Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/RfE0Bgnr3L4YecFXO0l1sw2Cthw.roa
File: RfE0Bgnr3L4YecFXO0l1sw2Cthw.roa (raw, json)
Hash identifier: 7Ytcb7e/RW5AHYqz+Nb/ePAbM/NbGLm9x8aTeZSCR60=
Subject key identifier: 45:F1:34:06:09:EB:DC:BE:18:79:C1:57:3B:49:75:B3:0D:82:B6:1C
Certificate issuer: /CN=c45c98430885628971307c59b5cf241682102378
Certificate serial: 018571958805C08E520F49E5682A83EDB05E
Authority key identifier: C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/RfE0Bgnr3L4YecFXO0l1sw2Cthw.roa
Signing time: Mon 02 Jan 2023 08:25:03 +0000
ROA not before: Mon 02 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8774
IP address blocks: 195.135.213.0/24 maxlen: 24
195.135.212.0/24 maxlen: 24
195.135.215.0/24 maxlen: 24
195.135.214.0/24 maxlen: 24
109.237.4.0/22 maxlen: 22
109.237.0.0/22 maxlen: 22
109.237.8.0/22 maxlen: 22
109.237.12.0/22 maxlen: 22
185.113.211.0/24 maxlen: 24
185.113.208.0/23 maxlen: 23
185.113.210.0/24 maxlen: 24
2a05:3740::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:88:05:c0:8e:52:0f:49:e5:68:2a:83:ed:b0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c98430885628971307c59b5cf241682102378
Validity
Not Before: Jan 2 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f1340609ebdcbe1879c1573b4975b30d82b61c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:7a:f4:9c:e4:86:d9:41:17:17:ba:88:46:
22:2c:f9:0b:75:d4:e6:95:95:64:88:de:ed:a7:24:
7d:3f:7a:10:e5:06:cd:c0:d2:e1:dc:da:e1:c3:27:
f7:83:b2:4f:d1:e2:11:9e:02:56:0b:0e:08:c5:34:
1b:af:3f:2d:61:ab:8e:d0:d0:45:a9:d0:46:b7:b5:
d5:91:cc:ee:9a:56:ef:df:df:7d:e4:91:9a:6e:fb:
42:b7:ff:b0:3a:65:f2:3c:07:8c:2d:55:35:d6:c3:
fd:98:ea:33:fd:3e:c3:68:7e:d4:5c:9e:fb:1c:44:
1c:8e:80:e4:1b:97:30:56:6e:ad:1a:c1:5e:ab:df:
4b:88:5a:4c:3d:35:a7:8c:3c:35:24:65:0e:ba:16:
37:f2:a1:3e:cd:da:4e:80:71:6d:3a:61:2a:2e:ff:
fc:fd:4c:a5:9f:95:6e:16:36:8c:88:00:44:9b:2e:
ee:10:cc:1a:0f:8b:f3:ce:5c:f0:76:9b:38:ee:33:
98:24:31:64:2d:8f:e7:79:04:72:b2:39:07:43:9b:
15:56:27:4c:af:23:f2:8c:81:e1:70:c8:cf:52:9e:
2e:78:e9:77:29:0f:a5:6d:78:26:68:1a:52:51:76:
7d:c0:7d:8d:10:cb:30:d3:36:2b:f3:42:f5:4b:fb:
6f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F1:34:06:09:EB:DC:BE:18:79:C1:57:3B:49:75:B3:0D:82:B6:1C
X509v3 Authority Key Identifier:
keyid:C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/RfE0Bgnr3L4YecFXO0l1sw2Cthw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.0.0/20
185.113.208.0/22
195.135.212.0/22
IPv6:
2a05:3740::/29
Signature Algorithm: sha256WithRSAEncryption
37:b6:06:52:05:ec:16:ff:7b:4c:4e:8f:91:cc:7d:c0:03:1d:
20:3f:3e:60:ed:b9:ef:c4:14:75:56:a5:6a:84:bf:89:ff:b7:
fe:37:a5:cf:f2:c0:86:4e:d5:55:a0:0a:4d:a6:29:67:31:2d:
19:66:73:f6:fe:5c:13:43:18:42:46:94:fd:2c:e5:9d:6a:e2:
c5:ae:d0:13:2d:00:f7:27:d5:19:11:d7:06:6b:28:10:80:9d:
b2:c5:40:d7:e8:78:87:0f:62:6d:0d:75:c5:ef:21:12:fe:dd:
36:f0:77:ec:23:4b:3c:17:82:6b:2b:3b:c3:b8:96:08:36:74:
3e:36:21:a8:43:69:6d:aa:83:6f:64:89:a2:97:55:79:40:44:
75:cf:6f:94:fa:87:64:57:4a:34:4f:69:71:7f:b3:8b:d6:24:
d9:b5:a8:d8:36:18:72:d4:87:17:e8:d8:85:3c:2e:25:e0:0d:
a9:f7:13:7c:bf:2c:46:82:60:33:62:fb:b0:b8:30:91:0f:56:
b4:bc:fa:c2:d9:24:e7:2d:86:aa:17:4d:1a:4a:bd:95:9b:9c:
7e:99:7a:c6:e0:f5:95:ed:99:98:a9:48:b5:2c:74:47:86:48:
1e:94:03:f1:b7:ac:e5:e0:f1:f1:f1:a3:42:c9:d8:af:44:d3:
6b:44:4a:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxlYgFwI5SD0nlaCqD7bBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM5ODQzMDg4NTYyODk3MTMwN2M1OWI1Y2YyNDE2ODIx
MDIzNzgwHhcNMjMwMTAyMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYxMzQwNjA5ZWJkY2JlMTg3OWMxNTczYjQ5NzViMzBkODJiNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZd69JzkhtlBFxe6iEYiLPkLddTm
lZVkiN7tpyR9P3oQ5QbNwNLh3Nrhwyf3g7JP0eIRngJWCw4IxTQbrz8tYauO0NBF
qdBGt7XVkczumlbv39995JGabvtCt/+wOmXyPAeMLVU11sP9mOoz/T7DaH7UXJ77
HEQcjoDkG5cwVm6tGsFeq99LiFpMPTWnjDw1JGUOuhY38qE+zdpOgHFtOmEqLv/8
/Uyln5VuFjaMiABEmy7uEMwaD4vzzlzwdps47jOYJDFkLY/neQRysjkHQ5sVVidM
ryPyjIHhcMjPUp4ueOl3KQ+lbXgmaBpSUXZ9wH2NEMsw0zYr80L1S/tvyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEXxNAYJ69y+GHnBVztJdbMNgrYcMB8GA1UdIwQY
MBaAFMRcmEMIhWKJcTB8WbXPJBaCECN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgt
OWFiZGNhMzlkNGY3LzEvUmZFMEJnbnIzTDRZZWNGWE8wbDFzdzJDdGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgtOWFiZGNhMzlkNGY3
LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEbe0AAwQC
uXHQAwQCw4fUMA0EAgACMAcDBQMqBTdAMA0GCSqGSIb3DQEBCwUAA4IBAQA3tgZS
BewW/3tMTo+RzH3AAx0gPz5g7bnvxBR1VqVqhL+J/7f+N6XP8sCGTtVVoApNpiln
MS0ZZnP2/lwTQxhCRpT9LOWdauLFrtATLQD3J9UZEdcGaygQgJ2yxUDX6HiHD2Jt
DXXF7yES/t028HfsI0s8F4JrKzvDuJYINnQ+NiGoQ2ltqoNvZImil1V5QER1z2+U
+odkV0o0T2lxf7OL1iTZtajYNhhy1IcX6NiFPC4l4A2p9xN8vyxGgmAzYvuwuDCR
D1a0vPrC2STnLYaqF00aSr2Vm5x+mXrG4PWV7ZmYqUi1LHRHhkgelAPxt6zl4PHx
8aNCydivRNNrREpo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:21 2024 by rpki-client on console-fra.rpki-client.org