Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/IlnSD3EVyFKmtJVUH0x5wPCnfV0.roa
File: IlnSD3EVyFKmtJVUH0x5wPCnfV0.roa (raw, json)
Hash identifier: luifqogcC6m5Y6RcydzYvc+2TTSzeMSdstlvpWDy6Hk=
Subject key identifier: 22:59:D2:0F:71:15:C8:52:A6:B4:95:54:1F:4C:79:C0:F0:A7:7D:5D
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018CC6B7DF4D66DAB0BAEF90DD97599C1F9D
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/IlnSD3EVyFKmtJVUH0x5wPCnfV0.roa
Signing time: Mon 01 Jan 2024 20:29:48 +0000
ROA not before: Mon 01 Jan 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 21:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:df:4d:66:da:b0:ba:ef:90:dd:97:59:9c:1f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 1 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2259d20f7115c852a6b495541f4c79c0f0a77d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:f5:26:1b:d5:32:b2:7e:27:11:61:ac:14:
38:90:0a:86:36:d4:0d:49:32:ff:35:90:fd:96:59:
dc:2e:a0:b3:f7:6c:b7:7a:74:8f:87:f3:a0:5a:7c:
fe:51:25:7b:94:9c:9a:01:d0:39:bf:a8:ab:87:9b:
f1:08:e8:8a:e1:24:54:19:49:00:d2:1b:a0:4f:82:
d8:25:ac:07:27:a8:48:bb:6b:a9:cb:40:a1:b5:e4:
a0:9b:65:a2:1a:a7:6f:a9:fa:85:2f:41:b9:e7:4f:
fc:61:c0:69:b5:64:36:86:64:83:f2:11:07:57:f9:
4b:20:76:4e:4a:28:72:4a:ca:55:df:bd:79:3f:1f:
b8:01:19:a4:03:60:70:64:09:2d:2f:2d:3b:e3:f9:
1b:de:0a:a9:53:1e:2d:2e:40:44:e6:bd:9e:c1:30:
25:b1:44:e6:0d:c7:46:4e:ae:cb:ac:13:36:05:d2:
d2:b0:66:e6:bc:95:c1:f5:8c:58:35:f5:14:67:a7:
11:3a:a1:6e:f2:ee:5a:1e:bd:9c:36:de:46:7f:75:
b0:9c:4b:80:5b:4b:1f:20:00:84:97:d1:9b:fe:e1:
93:c8:67:6c:96:0f:4b:10:a9:75:00:0e:2f:eb:28:
48:21:22:df:91:42:82:f4:fe:17:73:02:4f:0a:8c:
31:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:59:D2:0F:71:15:C8:52:A6:B4:95:54:1F:4C:79:C0:F0:A7:7D:5D
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/IlnSD3EVyFKmtJVUH0x5wPCnfV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
77.72.85.0/24
91.235.234.0/24
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.109.120.0/24
194.61.120.0/23
195.54.160.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:3:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:5::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::-2a10:1fc0:10:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:bb:2d:d4:4e:f0:b3:da:f4:38:89:34:b7:41:dc:19:12:af:
58:04:c8:44:6f:99:1c:56:ff:ac:25:d8:c0:56:f8:cc:3a:8e:
d5:33:bd:b2:1d:53:0f:57:52:c8:14:55:db:82:8b:98:39:f1:
d7:69:2b:5a:e0:e1:49:d6:de:1b:22:40:d4:06:37:00:e8:f3:
d8:90:a5:5d:b0:eb:32:21:a3:bc:86:b2:21:60:93:06:14:4d:
cc:a2:85:89:fa:4b:33:9e:14:cd:95:3d:0e:cc:48:82:cb:d4:
cf:3c:37:b5:00:85:25:06:30:14:34:33:5d:34:63:ed:14:74:
50:02:23:95:ef:60:05:d5:95:9a:ea:8c:b3:75:df:33:64:70:
29:c0:43:2e:6a:c6:14:04:c6:98:7a:d1:53:3d:86:21:8e:6e:
20:27:fb:ea:f7:13:bb:af:e6:4e:57:15:8c:4e:ff:06:39:6f:
17:e8:d0:59:70:94:56:8e:be:8f:c2:00:b6:2a:fc:dc:85:9c:
11:a2:17:e1:d7:47:44:80:13:06:03:2b:d7:f0:c4:ee:af:f3:
02:4b:0a:ef:07:8c:d2:c3:67:28:2a:b7:a5:6f:41:b2:ae:27:
2b:59:76:d4:d7:6b:bd:5b:dc:c3:1b:ef:e5:c7:44:d7:42:81:
6a:4b:1a:84
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYzGt99NZtqwuu+Q3ZdZnB+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwMTAxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU5ZDIwZjcxMTVjODUyYTZiNDk1NTQxZjRjNzljMGYwYTc3ZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp071JhvVMrJ+JxFhrBQ4kAqGNtQN
STL/NZD9llncLqCz92y3enSPh/OgWnz+USV7lJyaAdA5v6irh5vxCOiK4SRUGUkA
0hugT4LYJawHJ6hIu2upy0ChteSgm2WiGqdvqfqFL0G550/8YcBptWQ2hmSD8hEH
V/lLIHZOSihySspV3715Px+4ARmkA2BwZAktLy074/kb3gqpUx4tLkBE5r2ewTAl
sUTmDcdGTq7LrBM2BdLSsGbmvJXB9YxYNfUUZ6cROqFu8u5aHr2cNt5Gf3WwnEuA
W0sfIACEl9Gb/uGTyGdslg9LEKl1AA4v6yhIISLfkUKC9P4XcwJPCowxXQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFCJZ0g9xFchSprSVVB9MecDwp31dMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvSWxuU0QzRVZ5RkttdEpWVUgweDV3UENuZlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzBIBAIAATBCAwQBLVbk
AwQALVbnAwQALYHHAwQATUhVAwQAW+vqAwQBsHwgAwQAuScSAwQAuXs1AwQAwW14
AwQBwj14AwQAwzagMEsEAgACMEUwEgMHACoQH8AAAQMHAioQH8AAADASAwcAKhAf
wAAFAwcAKhAfwAAGAwcAKhAfwAAIMBIDBwAqEB/AAAsDBwAqEB/AABAwDQYJKoZI
hvcNAQELBQADggEBAI67LdRO8LPa9DiJNLdB3BkSr1gEyERvmRxW/6wl2MBW+Mw6
jtUzvbIdUw9XUsgUVduCi5g58ddpK1rg4UnW3hsiQNQGNwDo89iQpV2w6zIho7yG
siFgkwYUTcyihYn6SzOeFM2VPQ7MSILL1M88N7UAhSUGMBQ0M100Y+0UdFACI5Xv
YAXVlZrqjLN13zNkcCnAQy5qxhQExph60VM9hiGObiAn++r3E7uv5k5XFYxO/wY5
bxfo0FlwlFaOvo/CALYq/NyFnBGiF+HXR0SAEwYDK9fwxO6v8wJLCu8HjNLDZygq
t6VvQbKuJytZdtTXa71b3MMb7+XHRNdCgWpLGoQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:23 2024 by rpki-client on console-fra.rpki-client.org