Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/nAFRqhLgA-bOgS6-KwNzT3OAtLA.roa
File: nAFRqhLgA-bOgS6-KwNzT3OAtLA.roa (raw, json)
Hash identifier: 1uHS91wZlhIZpomCRptDJ5M2ZAEfF9i1MJQMBwR4UWo=
Subject key identifier: 9C:01:51:AA:12:E0:03:E6:CE:81:2E:BE:2B:03:73:4F:73:80:B4:B0
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0191C7925A07F854B89FCFA75082E52176CF
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/nAFRqhLgA-bOgS6-KwNzT3OAtLA.roa
Signing time: Fri 06 Sep 2024 13:42:22 +0000
ROA not before: Fri 06 Sep 2024 13:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 45.10.40.0/22 maxlen: 24
88.218.168.0/22 maxlen: 24
91.184.240.0/22 maxlen: 24
93.183.80.0/22 maxlen: 24
185.197.75.0/24 maxlen: 24
193.188.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 11:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:92:5a:07:f8:54:b8:9f:cf:a7:50:82:e5:21:76:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Sep 6 13:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c0151aa12e003e6ce812ebe2b03734f7380b4b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cd:92:7a:93:63:86:c5:f3:87:fd:99:3e:4a:
84:e7:a4:69:7f:61:32:01:7a:26:87:7e:b2:18:6e:
d5:19:c7:06:9f:fd:e1:d9:18:27:ef:83:3d:dd:c0:
5a:f1:ca:f2:e9:4a:58:d6:2a:e6:ff:86:7c:cd:92:
df:5b:42:24:b8:3e:09:38:18:c7:26:73:f9:7d:4a:
9b:fe:90:f6:16:40:c7:76:24:c6:bc:63:6d:9e:fc:
75:40:32:7d:65:6a:2a:a1:3c:aa:a9:cf:8b:41:cb:
9b:09:a7:97:7c:55:98:05:88:a7:6c:65:e7:5a:68:
72:9a:ea:b9:83:8d:b4:c1:99:3a:67:de:7a:42:d4:
93:3a:13:93:ba:85:db:ed:9c:b1:77:19:39:05:56:
13:6c:d2:13:cc:d2:03:53:c7:5b:fe:6e:78:a2:5e:
18:b7:65:eb:04:20:72:a6:48:a3:55:c9:5c:50:5f:
87:8c:e0:3b:39:32:43:a1:68:05:35:67:33:04:3b:
97:43:63:3c:61:74:15:39:2d:5c:1c:f2:31:80:44:
d1:4d:68:35:c8:11:4b:dd:8a:23:71:50:0f:12:69:
74:28:33:bd:66:b2:39:dd:d7:95:7d:b8:2b:84:54:
29:e1:bf:4a:39:31:de:91:c2:2b:12:53:31:fa:47:
ef:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:01:51:AA:12:E0:03:E6:CE:81:2E:BE:2B:03:73:4F:73:80:B4:B0
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/nAFRqhLgA-bOgS6-KwNzT3OAtLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.40.0/22
88.218.168.0/22
91.184.240.0/22
93.183.80.0/22
185.197.75.0/24
193.188.23.0/24
Signature Algorithm: sha256WithRSAEncryption
01:80:06:4e:66:87:1a:0b:44:8d:ac:e1:51:6e:78:42:b0:ab:
d8:5d:d4:d0:03:43:05:03:5f:ac:f0:72:de:22:a2:c7:4c:6f:
42:45:22:b0:ef:26:85:46:0f:dc:3a:55:89:f6:ae:a2:62:4c:
11:87:00:84:de:46:3f:ba:11:6d:17:8e:6b:71:1c:c1:28:fe:
30:c7:01:2e:c2:09:75:ec:d3:31:fa:fe:05:5d:d1:40:21:08:
ed:9b:e1:7d:b8:6c:df:bf:7f:7f:1b:30:9e:06:91:d2:6d:44:
8a:60:7a:3f:a0:1d:74:2f:ae:e9:81:bd:98:4b:22:6c:f3:fb:
5f:17:e1:ad:0f:40:3f:9b:e1:17:06:55:06:8f:4e:6a:52:c3:
22:80:8d:2d:5d:08:18:47:28:5d:48:30:80:01:a8:d3:a5:ad:
1e:a2:f2:15:82:24:e0:7f:b7:40:15:12:88:6d:3e:5a:4d:85:
b8:77:dc:5a:19:95:64:4b:b3:93:b2:5a:1f:eb:39:1e:ed:3d:
ef:e2:f6:4c:dc:b0:56:e6:34:b1:bc:f7:ba:2c:91:cb:08:9d:
00:50:41:d1:79:f2:ff:b8:ef:d1:cd:2a:f8:cd:0a:8d:cc:ce:
93:12:0d:42:fa:f4:52:c7:d7:a9:48:ee:ca:99:0f:1d:65:ff:
83:94:ad:0f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHHkloH+FS4n8+nUILlIXbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwOTA2MTM0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAxNTFhYTEyZTAwM2U2Y2U4MTJlYmUyYjAzNzM0ZjczODBiNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps2SepNjhsXzh/2ZPkqE56Rpf2Ey
AXomh36yGG7VGccGn/3h2Rgn74M93cBa8cry6UpY1irm/4Z8zZLfW0IkuD4JOBjH
JnP5fUqb/pD2FkDHdiTGvGNtnvx1QDJ9ZWoqoTyqqc+LQcubCaeXfFWYBYinbGXn
Wmhymuq5g420wZk6Z956QtSTOhOTuoXb7Zyxdxk5BVYTbNITzNIDU8db/m54ol4Y
t2XrBCBypkijVclcUF+HjOA7OTJDoWgFNWczBDuXQ2M8YXQVOS1cHPIxgETRTWg1
yBFL3YojcVAPEml0KDO9ZrI53deVfbgrhFQp4b9KOTHekcIrElMx+kfv8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJwBUaoS4APmzoEuvisDc09zgLSwMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvbkFGUnFoTGdBLWJPZ1M2LUt3TnpUM09BdExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQooAwQC
WNqoAwQCW7jwAwQCXbdQAwQAucVLAwQAwbwXMA0GCSqGSIb3DQEBCwUAA4IBAQAB
gAZOZocaC0SNrOFRbnhCsKvYXdTQA0MFA1+s8HLeIqLHTG9CRSKw7yaFRg/cOlWJ
9q6iYkwRhwCE3kY/uhFtF45rcRzBKP4wxwEuwgl17NMx+v4FXdFAIQjtm+F9uGzf
v39/GzCeBpHSbUSKYHo/oB10L67pgb2YSyJs8/tfF+GtD0A/m+EXBlUGj05qUsMi
gI0tXQgYRyhdSDCAAajTpa0eovIVgiTgf7dAFRKIbT5aTYW4d9xaGZVkS7OTslof
6zke7T3v4vZM3LBW5jSxvPe6LJHLCJ0AUEHRefL/uO/RzSr4zQqNzM6TEg1C+vRS
x9epSO7KmQ8dZf+DlK0P
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:30:06 2024 by rpki-client on console-fra.rpki-client.org