Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/AtNxpp7UOkVGxE02CXpHW6vXNlM.roa
File: AtNxpp7UOkVGxE02CXpHW6vXNlM.roa (raw, json)
Hash identifier: 4dbvypCQ7ZTQ9kZ9zO2tNeOOZpkt93I1P+zA5Vj3qmo=
Subject key identifier: 02:D3:71:A6:9E:D4:3A:45:46:C4:4D:36:09:7A:47:5B:AB:D7:36:53
Certificate issuer: /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial: 0187DD58E36806316F4F1B675505705FA082
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/AtNxpp7UOkVGxE02CXpHW6vXNlM.roa
Signing time: Tue 02 May 2023 16:43:22 +0000
ROA not before: Tue 02 May 2023 16:43:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.94.25.0/24 maxlen: 24
45.13.30.0/23 maxlen: 23
77.83.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:58:e3:68:06:31:6f:4f:1b:67:55:05:70:5f:a0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Validity
Not Before: May 2 16:43:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02d371a69ed43a4546c44d36097a475babd73653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:26:ea:9c:b7:1b:8e:82:1d:25:67:c1:5a:62:
98:9f:50:04:ba:d8:ab:7c:56:73:16:cb:ac:cf:57:
40:18:83:3c:f4:9f:a7:c9:e6:9e:42:49:af:3c:94:
24:17:2e:0c:d4:c2:34:3f:8c:70:5f:b1:c8:f9:38:
24:bf:0a:d7:fd:34:25:99:8c:df:f3:a5:5d:db:63:
5f:90:31:50:6d:b0:b8:f3:71:c6:7b:c2:a7:fe:0e:
fc:1a:19:f7:5a:eb:37:b4:0d:67:78:03:58:a8:3c:
34:39:f0:6a:6f:4e:52:da:a2:68:da:0d:39:ac:f9:
35:c5:bd:e9:87:6c:be:28:99:62:75:c5:1d:92:28:
04:67:5d:29:32:ee:38:73:27:52:c5:4b:a3:a1:7f:
23:03:af:ce:f0:6b:a2:f1:f7:b3:f6:c4:a6:93:77:
34:13:0b:c6:dc:bf:e8:81:15:c2:43:64:46:ff:d5:
d8:ae:5b:fe:7d:4f:51:87:82:f1:ea:26:7e:f3:f1:
22:e0:ae:00:66:b7:82:5c:d0:06:67:87:02:31:ef:
d3:f2:8d:1b:b5:3f:da:78:62:74:46:50:d0:70:6e:
d1:b0:e4:ee:c5:0a:b5:49:de:49:49:76:c9:c0:7d:
91:d8:e5:30:fc:cb:49:7d:7c:74:c0:1c:04:74:a6:
96:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D3:71:A6:9E:D4:3A:45:46:C4:4D:36:09:7A:47:5B:AB:D7:36:53
X509v3 Authority Key Identifier:
keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/AtNxpp7UOkVGxE02CXpHW6vXNlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.30.0/23
45.94.25.0/24
77.83.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:cf:23:48:65:17:72:5a:45:a8:d4:66:f6:68:08:e7:6d:5c:
c6:b4:35:3d:31:75:0f:06:57:b9:3b:20:9c:6c:da:9f:09:07:
3e:78:24:ee:99:4f:88:ce:ab:bf:e3:5f:24:92:a1:d0:b2:65:
90:05:ce:79:93:a9:b9:a5:3c:6f:7c:63:23:64:ba:c1:c2:0e:
71:9e:95:fc:f8:ca:39:1f:af:71:9b:54:2a:a3:fe:ed:93:64:
4f:a2:cd:bb:e1:33:c4:75:ae:3a:6f:4e:de:44:76:36:45:b8:
27:68:cd:9f:bb:97:6c:f3:3b:4d:84:9e:fe:81:c3:08:aa:5c:
4d:ae:d3:6f:ff:01:ec:2d:35:ef:eb:6e:7c:89:60:ab:7d:11:
3d:b2:ae:21:82:c4:41:ff:69:c0:b6:60:1f:c5:86:72:a0:e8:
1e:b9:97:26:61:20:0f:b2:39:8e:56:8b:e3:70:2b:19:fa:8e:
75:2d:bc:e0:54:30:bf:ee:0f:26:92:f8:1a:5d:0a:52:3f:e1:
aa:33:7a:ee:f2:22:97:e2:c0:a9:b3:c2:dd:3c:dc:df:c7:97:
48:8e:15:d5:0d:2b:0c:99:41:91:e9:5c:74:a3:bc:c4:1e:e2:
02:2c:07:e9:b0:52:fa:7d:a1:ed:7b:f9:2f:e8:36:5d:cc:5c:
f3:29:7f:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfdWONoBjFvTxtnVQVwX6CCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjMwNTAyMTY0MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQzNzFhNjllZDQzYTQ1NDZjNDRkMzYwOTdhNDc1YmFiZDczNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzybqnLcbjoIdJWfBWmKYn1AEutir
fFZzFsusz1dAGIM89J+nyeaeQkmvPJQkFy4M1MI0P4xwX7HI+TgkvwrX/TQlmYzf
86Vd22NfkDFQbbC483HGe8Kn/g78Ghn3Wus3tA1neANYqDw0OfBqb05S2qJo2g05
rPk1xb3ph2y+KJlidcUdkigEZ10pMu44cydSxUujoX8jA6/O8Gui8fez9sSmk3c0
EwvG3L/ogRXCQ2RG/9XYrlv+fU9Rh4Lx6iZ+8/Ei4K4AZreCXNAGZ4cCMe/T8o0b
tT/aeGJ0RlDQcG7RsOTuxQq1Sd5JSXbJwH2R2OUw/MtJfXx0wBwEdKaWKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFALTcaae1DpFRsRNNgl6R1ur1zZTMB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvQXROeHBwN1VPa1ZHeEUwMkNYcEhXNnZYTmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQ0eAwQA
LV4ZAwQATVPfMA0GCSqGSIb3DQEBCwUAA4IBAQCKzyNIZRdyWkWo1Gb2aAjnbVzG
tDU9MXUPBle5OyCcbNqfCQc+eCTumU+Izqu/418kkqHQsmWQBc55k6m5pTxvfGMj
ZLrBwg5xnpX8+Mo5H69xm1Qqo/7tk2RPos274TPEda46b07eRHY2RbgnaM2fu5ds
8ztNhJ7+gcMIqlxNrtNv/wHsLTXv6258iWCrfRE9sq4hgsRB/2nAtmAfxYZyoOge
uZcmYSAPsjmOVovjcCsZ+o51LbzgVDC/7g8mkvgaXQpSP+GqM3ru8iKX4sCps8Ld
PNzfx5dIjhXVDSsMmUGR6Vx0o7zEHuICLAfpsFL6faHte/kv6DZdzFzzKX+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:14 2024 by rpki-client on console-fra.rpki-client.org