Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/4TOJC8rfbIdM4hUW8qpMh5-R3w0.roa
File: 4TOJC8rfbIdM4hUW8qpMh5-R3w0.roa (raw, json)
Hash identifier: lN8dT+w7i66ghwG1ah9hnTD4zRqh1v3kEiy4OFomDL4=
Subject key identifier: E1:33:89:0B:CA:DF:6C:87:4C:E2:15:16:F2:AA:4C:87:9F:91:DF:0D
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0187C352E128A043801135E183D6471931AA
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/4TOJC8rfbIdM4hUW8qpMh5-R3w0.roa
Signing time: Thu 27 Apr 2023 15:26:41 +0000
ROA not before: Thu 27 Apr 2023 15:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 185.177.238.0/24 maxlen: 24
185.177.237.0/24 maxlen: 24
185.112.59.0/24 maxlen: 24
45.93.212.0/24 maxlen: 24
185.58.114.0/24 maxlen: 24
185.111.25.0/24 maxlen: 24
45.93.215.0/24 maxlen: 24
185.24.109.0/24 maxlen: 24
185.97.79.0/24 maxlen: 24
77.83.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 May 2023 07:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:52:e1:28:a0:43:80:11:35:e1:83:d6:47:19:31:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Apr 27 15:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e133890bcadf6c874ce21516f2aa4c879f91df0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:d1:ab:fe:cf:38:fb:8b:66:eb:d1:9a:14:
e3:43:64:7f:c4:38:cc:08:19:8a:e3:99:7a:9e:4a:
76:eb:14:54:9d:ff:6c:2f:a4:41:87:8e:7a:13:e7:
54:5a:4d:91:ee:74:76:d0:d6:13:57:c8:ee:04:37:
c3:ed:a1:bf:5a:72:fe:33:3c:66:7a:e3:6a:50:1a:
1d:42:10:37:c5:7c:31:1e:41:cf:27:74:e1:46:c7:
17:c5:b2:2e:ea:dd:b9:0c:4c:f3:6d:7a:a7:36:8c:
d6:6a:9d:a1:8d:97:dc:2c:60:05:a1:7f:92:29:02:
38:9c:bf:8c:1c:e5:e4:39:70:b2:aa:1b:0c:dd:d3:
3e:d4:78:b9:58:fa:c4:06:72:aa:17:4a:67:c6:d6:
e9:56:12:c0:d0:f1:83:93:d1:06:c7:cf:df:db:2f:
3e:ac:25:3d:9f:9b:ed:ef:6d:ae:93:f4:f9:17:95:
58:79:77:67:59:55:a4:02:36:56:ff:ed:d3:65:0e:
66:15:40:bb:bd:da:a6:0b:15:1c:e9:59:e4:c7:68:
4d:4e:9e:f0:e5:22:f8:98:64:f6:93:a0:45:07:ec:
87:4e:7d:2a:e4:9e:96:c8:12:b2:31:02:d3:cf:86:
7a:3e:f5:25:6e:c7:e6:c3:83:ba:c8:fd:f1:fe:cb:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:33:89:0B:CA:DF:6C:87:4C:E2:15:16:F2:AA:4C:87:9F:91:DF:0D
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/4TOJC8rfbIdM4hUW8qpMh5-R3w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.212.0/24
45.93.215.0/24
77.83.245.0/24
185.24.109.0/24
185.58.114.0/24
185.97.79.0/24
185.111.25.0/24
185.112.59.0/24
185.177.237.0-185.177.238.255
Signature Algorithm: sha256WithRSAEncryption
1a:0c:35:ec:5a:c4:38:e4:65:86:8d:ee:1a:d8:03:a7:14:54:
36:b4:b5:ec:0c:a1:6a:db:a3:b3:2d:dd:15:6b:f1:ff:7e:5f:
44:67:0a:65:10:7f:1b:a2:95:ce:92:21:25:10:65:87:08:a2:
0e:c2:6b:1c:9a:97:97:51:d8:c5:06:21:99:a4:3b:02:e7:9e:
4a:45:ce:a1:95:40:a5:c7:2a:a0:f9:b1:25:2c:90:5a:40:f1:
53:d6:b2:c3:39:8a:93:f6:b3:15:c7:2a:23:df:b1:29:8a:7a:
00:58:ae:ce:9f:82:ca:32:5f:48:fd:a8:99:18:b4:95:e2:a0:
b5:29:f2:16:a8:54:1c:57:d0:c9:31:c3:12:73:a6:12:3b:c6:
c3:37:d4:a8:9d:01:1d:1f:f7:d5:46:11:50:a3:db:66:ff:3e:
3b:d5:2b:b8:c5:d7:67:f6:53:46:d7:61:45:9d:b6:9b:e1:bf:
0a:54:cd:10:75:5e:98:29:8d:df:b7:de:13:e9:b1:6c:36:f3:
25:bb:35:2c:54:32:37:65:b5:41:a1:11:88:54:ec:5f:da:3d:
d9:be:b4:ed:c7:d0:89:a5:c1:01:41:89:3c:c6:f5:d1:8d:fd:
4c:5c:67:22:66:55:74:8d:f1:16:e3:69:03:71:4c:17:60:7a:
d7:9d:d6:86
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYfDUuEooEOAETXhg9ZHGTGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNDI3MTUyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMzODkwYmNhZGY2Yzg3NGNlMjE1MTZmMmFhNGM4NzlmOTFkZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHXRq/7POPuLZuvRmhTjQ2R/xDjM
CBmK45l6nkp26xRUnf9sL6RBh456E+dUWk2R7nR20NYTV8juBDfD7aG/WnL+Mzxm
euNqUBodQhA3xXwxHkHPJ3ThRscXxbIu6t25DEzzbXqnNozWap2hjZfcLGAFoX+S
KQI4nL+MHOXkOXCyqhsM3dM+1Hi5WPrEBnKqF0pnxtbpVhLA0PGDk9EGx8/f2y8+
rCU9n5vt722uk/T5F5VYeXdnWVWkAjZW/+3TZQ5mFUC7vdqmCxUc6Vnkx2hNTp7w
5SL4mGT2k6BFB+yHTn0q5J6WyBKyMQLTz4Z6PvUlbsfmw4O6yP3x/suqXwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOEziQvK32yHTOIVFvKqTIefkd8NMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvNFRPSkM4cmZiSWRNNGhVVzhxcE1oNS1SM3cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALV3UAwQA
LV3XAwQATVP1AwQAuRhtAwQAuTpyAwQAuWFPAwQAuW8ZAwQAuXA7MAwDBAC5se0D
BAC5se4wDQYJKoZIhvcNAQELBQADggEBABoMNexaxDjkZYaN7hrYA6cUVDa0tewM
oWrbo7Mt3RVr8f9+X0RnCmUQfxuilc6SISUQZYcIog7Caxyal5dR2MUGIZmkOwLn
nkpFzqGVQKXHKqD5sSUskFpA8VPWssM5ipP2sxXHKiPfsSmKegBYrs6fgsoyX0j9
qJkYtJXioLUp8haoVBxX0MkxwxJzphI7xsM31KidAR0f99VGEVCj22b/PjvVK7jF
12f2U0bXYUWdtpvhvwpUzRB1Xpgpjd+33hPpsWw28yW7NSxUMjdltUGhEYhU7F/a
Pdm+tO3H0ImlwQFBiTzG9dGN/UxcZyJmVXSN8RbjaQNxTBdgeted1oY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org