Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/9iPsjtnTyn37KVkoP_8ioJs6VXc.roa
File: 9iPsjtnTyn37KVkoP_8ioJs6VXc.roa (raw, json)
Hash identifier: l/ReRL2ZvtjQ7lHUtm2FtoZZyCISOTvZO50JdthWCB0=
Subject key identifier: F6:23:EC:8E:D9:D3:CA:7D:FB:29:59:28:3F:FF:22:A0:9B:3A:55:77
Certificate issuer: /CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Certificate serial: 018570C2E1CF895485EA46BEC7A46C0C338A
Authority key identifier: 70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/9iPsjtnTyn37KVkoP_8ioJs6VXc.roa
Signing time: Mon 02 Jan 2023 04:34:58 +0000
ROA not before: Mon 02 Jan 2023 04:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20810
IP address blocks: 80.69.192.0/20 maxlen: 20
149.249.32.0/20 maxlen: 20
188.74.0.0/19 maxlen: 20
188.74.0.0/20 maxlen: 20
45.158.172.0/22 maxlen: 22
188.74.16.0/20 maxlen: 20
185.158.180.0/22 maxlen: 22
212.102.118.0/24 maxlen: 24
2a03:7500::/32 maxlen: 32
2a03:7500::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:e1:cf:89:54:85:ea:46:be:c7:a4:6c:0c:33:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707f7ee6ab9cf448f9949367fb7c0ede1073f97f
Validity
Not Before: Jan 2 04:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f623ec8ed9d3ca7dfb2959283fff22a09b3a5577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:80:69:47:a3:b5:be:fb:93:4e:8b:5b:88:
24:c0:46:26:aa:95:48:ce:3a:12:dd:06:0b:c7:27:
0c:82:00:97:e8:09:71:9e:d9:e6:b5:52:af:34:fc:
f4:ef:49:d6:ee:c1:11:5a:ad:13:eb:d1:19:68:ea:
36:90:11:d1:44:ea:67:c1:11:3b:34:b7:99:db:cf:
eb:f7:2f:c3:c3:f6:c0:32:dd:c0:fc:1f:36:57:de:
21:36:74:31:bd:bc:ee:e4:10:8f:3f:12:4d:fe:01:
eb:95:33:54:66:64:3f:cb:79:a7:42:5f:f4:57:5a:
7e:4b:b3:08:3d:2e:b2:70:81:7a:17:ce:cc:b4:f3:
85:fd:0d:0b:a6:3d:52:dd:fa:42:00:08:b0:72:81:
02:df:b0:33:07:0e:08:97:75:1e:e4:8d:76:83:65:
d9:fc:49:00:4a:f1:cb:0f:1f:1a:43:9e:90:6a:40:
7f:f3:6e:38:b8:83:b9:d7:3c:15:11:7a:09:70:f3:
93:e6:40:99:0d:75:3d:99:c5:6d:13:04:db:91:db:
00:7b:b2:a9:ec:5e:fb:f4:2f:d3:1e:fe:ed:64:4d:
0b:89:23:c6:40:d0:28:78:40:ae:4f:14:e2:77:f6:
ee:02:03:87:c5:52:12:50:4c:ab:3d:94:39:cc:40:
f2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:23:EC:8E:D9:D3:CA:7D:FB:29:59:28:3F:FF:22:A0:9B:3A:55:77
X509v3 Authority Key Identifier:
keyid:70:7F:7E:E6:AB:9C:F4:48:F9:94:93:67:FB:7C:0E:DE:10:73:F9:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cH9-5quc9Ej5lJNn-3wO3hBz-X8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/9iPsjtnTyn37KVkoP_8ioJs6VXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/3b45b3-18a4-47f8-8264-f708bc70e6ee/1/cH9-5quc9Ej5lJNn-3wO3hBz-X8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.172.0/22
80.69.192.0/20
149.249.32.0/20
185.158.180.0/22
188.74.0.0/19
212.102.118.0/24
IPv6:
2a03:7500::/29
Signature Algorithm: sha256WithRSAEncryption
5b:c4:b1:cb:f5:f4:f8:89:1b:ee:f2:83:9e:3c:ab:26:45:1b:
ff:f3:3c:28:6d:42:8e:87:de:06:53:53:11:08:ff:56:4f:0d:
db:3f:a3:21:06:17:b7:f3:6c:b0:88:98:ac:eb:a3:54:52:25:
be:22:36:92:e6:75:11:04:c8:2f:87:23:2e:a9:a7:38:30:ff:
41:d4:00:9a:ca:71:fe:c2:11:b2:d1:e4:50:0f:9f:52:af:c5:
86:51:08:6d:67:7a:ba:a9:5f:49:4f:57:16:8c:f4:bd:c7:be:
0e:a8:f1:dd:39:d0:a9:09:d9:d1:d0:8f:a3:c4:3f:08:b7:c3:
af:d6:b3:46:94:09:8d:3b:1a:67:2b:04:e0:12:9d:67:6d:03:
08:86:73:3d:19:1e:3e:0a:33:fe:f3:5a:67:f7:5f:27:24:ba:
b7:d8:43:79:e9:63:32:9d:d2:23:4e:db:ec:bd:f2:5b:61:da:
68:92:a6:e3:d2:c6:32:d8:ae:20:20:e0:46:8c:6f:99:5e:9c:
3a:75:e9:5b:49:2b:b2:63:23:df:b6:4f:77:48:2a:09:5f:4d:
c5:ad:a2:06:b0:19:f1:a7:6c:ab:40:76:cf:e9:29:52:8d:ec:
af:29:28:15:9a:cd:62:3b:0b:0a:55:78:58:10:83:f2:1f:25:
42:f4:f5:99
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwwuHPiVSF6ka+x6RsDDOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwN2Y3ZWU2YWI5Y2Y0NDhmOTk0OTM2N2ZiN2MwZWRlMTA3
M2Y5N2YwHhcNMjMwMTAyMDQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjIzZWM4ZWQ5ZDNjYTdkZmIyOTU5MjgzZmZmMjJhMDliM2E1NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7uAaUejtb77k06LW4gkwEYmqpVI
zjoS3QYLxycMggCX6AlxntnmtVKvNPz070nW7sERWq0T69EZaOo2kBHRROpnwRE7
NLeZ28/r9y/Dw/bAMt3A/B82V94hNnQxvbzu5BCPPxJN/gHrlTNUZmQ/y3mnQl/0
V1p+S7MIPS6ycIF6F87MtPOF/Q0Lpj1S3fpCAAiwcoEC37AzBw4Il3Ue5I12g2XZ
/EkASvHLDx8aQ56QakB/8244uIO51zwVEXoJcPOT5kCZDXU9mcVtEwTbkdsAe7Kp
7F779C/THv7tZE0LiSPGQNAoeECuTxTid/buAgOHxVISUEyrPZQ5zEDy3wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPYj7I7Z08p9+ylZKD//IqCbOlV3MB8GA1UdIwQY
MBaAFHB/fuarnPRI+ZSTZ/t8Dt4Qc/l/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0g5LTVxdWM5RWo1bEpObi0zd08zaEJ6LVg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8zYjQ1YjMtMThhNC00N2Y4LTgyNjQt
ZjcwOGJjNzBlNmVlLzEvOWlQc2p0blR5bjM3S1Zrb1BfOGlvSnM2VlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8zYjQ1YjMtMThhNC00N2Y4LTgyNjQtZjcwOGJjNzBlNmVl
LzEvY0g5LTVxdWM5RWo1bEpObi0zd08zaEJ6LVg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZ6sAwQE
UEXAAwQElfkgAwQCuZ60AwQFvEoAAwQA1GZ2MA0EAgACMAcDBQMqA3UAMA0GCSqG
SIb3DQEBCwUAA4IBAQBbxLHL9fT4iRvu8oOePKsmRRv/8zwobUKOh94GU1MRCP9W
Tw3bP6MhBhe382ywiJis66NUUiW+IjaS5nURBMgvhyMuqac4MP9B1ACaynH+whGy
0eRQD59Sr8WGUQhtZ3q6qV9JT1cWjPS9x74OqPHdOdCpCdnR0I+jxD8It8Ov1rNG
lAmNOxpnKwTgEp1nbQMIhnM9GR4+CjP+81pn918nJLq32EN56WMyndIjTtvsvfJb
Ydpokqbj0sYy2K4gIOBGjG+ZXpw6delbSSuyYyPftk93SCoJX03FraIGsBnxp2yr
QHbP6SlSjeyvKSgVms1iOwsKVXhYEIPyHyVC9PWZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:53 2024 by rpki-client on console-fra.rpki-client.org