Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/h3OmJiDymhCDNPdibrRkx_XEeKQ.roa
File: h3OmJiDymhCDNPdibrRkx_XEeKQ.roa (raw, json)
Hash identifier: BSARPN0ABHCbfDdu9wgQ8oSZsv2qyIKPbsx6wmlKjzI=
Subject key identifier: 87:73:A6:26:20:F2:9A:10:83:34:F7:62:6E:B4:64:C7:F5:C4:78:A4
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018A7705F08EDB78CC5C9D87371756BBF930
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/h3OmJiDymhCDNPdibrRkx_XEeKQ.roa
Signing time: Fri 08 Sep 2023 22:59:52 +0000
ROA not before: Fri 08 Sep 2023 22:59:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.150.52.0/24 maxlen: 24
95.214.176.0/24 maxlen: 24
91.238.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Oct 2023 18:18:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:77:05:f0:8e:db:78:cc:5c:9d:87:37:17:56:bb:f9:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Sep 8 22:59:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8773a62620f29a108334f7626eb464c7f5c478a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5a:cf:16:5f:fd:bd:9c:d8:3d:48:82:55:55:
5b:7b:46:98:01:17:eb:10:90:d9:21:ae:02:b5:9f:
03:0f:ff:e7:2d:40:a3:37:47:ac:3f:37:66:9f:61:
38:a9:e8:4c:6b:2a:c3:1a:b9:4a:87:31:c1:f3:ab:
96:ed:c2:93:82:89:f6:f3:d8:fc:67:6a:b1:ec:8f:
87:82:63:95:10:f7:8d:d7:86:fa:3f:5d:07:37:d9:
ef:77:e5:01:54:da:6f:d8:ea:13:48:07:3a:6a:9c:
6f:3a:72:ba:08:92:72:cc:7d:36:6f:12:ef:6c:e6:
b6:e7:3e:46:61:a5:5d:87:b3:f2:b8:42:e0:00:48:
a9:3d:7d:ac:b4:df:c5:a1:81:3a:a0:d0:a3:9b:84:
78:56:b2:cd:aa:34:9a:85:4d:f9:1d:c3:7e:af:d0:
93:a0:c5:de:41:45:c9:87:ff:8a:97:d6:23:04:64:
02:bb:4e:1b:6f:d6:b0:bf:2c:0b:0a:81:c7:6d:4a:
ad:34:77:12:b0:93:b7:06:be:0d:b9:9c:e2:4a:92:
57:3b:d7:44:f0:30:1d:0b:7a:8f:51:b0:17:da:d8:
a9:3f:db:08:f0:3b:df:75:c5:c2:ea:bc:5f:8b:d7:
0b:2a:77:d7:0e:e8:86:2d:c2:b9:ed:61:e8:3e:28:
18:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:73:A6:26:20:F2:9A:10:83:34:F7:62:6E:B4:64:C7:F5:C4:78:A4
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/h3OmJiDymhCDNPdibrRkx_XEeKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.52.0/24
91.238.93.0/24
95.214.176.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:e9:f9:d0:27:ca:53:89:d4:27:69:6e:54:84:45:75:fc:96:
c6:79:51:94:b7:e4:42:dc:54:99:0f:55:61:ba:a4:73:c0:77:
ec:55:98:ba:0a:af:09:31:bb:69:46:ff:59:9b:26:f0:fa:a0:
40:3b:83:e7:18:52:ee:8f:28:c2:cf:26:85:21:9a:e7:63:cc:
be:18:7f:fd:a3:ca:2f:93:2a:c4:84:71:f8:15:c0:a5:34:15:
6f:22:8f:ed:eb:ac:b3:bc:96:dd:23:b5:8d:81:2d:e6:b0:a5:
0f:3b:d8:f2:bc:17:6a:5d:fa:bb:af:f6:04:2b:da:ed:c9:e4:
db:f4:99:bf:21:8d:00:7d:37:89:f5:b8:b5:fe:39:6e:3b:a6:
4e:5a:f1:5c:f8:3f:87:b4:4f:d6:94:73:18:f0:9b:6d:6c:15:
fe:c2:16:e3:12:67:03:29:1b:2a:6e:4d:b4:42:4e:42:38:bd:
70:1a:c2:36:97:67:fa:3a:f8:fe:48:7c:f0:81:b1:9b:c6:2f:
f0:99:a1:8a:fc:97:a1:1f:bb:8b:4e:b1:f2:b1:ed:54:35:78:
1b:7d:5a:35:d9:ed:9b:6e:57:cb:7f:f6:db:4e:9a:43:93:ed:
ac:32:6f:6a:18:0c:55:bd:2c:e1:34:6e:a3:87:5d:d7:2d:cb:
1c:2b:d7:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYp3BfCO23jMXJ2HNxdWu/kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMwOTA4MjI1OTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzczYTYyNjIwZjI5YTEwODMzNGY3NjI2ZWI0NjRjN2Y1YzQ3OGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1rPFl/9vZzYPUiCVVVbe0aYARfr
EJDZIa4CtZ8DD//nLUCjN0esPzdmn2E4qehMayrDGrlKhzHB86uW7cKTgon289j8
Z2qx7I+HgmOVEPeN14b6P10HN9nvd+UBVNpv2OoTSAc6apxvOnK6CJJyzH02bxLv
bOa25z5GYaVdh7PyuELgAEipPX2stN/FoYE6oNCjm4R4VrLNqjSahU35HcN+r9CT
oMXeQUXJh/+Kl9YjBGQCu04bb9awvywLCoHHbUqtNHcSsJO3Br4NuZziSpJXO9dE
8DAdC3qPUbAX2tipP9sI8DvfdcXC6rxfi9cLKnfXDuiGLcK57WHoPigY3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIdzpiYg8poQgzT3Ym60ZMf1xHikMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvaDNPbUppRHltaENETlBkaWJyUmt4X1hFZUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZY0AwQA
W+5dAwQAX9awMA0GCSqGSIb3DQEBCwUAA4IBAQDN6fnQJ8pTidQnaW5UhEV1/JbG
eVGUt+RC3FSZD1VhuqRzwHfsVZi6Cq8JMbtpRv9Zmybw+qBAO4PnGFLujyjCzyaF
IZrnY8y+GH/9o8ovkyrEhHH4FcClNBVvIo/t66yzvJbdI7WNgS3msKUPO9jyvBdq
Xfq7r/YEK9rtyeTb9Jm/IY0AfTeJ9bi1/jluO6ZOWvFc+D+HtE/WlHMY8JttbBX+
whbjEmcDKRsqbk20Qk5COL1wGsI2l2f6Ovj+SHzwgbGbxi/wmaGK/JehH7uLTrHy
se1UNXgbfVo12e2bblfLf/bbTppDk+2sMm9qGAxVvSzhNG6jh13XLcscK9fl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:01 2024 by rpki-client on console-fra.rpki-client.org