Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/m72HfmnavRwpuW3JEt61IO2ugv8.roa
File: m72HfmnavRwpuW3JEt61IO2ugv8.roa (raw, json)
Hash identifier: 3KUTc0TXmHGVhT6P8y+keyi5Y2LkSfAipZOp4UBWtYw=
Subject key identifier: 9B:BD:87:7E:69:DA:BD:1C:29:B9:6D:C9:12:DE:B5:20:ED:AE:82:FF
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 018632890D93EAC4A245A42453C5E32A8C25
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/m72HfmnavRwpuW3JEt61IO2ugv8.roa
Signing time: Wed 08 Feb 2023 19:38:08 +0000
ROA not before: Wed 08 Feb 2023 19:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208905
IP address blocks: 45.80.88.0/23 maxlen: 23
45.80.89.0/24 maxlen: 24
45.80.88.0/22 maxlen: 22
45.80.88.0/24 maxlen: 24
45.80.90.0/23 maxlen: 23
45.80.90.0/24 maxlen: 24
45.80.91.0/24 maxlen: 24
78.138.56.0/24 maxlen: 24
78.138.57.0/24 maxlen: 24
78.138.56.0/23 maxlen: 23
78.138.60.0/24 maxlen: 24
78.138.59.0/24 maxlen: 24
2a0e:9cc0::/32 maxlen: 32
2a0e:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:32:89:0d:93:ea:c4:a2:45:a4:24:53:c5:e3:2a:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Feb 8 19:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bbd877e69dabd1c29b96dc912deb520edae82ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:77:d4:47:57:ba:5b:6b:5c:2b:d0:41:4e:77:
1d:5b:56:af:ef:d9:4e:de:91:a0:a1:b6:da:f5:25:
3d:4e:5e:0c:f0:2e:99:66:a3:64:59:4f:dd:7c:0d:
ec:54:78:45:57:f0:db:51:46:a6:a2:86:94:d5:38:
bf:fa:70:68:d8:4e:c7:d4:f5:3d:0d:ba:b8:40:e5:
b1:36:ff:b8:2c:02:5f:b5:e6:d5:14:26:68:aa:f3:
11:d9:25:30:6f:ae:ab:4f:c4:9c:d7:b6:8a:18:96:
3c:06:03:af:f4:c0:d3:a3:1b:6c:71:7c:6f:b4:b8:
9c:1b:15:79:ca:7b:a1:b9:d2:7b:6a:66:27:b9:d5:
d0:aa:0c:bb:ef:13:0b:5a:7d:dc:71:56:2a:24:78:
20:34:e6:73:29:8e:f4:f4:ae:91:4c:2e:16:da:8e:
00:b8:32:1f:06:8d:d1:2d:9c:da:7c:a9:25:4a:6b:
b4:50:5f:f9:93:d6:63:46:26:a7:d7:19:af:11:82:
cd:f5:98:00:cb:35:4d:95:fc:6a:a9:eb:49:8a:d1:
e9:f0:9b:32:ba:07:f9:99:e8:11:2d:15:c1:6d:5a:
92:3a:e7:f9:d8:99:86:70:5f:97:c3:47:87:ce:04:
42:a0:bb:ca:e2:60:8d:43:14:c2:99:86:d1:20:11:
ce:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BD:87:7E:69:DA:BD:1C:29:B9:6D:C9:12:DE:B5:20:ED:AE:82:FF
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/m72HfmnavRwpuW3JEt61IO2ugv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.88.0/22
78.138.56.0/23
78.138.59.0-78.138.60.255
IPv6:
2a0e:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:9e:68:d9:cf:ef:1d:36:0b:bf:7d:59:b1:f4:5e:bb:ee:0e:
14:06:b0:b7:43:da:4f:60:9a:2d:d8:f9:01:5c:7e:f6:70:1c:
5b:b1:25:7c:9d:72:f0:bd:c6:bc:73:f9:1a:03:bd:95:1d:16:
e3:a5:b3:fb:18:dd:5c:dc:a5:5b:88:48:0b:27:f3:52:d4:44:
3a:0c:4e:55:09:51:9d:e2:f1:77:dd:a3:57:60:48:bb:4c:a4:
b5:85:2f:8b:0b:9c:4b:22:4c:85:bb:ae:a6:f4:11:5c:b1:81:
72:85:4b:08:7b:56:cd:ef:1a:fb:bb:e3:01:53:60:7f:c5:de:
4c:ae:17:97:af:12:14:b0:71:a6:14:bc:8f:f2:63:13:00:9b:
35:bd:bd:f6:aa:7b:d3:f8:c2:5a:e4:6a:c6:01:f3:1e:b6:88:
f2:02:6e:5b:84:02:70:58:e6:26:27:d5:21:33:c6:51:c1:21:
33:50:e7:9d:30:54:14:f6:5c:60:72:1f:7d:ef:55:35:cc:94:
d9:c5:da:6e:f6:d0:36:49:a9:17:78:ee:cb:97:eb:7c:9e:e6:
0a:93:57:54:27:48:08:22:3b:b3:d0:8e:1e:14:08:14:d9:c8:
f0:3e:04:d2:18:8c:12:7f:c0:c6:24:1d:0c:78:54:fd:31:ce:
f8:da:af:2c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYYyiQ2T6sSiRaQkU8XjKowlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjMwMjA4MTkzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJkODc3ZTY5ZGFiZDFjMjliOTZkYzkxMmRlYjUyMGVkYWU4MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93fUR1e6W2tcK9BBTncdW1av79lO
3pGgobba9SU9Tl4M8C6ZZqNkWU/dfA3sVHhFV/DbUUamooaU1Ti/+nBo2E7H1PU9
Dbq4QOWxNv+4LAJftebVFCZoqvMR2SUwb66rT8Sc17aKGJY8BgOv9MDToxtscXxv
tLicGxV5ynuhudJ7amYnudXQqgy77xMLWn3ccVYqJHggNOZzKY709K6RTC4W2o4A
uDIfBo3RLZzafKklSmu0UF/5k9ZjRian1xmvEYLN9ZgAyzVNlfxqqetJitHp8Jsy
ugf5megRLRXBbVqSOuf52JmGcF+Xw0eHzgRCoLvK4mCNQxTCmYbRIBHOzQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJu9h35p2r0cKbltyRLetSDtroL/MB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvbTcySGZtbmF2UndwdVczSkV0NjFJTzJ1Z3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLVBYAwQB
Too4MAwDBABOijsDBABOijwwDQQCAAIwBwMFAyoOnMAwDQYJKoZIhvcNAQELBQAD
ggEBAA2eaNnP7x02C799WbH0XrvuDhQGsLdD2k9gmi3Y+QFcfvZwHFuxJXydcvC9
xrxz+RoDvZUdFuOls/sY3VzcpVuISAsn81LURDoMTlUJUZ3i8Xfdo1dgSLtMpLWF
L4sLnEsiTIW7rqb0EVyxgXKFSwh7Vs3vGvu74wFTYH/F3kyuF5evEhSwcaYUvI/y
YxMAmzW9vfaqe9P4wlrkasYB8x62iPICbluEAnBY5iYn1SEzxlHBITNQ550wVBT2
XGByH33vVTXMlNnF2m720DZJqRd47suX63ye5gqTV1QnSAgiO7PQjh4UCBTZyPA+
BNIYjBJ/wMYkHQx4VP0xzvjaryw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org