Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/S9ZJGlFS5ttWjC3khUGNIcfmB0E.roa
File: S9ZJGlFS5ttWjC3khUGNIcfmB0E.roa (raw, json)
Hash identifier: 8+AirKVbjDRrIj71uVnFVHgLlkbDl7kVBOpwFR6qML4=
Subject key identifier: 4B:D6:49:1A:51:52:E6:DB:56:8C:2D:E4:85:41:8D:21:C7:E6:07:41
Certificate issuer: /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial: 018CC9BB1945B1A5639F56F32C448B56F0E2
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/S9ZJGlFS5ttWjC3khUGNIcfmB0E.roa
Signing time: Tue 02 Jan 2024 10:32:11 +0000
ROA not before: Tue 02 Jan 2024 10:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.94.25.0/24 maxlen: 24
45.13.30.0/23 maxlen: 23
77.83.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 09:45:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:19:45:b1:a5:63:9f:56:f3:2c:44:8b:56:f0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Validity
Not Before: Jan 2 10:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bd6491a5152e6db568c2de485418d21c7e60741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2c:7e:f0:e3:d7:8b:96:6f:c2:65:e0:91:94:
5b:48:cf:28:8e:af:dd:e5:c8:ff:cc:85:ca:c4:0f:
f0:f8:94:c4:75:b3:78:96:f1:2e:ba:83:6c:f5:15:
1f:9a:db:ea:a3:c6:4e:fb:e3:ca:1c:34:93:74:a4:
ac:f7:5b:a6:54:cf:a9:c4:d5:47:90:a8:83:2e:ce:
5c:07:ce:86:79:e4:9b:11:0d:ad:b3:09:da:41:2c:
53:45:8a:c7:cc:2b:a5:d0:d6:ec:5c:d6:ef:e9:25:
f0:cf:36:1a:19:18:1d:13:00:07:fc:25:84:bd:0d:
ba:d5:10:09:76:e0:24:8e:f1:8e:ec:b8:0b:bf:4b:
3e:19:93:af:dd:67:5d:bc:d5:84:3e:31:c0:d1:0e:
55:58:8e:8f:89:88:68:b6:cc:9f:62:ce:57:94:54:
1d:ad:62:92:15:64:ba:21:6e:5e:94:9c:78:bc:38:
ff:de:ab:75:ee:51:ef:b4:e3:f3:51:da:57:b8:eb:
dd:2e:63:31:f5:42:1e:8c:09:98:4d:3b:61:7d:22:
cc:01:eb:2b:8c:68:69:9e:fe:13:32:01:06:d8:35:
a0:57:74:f3:41:ae:65:ed:6c:09:13:e5:a1:40:ce:
9f:7d:b0:72:23:0d:03:90:8e:75:8e:fd:11:a1:e5:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D6:49:1A:51:52:E6:DB:56:8C:2D:E4:85:41:8D:21:C7:E6:07:41
X509v3 Authority Key Identifier:
keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/S9ZJGlFS5ttWjC3khUGNIcfmB0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.30.0/23
45.94.25.0/24
77.83.223.0/24
Signature Algorithm: sha256WithRSAEncryption
06:fc:47:55:85:c4:37:58:ed:3b:65:cf:0f:87:a3:6d:72:67:
37:e7:74:13:2d:b5:c6:d6:99:9d:74:77:24:54:9a:b6:9b:e4:
47:ab:6e:61:b4:6f:75:74:8e:4d:5e:8f:48:80:12:57:d9:55:
7e:94:13:4b:d3:80:26:30:35:e0:d9:c4:57:eb:13:6a:17:91:
22:df:74:8f:2b:7b:c8:2c:e7:53:74:8d:24:51:fe:d0:50:b8:
12:fe:08:95:a0:69:c2:bc:6e:7d:5e:4c:36:48:3c:ca:76:79:
87:ef:f9:a1:ab:e8:1a:0a:14:16:d8:d5:98:03:83:da:a6:1f:
fd:16:8f:d6:2c:fe:de:42:8c:0b:0d:4c:87:ab:64:9d:b9:50:
b7:fe:b0:93:9b:8d:c5:63:c4:04:d0:e1:12:eb:c8:29:7a:e6:
cb:ce:8b:24:06:4a:3e:cb:52:a0:ea:84:a0:77:23:56:be:67:
63:ad:81:ff:f6:54:a1:70:1c:1d:f3:a6:92:67:2a:cd:ca:b2:
1a:58:44:25:02:b0:5f:31:12:df:ee:2c:86:71:88:30:5c:50:
e0:94:df:c4:92:94:52:22:6f:c4:86:77:2b:99:a2:67:be:88:
d7:f0:92:68:d6:79:ed:48:66:67:f7:54:ba:d5:87:93:95:48:
7f:f0:de:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJuxlFsaVjn1bzLESLVvDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjQwMTAyMTAzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ2NDkxYTUxNTJlNmRiNTY4YzJkZTQ4NTQxOGQyMWM3ZTYwNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyx+8OPXi5ZvwmXgkZRbSM8ojq/d
5cj/zIXKxA/w+JTEdbN4lvEuuoNs9RUfmtvqo8ZO++PKHDSTdKSs91umVM+pxNVH
kKiDLs5cB86GeeSbEQ2tswnaQSxTRYrHzCul0NbsXNbv6SXwzzYaGRgdEwAH/CWE
vQ261RAJduAkjvGO7LgLv0s+GZOv3WddvNWEPjHA0Q5VWI6PiYhotsyfYs5XlFQd
rWKSFWS6IW5elJx4vDj/3qt17lHvtOPzUdpXuOvdLmMx9UIejAmYTTthfSLMAesr
jGhpnv4TMgEG2DWgV3TzQa5l7WwJE+WhQM6ffbByIw0DkI51jv0RoeWCXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEvWSRpRUubbVowt5IVBjSHH5gdBMB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvUzlaSkdsRlM1dHRXakMza2hVR05JY2ZtQjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQ0eAwQA
LV4ZAwQATVPfMA0GCSqGSIb3DQEBCwUAA4IBAQAG/EdVhcQ3WO07Zc8Ph6Ntcmc3
53QTLbXG1pmddHckVJq2m+RHq25htG91dI5NXo9IgBJX2VV+lBNL04AmMDXg2cRX
6xNqF5Ei33SPK3vILOdTdI0kUf7QULgS/giVoGnCvG59Xkw2SDzKdnmH7/mhq+ga
ChQW2NWYA4Paph/9Fo/WLP7eQowLDUyHq2SduVC3/rCTm43FY8QE0OES68gpeubL
zoskBko+y1Kg6oSgdyNWvmdjrYH/9lShcBwd86aSZyrNyrIaWEQlArBfMRLf7iyG
cYgwXFDglN/EkpRSIm/EhncrmaJnvojX8JJo1nntSGZn91S61YeTlUh/8N61
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:46 2024 by rpki-client on console-ams.rpki-client.org