Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gO9efJf8SONKJrws7-4ISpduky8.roa
File: gO9efJf8SONKJrws7-4ISpduky8.roa (raw, json)
Hash identifier: QLCjq73hAb12WZPTnlztZJZ4VI6tILaIsqNa+LpW/Ro=
Subject key identifier: 80:EF:5E:7C:97:FC:48:E3:4A:26:BC:2C:EF:EE:08:4A:97:6E:93:2F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B37DC4DF5EC1FCE7278844942386A0393
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gO9efJf8SONKJrws7-4ISpduky8.roa
Signing time: Mon 16 Oct 2023 09:41:06 +0000
ROA not before: Mon 16 Oct 2023 09:41:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 45.95.240.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
45.87.28.0/24 maxlen: 24
45.130.142.0/24 maxlen: 24
45.148.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 18:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:dc:4d:f5:ec:1f:ce:72:78:84:49:42:38:6a:03:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 16 09:41:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ef5e7c97fc48e34a26bc2cefee084a976e932f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:2e:ae:b8:e0:2f:f7:83:d7:71:df:01:c0:
26:eb:77:53:a3:9c:f0:3c:a7:80:3c:32:2f:17:12:
43:4e:7b:5e:69:58:01:29:f8:3d:92:a8:7e:b1:32:
48:cb:ec:b3:93:20:0a:9e:87:f4:47:3d:97:34:57:
b6:03:bb:95:33:03:5f:45:f5:29:e8:45:1f:b0:2b:
9d:0c:ef:05:71:6f:de:bc:0e:7a:0f:16:8e:b8:e2:
b8:f2:b4:f2:3d:e9:4b:87:fc:1f:d6:2b:b1:66:7c:
b7:15:fd:d9:65:ef:40:c9:96:57:4e:72:77:7a:cf:
9c:46:5d:5c:a6:60:a7:ca:c4:c1:e5:57:e1:f1:b5:
fe:2c:e9:c5:7f:c9:84:99:ad:7d:7b:8a:05:72:36:
2b:82:50:d5:6a:9b:d1:50:50:aa:c0:8a:78:c7:fd:
1c:d2:ef:cd:6c:1a:fe:e6:fa:a5:29:bd:14:24:f4:
78:4f:f6:46:80:1e:5d:b7:6a:6d:cb:53:b6:e6:6f:
70:4f:e2:33:45:fa:7b:c0:16:09:5c:63:95:51:e0:
7e:e5:34:de:02:b4:a6:59:8f:a4:d1:9d:13:00:f9:
2f:d2:0e:c2:2f:b5:0a:5b:7a:56:08:7d:19:8e:45:
58:69:85:53:e8:c0:28:33:35:8b:a2:34:3c:c2:93:
49:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EF:5E:7C:97:FC:48:E3:4A:26:BC:2C:EF:EE:08:4A:97:6E:93:2F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/gO9efJf8SONKJrws7-4ISpduky8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.28.0/24
45.95.240.0/24
45.130.142.0/24
45.148.96.0/24
45.149.104.0/24
Signature Algorithm: sha256WithRSAEncryption
48:46:b8:42:d3:5e:07:24:5e:3d:42:a4:45:24:75:cf:07:5c:
10:08:9f:b9:fd:5a:9c:90:9a:a9:18:3c:5e:ab:43:bc:0e:63:
7e:ef:69:1b:26:c8:e7:e3:ff:ca:ee:47:d1:78:31:4a:de:f0:
ca:5f:90:c6:22:ae:2b:2b:d1:22:78:2f:92:7e:e3:71:0e:eb:
18:2e:25:cd:1a:99:7a:e2:71:b0:14:28:8d:e4:51:aa:51:8e:
4d:1d:a6:4c:70:45:a2:a4:f9:24:2e:9f:a7:1b:85:00:8e:b9:
9d:17:8a:77:8b:4b:0d:19:36:e8:9e:b3:da:a4:90:95:2d:55:
41:b5:81:20:05:8f:8f:b9:37:23:19:65:be:be:dc:8e:78:b6:
90:0f:f3:22:b2:08:46:1e:ca:b2:a8:3f:69:44:bd:f9:07:68:
dc:fc:1a:49:cb:03:1b:5a:a6:16:4d:f9:21:f0:6f:b2:19:dd:
19:8b:88:51:28:df:b6:0b:16:7b:65:b8:d0:27:66:e5:b8:ae:
d1:ba:3e:0a:7b:68:90:b7:de:f4:22:d3:88:de:60:e4:d1:3b:
18:9d:06:cb:d3:97:de:00:b2:45:29:0c:de:d2:d7:10:63:c6:
dd:ae:4e:e7:d9:2f:3d:2f:9f:74:96:e4:84:1f:fc:65:40:f5:
06:21:e8:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYs33E317B/OcniESUI4agOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMDE2MDk0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVmNWU3Yzk3ZmM0OGUzNGEyNmJjMmNlZmVlMDg0YTk3NmU5MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHMurrjgL/eD13HfAcAm63dTo5zw
PKeAPDIvFxJDTnteaVgBKfg9kqh+sTJIy+yzkyAKnof0Rz2XNFe2A7uVMwNfRfUp
6EUfsCudDO8FcW/evA56DxaOuOK48rTyPelLh/wf1iuxZny3Ff3ZZe9AyZZXTnJ3
es+cRl1cpmCnysTB5Vfh8bX+LOnFf8mEma19e4oFcjYrglDVapvRUFCqwIp4x/0c
0u/NbBr+5vqlKb0UJPR4T/ZGgB5dt2pty1O25m9wT+IzRfp7wBYJXGOVUeB+5TTe
ArSmWY+k0Z0TAPkv0g7CL7UKW3pWCH0ZjkVYaYVT6MAoMzWLojQ8wpNJAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIDvXnyX/EjjSia8LO/uCEqXbpMvMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZ085ZWZKZjhTT05LSnJ3czctNElTcGR1a3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVccAwQA
LV/wAwQALYKOAwQALZRgAwQALZVoMA0GCSqGSIb3DQEBCwUAA4IBAQBIRrhC014H
JF49QqRFJHXPB1wQCJ+5/VqckJqpGDxeq0O8DmN+72kbJsjn4//K7kfReDFK3vDK
X5DGIq4rK9EieC+SfuNxDusYLiXNGpl64nGwFCiN5FGqUY5NHaZMcEWipPkkLp+n
G4UAjrmdF4p3i0sNGTbonrPapJCVLVVBtYEgBY+PuTcjGWW+vtyOeLaQD/MisghG
HsqyqD9pRL35B2jc/BpJywMbWqYWTfkh8G+yGd0Zi4hRKN+2CxZ7ZbjQJ2bluK7R
uj4Ke2iQt970ItOI3mDk0TsYnQbL05feALJFKQze0tcQY8bdrk7n2S89L590luSE
H/xlQPUGIejD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org