PmB2Wt2UH+tNg
L3dlwKyGg1hyrxUpMoVzypqigGy/4igTefgph4voGJSL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org