Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/9GCBM72OM6XonQjgEmxbrAXXJS4.roa
File: 9GCBM72OM6XonQjgEmxbrAXXJS4.roa (raw, json)
Hash identifier: F0EqHELfcBT0Ww9pfN7g9Bc0PHmBxmj5ovq1HjPQ4nI=
Subject key identifier: F4:60:81:33:BD:8E:33:A5:E8:9D:08:E0:12:6C:5B:AC:05:D7:25:2E
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018570B07ED360131AE5A0D47BA36AB57A41
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/9GCBM72OM6XonQjgEmxbrAXXJS4.roa
Signing time: Mon 02 Jan 2023 04:14:53 +0000
ROA not before: Mon 02 Jan 2023 04:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50131
IP address blocks: 194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
Validation: Failed, certificate revoked on Tue 04 Jul 2023 16:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:7e:d3:60:13:1a:e5:a0:d4:7b:a3:6a:b5:7a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 2 04:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4608133bd8e33a5e89d08e0126c5bac05d7252e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:11:4d:85:53:6f:3a:ca:ab:76:c3:e2:02:
3c:21:83:7b:f3:43:04:3f:01:6d:6a:8d:0f:c7:1d:
f3:81:66:db:8f:9c:3d:e9:b4:5d:4a:73:04:88:63:
cc:0f:d1:a0:ab:aa:1e:b6:94:d5:52:29:92:e4:3e:
53:af:94:67:2b:a8:38:88:1b:e4:ce:fd:70:e8:49:
61:64:c6:38:c3:43:38:17:0a:87:c2:b0:b0:4e:ae:
ed:5f:65:de:4e:9b:c9:f9:40:40:49:03:02:b2:f5:
2e:f3:a7:8c:ea:77:2f:83:14:fb:84:da:09:20:58:
fe:a7:87:65:9f:62:13:60:03:2d:02:63:de:b4:e5:
31:3c:50:80:67:59:08:6e:fe:ee:e5:b1:b8:05:f6:
e7:85:7e:0b:a5:2a:2f:53:bf:04:8c:7f:21:70:24:
d4:83:58:7f:f8:8f:aa:fa:b5:bf:3a:a6:dc:60:6f:
f5:14:99:72:cf:e2:a7:3e:c4:1b:32:52:b3:21:9f:
1b:33:5a:fd:13:f7:f9:67:54:51:34:1d:ff:e5:09:
32:24:e4:c4:a6:a7:ea:00:cf:86:03:76:6c:34:4a:
7a:0d:5b:04:a5:5e:ec:f0:a1:21:e6:a3:10:e0:76:
55:07:e7:5f:32:e7:7f:a7:9c:4e:b8:3a:e5:7a:fe:
bf:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:60:81:33:BD:8E:33:A5:E8:9D:08:E0:12:6C:5B:AC:05:D7:25:2E
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/9GCBM72OM6XonQjgEmxbrAXXJS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
Signature Algorithm: sha256WithRSAEncryption
95:e8:13:27:e9:49:ca:2f:f8:a7:eb:f6:78:ac:20:e4:46:ff:
67:a0:b5:c0:34:38:fc:39:e8:ad:3f:75:b8:89:b7:f2:d9:d1:
78:40:0b:f6:f6:37:63:55:e4:3a:77:3d:0f:d0:2c:37:57:db:
bb:71:b7:9e:6d:61:e8:7f:91:e1:f4:51:81:5a:e4:e8:df:eb:
b4:e0:24:ad:8f:a7:da:d6:2b:8e:7a:d5:81:a3:c3:62:ce:78:
98:b5:a2:c2:46:ab:78:c5:67:55:a0:46:86:a1:83:64:ab:ae:
7c:9e:d4:da:53:e4:4a:ec:d1:f6:29:f8:bf:24:db:1c:48:b3:
f9:30:37:59:0e:c5:cb:4d:ef:8d:bf:a9:29:25:5f:ff:51:c8:
0f:59:12:f9:b8:9d:03:2b:e3:ba:4e:5d:e7:80:f5:9a:13:b3:
02:49:b3:8c:6b:36:cb:87:8c:13:4d:b4:20:f8:00:98:d6:be:
15:6a:84:7e:d4:02:31:f8:0b:b3:7c:9c:42:6b:cd:97:cd:d1:
17:8b:dc:80:4b:0d:50:e8:f9:b3:f7:7f:31:80:56:44:de:97:
23:1f:90:9a:9a:ff:93:20:24:66:e4:78:d8:50:b8:86:1c:9e:
9f:8f:18:fe:61:a6:d2:29:d2:a1:31:5d:ff:0b:f6:0b:53:9d:
f8:bb:18:f2
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVwsH7TYBMa5aDUe6NqtXpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjMwMTAyMDQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYwODEzM2JkOGUzM2E1ZTg5ZDA4ZTAxMjZjNWJhYzA1ZDcyNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGMRTYVTbzrKq3bD4gI8IYN780ME
PwFtao0Pxx3zgWbbj5w96bRdSnMEiGPMD9Ggq6oetpTVUimS5D5Tr5RnK6g4iBvk
zv1w6ElhZMY4w0M4FwqHwrCwTq7tX2XeTpvJ+UBASQMCsvUu86eM6ncvgxT7hNoJ
IFj+p4dln2ITYAMtAmPetOUxPFCAZ1kIbv7u5bG4BfbnhX4LpSovU78EjH8hcCTU
g1h/+I+q+rW/OqbcYG/1FJlyz+KnPsQbMlKzIZ8bM1r9E/f5Z1RRNB3/5QkyJOTE
pqfqAM+GA3ZsNEp6DVsEpV7s8KEh5qMQ4HZVB+dfMud/p5xOuDrlev6/7wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPRggTO9jjOl6J0I4BJsW6wF1yUuMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvOUdDQk03Mk9NNlhvblFqZ0VteGJyQVhYSlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCLY6cAwQC
LZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQBwdrIAwQBwd1eAwQBwnzaAwQB
wnzgMAwDBAHCk2IDBAHCk2QwDQYJKoZIhvcNAQELBQADggEBAJXoEyfpScov+Kfr
9nisIORG/2egtcA0OPw56K0/dbiJt/LZ0XhAC/b2N2NV5Dp3PQ/QLDdX27txt55t
Yeh/keH0UYFa5Ojf67TgJK2Pp9rWK4561YGjw2LOeJi1osJGq3jFZ1WgRoahg2Sr
rnye1NpT5Ers0fYp+L8k2xxIs/kwN1kOxctN742/qSklX/9RyA9ZEvm4nQMr47pO
XeeA9ZoTswJJs4xrNsuHjBNNtCD4AJjWvhVqhH7UAjH4C7N8nEJrzZfN0ReL3IBL
DVDo+bP3fzGAVkTelyMfkJqa/5MgJGbkeNhQuIYcnp+PGP5hptIp0qExXf8L9gtT
nfi7GPI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:57 2024 by rpki-client on console-fra.rpki-client.org