Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xPb3g1MCqII4g6qtcPcL2-wPhK8.roa
File: xPb3g1MCqII4g6qtcPcL2-wPhK8.roa (raw, json)
Hash identifier: I1aZQI5HvHzvqNQRtTiaqu+XdTIeiLoCh43awWVf9eM=
Subject key identifier: C4:F6:F7:83:53:02:A8:82:38:83:AA:AD:70:F7:0B:DB:EC:0F:84:AF
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018C3F596F092CA774232231F9585A9C02E6
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xPb3g1MCqII4g6qtcPcL2-wPhK8.roa
Signing time: Wed 06 Dec 2023 13:37:54 +0000
ROA not before: Wed 06 Dec 2023 13:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 146.19.160.0/24 maxlen: 24
212.52.12.0/24 maxlen: 24
45.131.79.0/24 maxlen: 24
79.110.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:59:6f:09:2c:a7:74:23:22:31:f9:58:5a:9c:02:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Dec 6 13:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f6f7835302a8823883aaad70f70bdbec0f84af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:44:13:dd:82:00:98:89:4b:aa:98:d9:ea:58:
c3:c5:a8:81:37:8e:f7:6f:93:07:18:c1:e8:7f:bd:
ad:44:11:4a:7b:b4:bd:82:87:68:bb:17:b8:83:07:
ea:92:3f:1d:f5:eb:56:0d:d2:5f:2d:eb:f9:1a:95:
9b:df:7c:1a:92:10:06:67:3b:f8:fb:36:d1:21:79:
97:64:f2:d0:77:a9:b2:bc:04:02:01:c2:94:28:db:
71:c1:82:2a:73:f9:69:12:15:31:23:6d:77:6f:c7:
f5:54:14:3d:13:14:7b:cb:6b:0a:a9:dd:62:c0:a0:
24:64:47:b0:a2:48:67:cf:fa:db:4d:80:54:77:f4:
c0:66:a2:1c:f5:36:3e:6a:f7:03:5f:13:d9:9e:99:
22:a9:90:d4:e8:74:0b:56:9c:26:80:62:ec:b1:2d:
fe:d9:bb:3c:e8:1e:48:1f:69:d2:0f:03:7f:75:fb:
37:68:20:14:10:e2:54:15:09:a7:26:cc:6e:b6:f8:
9d:7a:f4:17:b4:19:64:77:1d:f0:8d:e6:77:94:62:
fd:80:36:8f:76:d6:f9:63:35:30:ac:28:a7:a1:62:
57:82:61:14:83:dc:a1:e7:01:d6:9d:51:bd:f9:97:
4f:b3:a4:35:03:dc:7a:58:ad:f9:60:44:e3:de:45:
e4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F6:F7:83:53:02:A8:82:38:83:AA:AD:70:F7:0B:DB:EC:0F:84:AF
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/xPb3g1MCqII4g6qtcPcL2-wPhK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.79.0/24
79.110.236.0/24
146.19.160.0/24
212.52.12.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:d7:cb:16:9d:7d:4d:d2:1d:8e:5f:7a:e3:64:c3:92:8c:50:
fd:2b:7f:9a:19:60:6d:b5:9f:a6:1c:38:af:4d:b8:5d:22:76:
76:df:5a:12:55:b9:39:52:de:db:c9:b2:5c:82:20:ac:bb:62:
a9:31:6b:38:ec:ab:38:b6:49:7d:dc:e9:92:84:6e:59:5c:6e:
4b:40:d2:c3:c6:c4:ba:89:49:ee:67:20:d4:70:a4:a4:0e:de:
6e:70:c5:97:51:03:bb:aa:f2:5b:de:a8:6a:bc:2a:0e:cf:6f:
82:93:9d:4f:a1:5c:f7:c0:42:58:b4:8f:46:23:25:28:67:92:
1b:5a:37:2d:7a:af:10:be:27:70:67:f4:51:b0:8e:2a:33:14:
13:e8:be:a2:38:83:d1:d6:23:bd:5e:c1:14:c8:bd:75:4b:b9:
8e:11:84:3d:d7:1d:05:c7:ac:df:24:cf:e7:2e:46:c7:8d:4f:
c0:d8:54:e8:43:27:bd:b2:18:5e:96:8f:eb:3f:96:ff:17:26:
72:ed:13:bb:de:d0:3c:1d:97:d7:54:04:49:27:11:b4:23:a1:
60:8d:0d:d7:db:4f:65:a1:29:cc:a4:ba:9b:27:58:a1:35:f8:
87:da:8e:de:0c:b8:d1:4c:90:77:03:7c:8e:bd:dd:2e:f5:f9:
36:ee:09:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw/WW8JLKd0IyIx+VhanALmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjMxMjA2MTMzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY2Zjc4MzUzMDJhODgyMzg4M2FhYWQ3MGY3MGJkYmVjMGY4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUQT3YIAmIlLqpjZ6ljDxaiBN473
b5MHGMHof72tRBFKe7S9godouxe4gwfqkj8d9etWDdJfLev5GpWb33wakhAGZzv4
+zbRIXmXZPLQd6myvAQCAcKUKNtxwYIqc/lpEhUxI213b8f1VBQ9ExR7y2sKqd1i
wKAkZEewokhnz/rbTYBUd/TAZqIc9TY+avcDXxPZnpkiqZDU6HQLVpwmgGLssS3+
2bs86B5IH2nSDwN/dfs3aCAUEOJUFQmnJsxutvidevQXtBlkdx3wjeZ3lGL9gDaP
dtb5YzUwrCinoWJXgmEUg9yh5wHWnVG9+ZdPs6Q1A9x6WK35YETj3kXkXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMT294NTAqiCOIOqrXD3C9vsD4SvMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEveFBiM2cxTUNxSUk0ZzZxdGNQY0wyLXdQaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYNPAwQA
T27sAwQAkhOgAwQA1DQMMA0GCSqGSIb3DQEBCwUAA4IBAQBc18sWnX1N0h2OX3rj
ZMOSjFD9K3+aGWBttZ+mHDivTbhdInZ231oSVbk5Ut7bybJcgiCsu2KpMWs47Ks4
tkl93OmShG5ZXG5LQNLDxsS6iUnuZyDUcKSkDt5ucMWXUQO7qvJb3qhqvCoOz2+C
k51PoVz3wEJYtI9GIyUoZ5IbWjcteq8QvidwZ/RRsI4qMxQT6L6iOIPR1iO9XsEU
yL11S7mOEYQ91x0Fx6zfJM/nLkbHjU/A2FToQye9shhelo/rP5b/FyZy7RO73tA8
HZfXVARJJxG0I6FgjQ3X209loSnMpLqbJ1ihNfiH2o7eDLjRTJB3A3yOvd0u9fk2
7gmK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:37 2024 by rpki-client on console-ams.rpki-client.org