Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/g1H9K6Jlb6K4krA0fhdyKorKpo0.roa
File: g1H9K6Jlb6K4krA0fhdyKorKpo0.roa (raw, json)
Hash identifier: n4/gpOjQSwgv946iUMzuntQIYeWDkC6Kjku9q3pTRB4=
Subject key identifier: 83:51:FD:2B:A2:65:6F:A2:B8:92:B0:34:7E:17:72:2A:8A:CA:A6:8D
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018D8921463B9C5123E4A122BE4FEF6882A2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/g1H9K6Jlb6K4krA0fhdyKorKpo0.roa
Signing time: Thu 08 Feb 2024 14:31:15 +0000
ROA not before: Thu 08 Feb 2024 14:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23858
IP address blocks: 45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
185.194.54.0/24 maxlen: 32
185.248.87.0/24 maxlen: 32
195.245.219.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Mar 2024 07:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:21:46:3b:9c:51:23:e4:a1:22:be:4f:ef:68:82:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 8 14:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8351fd2ba2656fa2b892b0347e17722a8acaa68d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:81:0d:e2:c7:20:b8:eb:ad:d9:22:fa:2c:09:
72:66:4f:16:4b:31:0c:20:80:49:b8:3b:da:5f:73:
d3:8b:c8:21:c0:af:33:e6:f2:87:d4:8b:9e:12:77:
8d:1c:f2:5d:fb:31:78:ed:e8:d7:e0:62:a3:5d:fc:
16:df:55:4d:85:a0:20:5c:79:cf:4e:d9:4c:b0:a9:
49:80:f1:f4:91:22:4a:d8:d0:14:d8:f0:ba:7e:a8:
43:6e:c5:d7:03:74:85:48:31:5d:22:b4:7b:35:74:
32:53:e5:f8:20:55:e8:c1:6c:c1:c2:50:e7:bd:a8:
59:82:4b:91:77:41:6b:f9:c9:84:23:4b:2d:00:f9:
29:b1:0b:f8:cc:c3:a7:d8:24:00:6f:0b:bb:c8:9f:
8e:d5:3e:9f:d1:e1:fb:f1:78:c2:ca:0b:63:6e:26:
3b:21:0e:18:ed:ef:e8:4b:5b:a4:ff:a8:94:84:30:
36:02:2f:f4:68:02:3c:e4:4f:9f:32:96:7b:d7:cf:
70:fe:70:a0:ad:3a:26:92:13:62:d7:49:c3:fc:00:
ce:e1:47:00:d4:43:bd:ae:64:73:07:1d:00:65:8b:
c8:ec:4e:1f:04:b9:62:db:1f:d4:cd:7e:11:af:75:
67:b4:b7:b4:82:bf:0f:27:91:3e:d2:28:bb:0a:f7:
ce:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:51:FD:2B:A2:65:6F:A2:B8:92:B0:34:7E:17:72:2A:8A:CA:A6:8D
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/g1H9K6Jlb6K4krA0fhdyKorKpo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/23
45.87.95.0/24
45.139.192.0/24
45.139.195.0/24
185.194.54.0/24
185.248.87.0/24
195.245.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f2:c0:42:26:10:e9:84:97:10:b7:1f:27:7b:be:16:d5:18:
36:e4:ac:da:54:bb:87:f1:3e:27:48:30:ad:2e:56:08:d6:fd:
de:1d:c6:2e:97:21:63:f2:b2:e9:85:2f:f1:74:f2:f1:3c:08:
32:fa:7a:66:47:39:b3:7a:e8:a3:b4:a8:39:c0:e2:75:73:78:
45:31:94:6f:33:38:00:76:31:3b:cc:57:c3:7a:2d:55:6d:c0:
c5:e2:91:f6:5d:cf:2d:37:ce:d0:6a:e3:61:66:f6:a1:f6:dc:
cc:6c:a3:8b:bc:e1:8a:0e:b2:cd:94:c8:fd:ff:eb:20:06:f1:
6f:e8:6b:a6:c9:5f:88:4d:a1:0d:cd:bf:f0:12:30:d1:7f:20:
f8:fe:2d:38:f9:d7:fb:a1:5f:4e:85:ca:2d:64:1f:0f:4e:80:
96:47:a9:4a:9e:29:1f:e6:3c:64:27:8d:b9:c5:30:ab:64:db:
b9:66:af:38:5a:9f:28:c4:70:68:69:ee:4e:05:71:3a:ff:14:
d5:49:88:20:cc:44:1d:43:c7:ef:a0:0d:88:ee:cb:38:d9:fb:
7d:75:a9:de:54:c7:97:43:5f:c7:8c:d6:4b:08:4f:1c:2a:4a:
68:6f:62:d7:03:6b:d3:fc:0d:44:4e:d3:8b:13:f8:27:c2:fe:
81:7d:a4:f8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2JIUY7nFEj5KEivk/vaIKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMjA4MTQzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUxZmQyYmEyNjU2ZmEyYjg5MmIwMzQ3ZTE3NzIyYThhY2FhNjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoEN4scguOut2SL6LAlyZk8WSzEM
IIBJuDvaX3PTi8ghwK8z5vKH1IueEneNHPJd+zF47ejX4GKjXfwW31VNhaAgXHnP
TtlMsKlJgPH0kSJK2NAU2PC6fqhDbsXXA3SFSDFdIrR7NXQyU+X4IFXowWzBwlDn
vahZgkuRd0Fr+cmEI0stAPkpsQv4zMOn2CQAbwu7yJ+O1T6f0eH78XjCygtjbiY7
IQ4Y7e/oS1uk/6iUhDA2Ai/0aAI85E+fMpZ7189w/nCgrTomkhNi10nD/ADO4UcA
1EO9rmRzBx0AZYvI7E4fBLli2x/UzX4Rr3VntLe0gr8PJ5E+0ii7CvfOTwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFINR/SuiZW+iuJKwNH4XciqKyqaNMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZzFIOUs2SmxiNks0a3JBMGZoZHlLb3JLcG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVdcAwQA
LVdfAwQALYvAAwQALYvDAwQAucI2AwQAufhXAwQAw/XbMA0GCSqGSIb3DQEBCwUA
A4IBAQBe8sBCJhDphJcQtx8ne74W1Rg25KzaVLuH8T4nSDCtLlYI1v3eHcYulyFj
8rLphS/xdPLxPAgy+npmRzmzeuijtKg5wOJ1c3hFMZRvMzgAdjE7zFfDei1VbcDF
4pH2Xc8tN87QauNhZvah9tzMbKOLvOGKDrLNlMj9/+sgBvFv6GumyV+ITaENzb/w
EjDRfyD4/i04+df7oV9OhcotZB8PToCWR6lKnikf5jxkJ425xTCrZNu5Zq84Wp8o
xHBoae5OBXE6/xTVSYggzEQdQ8fvoA2I7ss42ft9daneVMeXQ1/HjNZLCE8cKkpo
b2LXA2vT/A1ETtOLE/gnwv6BfaT4
-----END CERTIFICATE-----
Generated at Mon Mar 18 11:50:11 2024 by rpki-client on console-fra.rpki-client.org