Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa
File: 9tcjjwDM95f1YTQpla-GyYmTF7o.roa (raw, json)
Hash identifier: 8aFp9e/tDtjDFUDNIJ5hYVwVkMfdsG6eKIvKOYR/xDQ=
Subject key identifier: F6:D7:23:8F:00:CC:F7:97:F5:61:34:29:95:AF:86:C9:89:93:17:BA
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018D13D7F528312C6D550665DEE069E9E013
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa
Signing time: Tue 16 Jan 2024 19:55:36 +0000
ROA not before: Tue 16 Jan 2024 19:55:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 19:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:f5:28:31:2c:6d:55:06:65:de:e0:69:e9:e0:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 16 19:55:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6d7238f00ccf797f561342995af86c9899317ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:ce:74:20:f2:3b:fc:55:bd:40:93:1e:af:
b6:cc:97:d1:94:ec:4f:7f:27:65:c8:4f:6f:0b:42:
b2:09:e8:fd:ff:e5:bd:50:5b:f7:46:5f:11:82:6f:
e7:f3:8b:e4:02:af:97:6f:11:34:d7:f8:3c:cc:a6:
0b:3c:2c:e1:a9:6a:a0:a0:e8:a5:d3:5b:db:fe:02:
70:47:c9:5c:42:c5:90:84:38:6c:e7:cb:5e:3f:6d:
25:c2:5c:72:14:31:b2:95:d2:a6:a9:1e:58:b4:86:
fb:3a:06:83:a3:79:b1:0d:80:53:7a:37:72:64:12:
21:9a:82:01:cc:46:2e:49:57:b6:ce:df:56:c0:9e:
83:4d:79:f4:c1:8c:f3:99:bd:4a:d3:d7:dc:e9:05:
e6:2e:18:77:30:0a:17:cf:29:ea:46:54:5d:c8:df:
dc:10:00:82:c9:c5:01:ec:b0:c6:9a:8a:d1:e5:d1:
5b:b0:ce:70:61:36:27:cc:ba:7b:e9:3a:73:03:a4:
e7:03:2b:30:e7:42:f4:2f:37:31:18:3d:63:f7:e3:
69:f4:d6:32:e1:35:88:fc:c7:fb:a6:37:a9:90:c1:
8a:89:1b:75:de:29:39:a6:13:70:b3:ef:69:9f:c2:
f8:0a:71:33:d0:f9:17:43:85:4c:f9:17:3f:ea:0d:
9d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D7:23:8F:00:CC:F7:97:F5:61:34:29:95:AF:86:C9:89:93:17:BA
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/9tcjjwDM95f1YTQpla-GyYmTF7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.145.3.0/24
85.8.187.0/24
194.32.250.0/24
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c1:6b:26:2e:a8:36:0c:16:d8:ed:99:01:7f:17:d0:82:c8:
29:f2:70:6b:a4:42:08:bf:a2:f0:d2:79:a8:2a:1b:ae:e3:b1:
b8:4e:c9:b7:f4:db:64:fe:45:e7:c3:46:d3:f4:7f:45:7c:c0:
9c:28:09:fa:92:b8:85:d4:2b:ad:57:71:55:ab:c3:50:40:43:
95:78:57:38:24:9a:4a:a6:4a:1b:07:7a:83:c9:cf:c7:92:7c:
26:ee:58:d1:2c:42:f8:62:e2:f0:b4:d8:30:b4:d8:3c:5f:57:
6a:5a:73:76:9c:a0:52:80:68:88:51:1d:f1:05:7d:be:fa:01:
61:d1:a4:aa:05:f1:18:0f:0b:a0:14:b3:1f:9a:44:10:57:4c:
3a:b7:5d:3a:51:2e:b8:6d:5c:65:31:36:cd:06:cc:8c:a2:13:
f3:d4:4d:86:da:96:11:24:8c:3a:f6:c7:ad:3f:d3:3e:6b:8c:
6c:41:ae:cd:38:3a:51:59:56:d8:61:a4:c6:b2:6f:97:c8:3b:
c6:4a:02:e8:87:45:9a:6e:84:1b:8a:94:b9:a7:43:9f:e2:7e:
72:74:fd:85:ad:04:49:d0:05:84:2e:d9:29:81:f9:01:b1:0d:
8a:c7:d8:7b:90:9d:f9:95:bc:98:72:5c:d6:4b:6c:d2:6a:43:
30:e0:29:ea
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0T1/UoMSxtVQZl3uBp6eATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTE2MTk1NTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmQ3MjM4ZjAwY2NmNzk3ZjU2MTM0Mjk5NWFmODZjOTg5OTMxN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicDOdCDyO/xVvUCTHq+2zJfRlOxP
fydlyE9vC0KyCej9/+W9UFv3Rl8Rgm/n84vkAq+XbxE01/g8zKYLPCzhqWqgoOil
01vb/gJwR8lcQsWQhDhs58teP20lwlxyFDGyldKmqR5YtIb7OgaDo3mxDYBTejdy
ZBIhmoIBzEYuSVe2zt9WwJ6DTXn0wYzzmb1K09fc6QXmLhh3MAoXzynqRlRdyN/c
EACCycUB7LDGmorR5dFbsM5wYTYnzLp76TpzA6TnAysw50L0LzcxGD1j9+Np9NYy
4TWI/Mf7pjepkMGKiRt13ik5phNws+9pn8L4CnEz0PkXQ4VM+Rc/6g2dNQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPbXI48AzPeX9WE0KZWvhsmJkxe6MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvOXRjamp3RE05NWYxWVRRcGxhLUd5WW1URjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQicAwQA
LVVAAwQALVVDAwQALZEDAwQAVQi7AwQAwiD6AwQA1YvnMA0GCSqGSIb3DQEBCwUA
A4IBAQAhwWsmLqg2DBbY7ZkBfxfQgsgp8nBrpEIIv6Lw0nmoKhuu47G4Tsm39Ntk
/kXnw0bT9H9FfMCcKAn6kriF1CutV3FVq8NQQEOVeFc4JJpKpkobB3qDyc/Hknwm
7ljRLEL4YuLwtNgwtNg8X1dqWnN2nKBSgGiIUR3xBX2++gFh0aSqBfEYDwugFLMf
mkQQV0w6t106US64bVxlMTbNBsyMohPz1E2G2pYRJIw69setP9M+a4xsQa7NODpR
WVbYYaTGsm+XyDvGSgLoh0WaboQbipS5p0Of4n5ydP2FrQRJ0AWELtkpgfkBsQ2K
x9h7kJ35lbyYclzWS2zSakMw4Cnq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org