Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/Ok2Oz5XXsFYaaUfyWkHgmpGxkRs.roa
File: Ok2Oz5XXsFYaaUfyWkHgmpGxkRs.roa (raw, json)
Hash identifier: oYqKDzCK1z8n/FztzRE5LJxs44qSc6T8fnvggMvDAXA=
Subject key identifier: 3A:4D:8E:CF:95:D7:B0:56:1A:69:47:F2:5A:41:E0:9A:91:B1:91:1B
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018CC26D2F8FB14ADCF965330EFCA4CEB93E
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/Ok2Oz5XXsFYaaUfyWkHgmpGxkRs.roa
Signing time: Mon 01 Jan 2024 00:29:44 +0000
ROA not before: Mon 01 Jan 2024 00:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 146.19.160.0/24 maxlen: 24
212.52.12.0/24 maxlen: 24
45.131.79.0/24 maxlen: 24
79.110.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 06:22:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2f:8f:b1:4a:dc:f9:65:33:0e:fc:a4:ce:b9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Jan 1 00:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a4d8ecf95d7b0561a6947f25a41e09a91b1911b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2f:1a:f1:da:e7:37:0d:39:ed:b6:12:b2:db:
87:2b:97:c8:27:19:3b:5b:96:ae:73:23:47:c7:d3:
91:36:23:2d:a0:2a:52:e1:ef:4b:c8:68:76:0c:cb:
78:9a:48:44:af:83:94:ec:38:5b:a6:08:56:3c:ce:
96:88:da:51:3a:b9:f6:90:b4:e2:0b:99:a8:9e:ec:
fa:e1:d8:12:91:5c:29:41:f1:81:66:31:e2:56:01:
13:64:c4:20:de:d7:76:8d:c6:77:59:07:c4:51:5d:
1f:66:4e:60:4d:12:8f:19:cf:b5:31:ed:ea:1c:b7:
e7:ee:d6:6c:b1:59:45:86:8a:9d:13:1b:f9:c8:44:
67:f8:24:b7:92:3c:2c:b3:10:5e:4c:fb:c4:32:70:
10:74:cd:e0:46:18:7f:6f:c1:1e:77:e7:f4:5b:40:
1b:c4:33:ae:31:2b:0d:e5:d6:d9:57:c3:cc:2b:6f:
92:7e:99:84:c4:ef:70:f1:60:7f:3f:98:a4:11:f7:
2a:af:3b:3f:11:43:93:39:7f:73:89:f6:cb:e5:42:
94:26:7f:9c:9a:58:d1:cf:58:c0:c7:e5:0f:47:2c:
96:47:c4:6a:a7:cb:02:ff:36:c8:70:bd:0d:1f:9c:
28:e0:4f:c7:a7:5c:a6:c2:32:4c:c1:dc:ca:54:02:
2b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4D:8E:CF:95:D7:B0:56:1A:69:47:F2:5A:41:E0:9A:91:B1:91:1B
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/Ok2Oz5XXsFYaaUfyWkHgmpGxkRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.79.0/24
79.110.236.0/24
146.19.160.0/24
212.52.12.0/24
Signature Algorithm: sha256WithRSAEncryption
83:2f:9b:6b:2c:a7:94:53:8f:c2:e8:65:65:8f:b7:3f:ce:2f:
46:2b:63:c6:5c:88:bc:78:7c:18:b6:17:08:4f:5d:28:88:31:
22:86:ec:59:06:5d:bf:d3:45:4f:d6:77:e2:ea:49:23:f3:cb:
f0:90:9a:48:64:b2:12:2a:d4:de:1c:53:d9:56:38:5c:03:fb:
77:f0:d5:03:50:7d:8c:3e:cb:7b:08:c1:3f:67:0d:2b:91:30:
be:fd:09:86:1c:07:6b:70:9d:20:7d:f2:fd:85:38:aa:dc:ca:
82:88:96:14:7a:56:17:4f:85:01:e2:9f:fa:a9:6a:48:c5:f9:
8e:aa:68:a6:eb:56:99:9c:d2:f2:e7:2f:1c:e2:b7:d9:bd:6b:
1c:58:a5:7e:67:b6:01:dd:87:ff:23:64:ae:ac:c5:01:4b:ec:
cd:95:fc:70:23:93:22:dd:dd:5f:11:83:74:f0:07:ec:9e:ad:
cb:0d:34:6a:0c:cc:76:1d:57:a4:80:fc:2f:0c:6d:c1:fd:aa:
5b:57:c0:06:ec:8e:7a:be:b4:57:fb:09:b3:bb:f1:1b:ce:a3:
db:4d:94:b3:a8:bc:12:88:cd:a2:23:29:4c:09:26:df:d1:fb:
55:3f:52:3c:a4:5e:05:5f:18:f0:ff:25:32:c8:c5:d4:39:af:
88:ba:92:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbS+PsUrc+WUzDvykzrk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQwMTAxMDAyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRkOGVjZjk1ZDdiMDU2MWE2OTQ3ZjI1YTQxZTA5YTkxYjE5MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC8a8drnNw057bYSstuHK5fIJxk7
W5aucyNHx9ORNiMtoCpS4e9LyGh2DMt4mkhEr4OU7DhbpghWPM6WiNpROrn2kLTi
C5monuz64dgSkVwpQfGBZjHiVgETZMQg3td2jcZ3WQfEUV0fZk5gTRKPGc+1Me3q
HLfn7tZssVlFhoqdExv5yERn+CS3kjwssxBeTPvEMnAQdM3gRhh/b8Eed+f0W0Ab
xDOuMSsN5dbZV8PMK2+SfpmExO9w8WB/P5ikEfcqrzs/EUOTOX9zifbL5UKUJn+c
mljRz1jAx+UPRyyWR8Rqp8sC/zbIcL0NH5wo4E/Hp1ymwjJMwdzKVAIr4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpNjs+V17BWGmlH8lpB4JqRsZEbMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvT2syT3o1WFhzRllhYVVmeVdrSGdtcEd4a1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYNPAwQA
T27sAwQAkhOgAwQA1DQMMA0GCSqGSIb3DQEBCwUAA4IBAQCDL5trLKeUU4/C6GVl
j7c/zi9GK2PGXIi8eHwYthcIT10oiDEihuxZBl2/00VP1nfi6kkj88vwkJpIZLIS
KtTeHFPZVjhcA/t38NUDUH2MPst7CME/Zw0rkTC+/QmGHAdrcJ0gffL9hTiq3MqC
iJYUelYXT4UB4p/6qWpIxfmOqmim61aZnNLy5y8c4rfZvWscWKV+Z7YB3Yf/I2Su
rMUBS+zNlfxwI5Mi3d1fEYN08Afsnq3LDTRqDMx2HVekgPwvDG3B/apbV8AG7I56
vrRX+wmzu/EbzqPbTZSzqLwSiM2iIylMCSbf0ftVP1I8pF4FXxjw/yUyyMXUOa+I
upLf
-----END CERTIFICATE-----
Generated at Thu Apr 25 07:19:18 2024 by rpki-client on console-fra.rpki-client.org