Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/g9aCBwc6L75t5V5ieffVyDsF0Rc.roa
File: g9aCBwc6L75t5V5ieffVyDsF0Rc.roa (raw, json)
Hash identifier: aimhMJiIw3CulHPh6CMozWtUoi7W9ScHpnwB3zwMLZ4=
Subject key identifier: 83:D6:82:07:07:3A:2F:BE:6D:E5:5E:62:79:F7:D5:C8:3B:05:D1:17
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 01856EA6CD92C7DA17E7E6E6F8EDDD11C6D5
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/g9aCBwc6L75t5V5ieffVyDsF0Rc.roa
Signing time: Sun 01 Jan 2023 18:45:03 +0000
ROA not before: Sun 01 Jan 2023 18:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 194.246.36.0/24 maxlen: 24
194.247.44.0/23 maxlen: 24
45.143.160.0/24 maxlen: 24
45.143.162.0/24 maxlen: 24
45.149.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:cd:92:c7:da:17:e7:e6:e6:f8:ed:dd:11:c6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 18:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83d68207073a2fbe6de55e6279f7d5c83b05d117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5f:ff:e1:46:4b:7f:14:b7:31:fc:c3:4a:98:
3c:89:3e:93:b4:7a:5b:d2:51:12:01:b3:8a:0a:99:
1c:5a:a4:67:a5:3d:e5:01:eb:2f:38:42:fa:7a:40:
be:77:14:6e:e5:3c:74:03:71:b8:cd:6d:95:dd:4b:
ed:5d:07:d8:77:17:b2:fc:c7:a4:33:f6:db:25:0d:
78:0f:75:71:83:f0:ce:3d:36:9b:cf:04:38:04:14:
21:86:9e:91:f2:73:73:da:ec:23:1e:8b:34:34:c6:
5e:ea:6f:57:da:df:30:34:1b:44:96:41:a9:34:c5:
e2:49:75:b8:da:c4:0e:8f:90:fe:71:47:8a:a6:cc:
97:84:ab:67:8d:f2:68:f7:f6:20:b7:8c:ea:ec:7d:
92:c2:87:66:44:c4:82:3e:9c:ca:b4:3f:96:b7:a0:
32:b6:a8:f8:85:ef:2e:55:1e:b0:d1:0e:08:2d:63:
e0:37:6e:09:91:2f:d8:f7:46:b5:44:1e:ba:80:c1:
05:86:eb:50:13:8e:92:c5:ab:52:40:e2:ab:8e:d7:
1d:54:c0:11:c8:93:0f:80:1e:ad:ce:9b:23:9c:ff:
fa:38:a6:10:26:2f:af:de:3e:24:9a:74:a3:d0:20:
b0:d5:e1:8b:5d:0c:f0:74:a2:eb:54:c8:f0:89:1a:
b3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D6:82:07:07:3A:2F:BE:6D:E5:5E:62:79:F7:D5:C8:3B:05:D1:17
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/g9aCBwc6L75t5V5ieffVyDsF0Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.160.0/24
45.143.162.0/24
45.149.166.0/24
194.246.36.0/24
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
66:85:8a:6c:3b:11:5a:14:06:cd:97:f0:2b:14:10:7d:16:1a:
3b:27:a2:55:78:db:37:98:79:ad:dc:cd:16:7d:65:b0:28:a4:
5b:1f:dc:a9:31:07:30:d0:c7:bd:3a:eb:db:ba:05:da:4f:01:
80:95:2b:cb:36:8c:1f:ca:73:aa:7f:5f:d9:fd:19:40:37:8c:
8f:0d:5e:8c:41:17:ef:ea:34:06:32:a3:c9:53:3a:e8:f4:2f:
74:fc:0d:5b:ce:75:9d:18:d0:71:80:54:b9:5b:34:4f:27:dc:
fd:78:46:12:98:03:f6:91:42:29:de:bf:c3:b1:28:95:c5:fe:
1c:12:dc:e6:0b:eb:4f:10:29:bd:86:60:f8:59:e8:cf:b7:65:
20:b7:d3:a8:61:33:b5:b5:78:df:15:dd:e8:60:ff:a4:82:43:
f2:d7:d6:de:49:7f:66:50:97:ec:78:17:97:71:97:75:ce:e1:
17:44:f8:ed:98:9b:c1:e7:f7:59:6c:ff:f1:0e:3d:4a:5f:29:
9d:2f:da:2a:ec:fe:0c:ac:be:46:87:d7:5b:08:0d:89:e5:31:
3b:f8:26:e1:d4:29:ed:30:79:5d:bd:43:85:4c:05:a5:eb:07:
63:37:e9:c5:83:fb:24:6f:68:25:cc:bd:19:db:2c:cb:db:e8:
c5:0c:64:7c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVups2Sx9oX5+bm+O3dEcbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjMwMTAxMTg0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Q2ODIwNzA3M2EyZmJlNmRlNTVlNjI3OWY3ZDVjODNiMDVkMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1//4UZLfxS3MfzDSpg8iT6TtHpb
0lESAbOKCpkcWqRnpT3lAesvOEL6ekC+dxRu5Tx0A3G4zW2V3UvtXQfYdxey/Mek
M/bbJQ14D3Vxg/DOPTabzwQ4BBQhhp6R8nNz2uwjHos0NMZe6m9X2t8wNBtElkGp
NMXiSXW42sQOj5D+cUeKpsyXhKtnjfJo9/Ygt4zq7H2SwodmRMSCPpzKtD+Wt6Ay
tqj4he8uVR6w0Q4ILWPgN24JkS/Y90a1RB66gMEFhutQE46SxatSQOKrjtcdVMAR
yJMPgB6tzpsjnP/6OKYQJi+v3j4kmnSj0CCw1eGLXQzwdKLrVMjwiRqz0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIPWggcHOi++beVeYnn31cg7BdEXMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvZzlhQ0J3YzZMNzV0NVY1aWVmZlZ5RHNGMFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY+gAwQA
LY+iAwQALZWmAwQAwvYkAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQBmhYpsOxFa
FAbNl/ArFBB9Fho7J6JVeNs3mHmt3M0WfWWwKKRbH9ypMQcw0Me9OuvbugXaTwGA
lSvLNowfynOqf1/Z/RlAN4yPDV6MQRfv6jQGMqPJUzro9C90/A1bznWdGNBxgFS5
WzRPJ9z9eEYSmAP2kUIp3r/DsSiVxf4cEtzmC+tPECm9hmD4WejPt2Ugt9OoYTO1
tXjfFd3oYP+kgkPy19beSX9mUJfseBeXcZd1zuEXRPjtmJvB5/dZbP/xDj1KXymd
L9oq7P4MrL5Gh9dbCA2J5TE7+Cbh1CntMHldvUOFTAWl6wdjN+nFg/skb2glzL0Z
2yzL2+jFDGR8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:46 2023 by rpki-client on console-ams.rpki-client.org