Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/1-NZ60hAuAt9tCJXSCxrGcCWZ1Lk.roa
File: 1-NZ60hAuAt9tCJXSCxrGcCWZ1Lk.roa (raw, json)
Hash identifier: 4kC4vIVdFh8o5q+25hvP/xk3VM+Fct9pBk41LGgOfzI=
Subject key identifier: F8:D6:7A:D2:10:2E:02:DF:6D:08:95:D2:0B:1A:C6:70:25:99:D4:B9
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018C39D95A2B9B352FB818AAB4A971B72D43
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/1-NZ60hAuAt9tCJXSCxrGcCWZ1Lk.roa
Signing time: Tue 05 Dec 2023 11:59:54 +0000
ROA not before: Tue 05 Dec 2023 11:59:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 45.89.140.0/22 maxlen: 24
45.85.216.0/22 maxlen: 24
2a0e:cb80::/29 maxlen: 29
2a12:3e80:400::/48 maxlen: 48
2a12:3e80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:d9:5a:2b:9b:35:2f:b8:18:aa:b4:a9:71:b7:2d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Dec 5 11:59:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8d67ad2102e02df6d0895d20b1ac6702599d4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:a3:f8:6f:55:26:84:74:fd:d2:94:c1:fb:
44:be:0d:83:98:0f:0e:c2:5d:2b:0b:65:06:33:17:
26:a6:51:63:ac:b6:66:b7:c0:af:57:9c:4f:b4:57:
82:01:2d:25:b2:6b:e5:2a:d5:b5:be:19:11:a4:46:
14:06:2f:c5:35:a6:94:43:26:cd:c4:28:2f:00:c1:
59:b1:73:67:87:b6:0d:06:2b:2c:2b:f9:af:50:fe:
bc:00:d2:7c:7b:db:f1:3b:ab:59:e7:27:5c:00:4f:
9f:2e:13:2b:36:79:2e:58:64:98:84:f8:7a:57:99:
eb:00:dc:f5:b8:41:46:d5:fd:94:36:51:d8:b4:4a:
d3:36:ea:80:c5:cc:d8:b9:7e:27:91:7a:29:68:51:
44:38:d7:83:d8:90:d4:fd:0e:72:1d:eb:29:4f:9a:
d4:0d:5f:ed:2a:00:e2:07:53:88:40:9b:75:72:97:
0b:72:fd:5e:d2:a9:e5:3f:f0:99:fc:87:f5:43:d7:
62:30:66:51:39:0a:01:cc:a0:14:c0:fa:2a:96:a3:
31:bb:d3:78:ca:b1:e3:a6:46:47:21:27:75:73:33:
ef:44:2a:5c:8c:5d:43:6d:3d:c3:b1:b9:a8:b3:e0:
a6:01:1b:ac:92:9e:b0:39:fb:78:96:69:e6:c1:d7:
88:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D6:7A:D2:10:2E:02:DF:6D:08:95:D2:0B:1A:C6:70:25:99:D4:B9
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/1-NZ60hAuAt9tCJXSCxrGcCWZ1Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.216.0/22
45.89.140.0/22
IPv6:
2a0e:cb80::/29
2a12:3e80:100::/48
2a12:3e80:400::/48
Signature Algorithm: sha256WithRSAEncryption
15:23:e5:de:dd:5e:2f:88:3b:34:c5:99:b1:b5:56:45:ed:fe:
ab:bb:66:cf:92:31:ac:f2:d5:58:14:a9:73:f9:31:86:bc:82:
e0:a3:dd:d5:8f:9f:45:c7:95:ee:2c:48:16:4b:ce:d1:89:ec:
eb:fa:6c:ed:f7:a7:c6:09:be:93:5d:60:39:c2:a1:2b:b6:2b:
cb:0e:b9:7a:f7:ee:d7:83:ca:4d:fc:20:92:b2:19:69:1e:7a:
01:7d:d8:73:7c:90:4c:b4:27:21:97:1c:3a:71:a7:5f:10:70:
85:2d:8f:8b:b4:2a:25:82:1f:6a:c7:3c:5b:06:b6:01:13:a4:
03:49:cb:d0:57:d9:a8:ff:51:9f:92:df:92:9f:0c:80:47:61:
9d:a2:75:23:92:b9:a5:34:e5:05:d4:a6:77:a9:18:b5:38:2d:
78:cd:14:ed:84:1c:a8:55:5d:69:8d:f2:01:5e:3a:a8:d7:5c:
07:45:da:69:22:ff:ff:28:2f:6e:5c:b6:7d:4e:20:58:c8:a0:
f1:e0:f2:d6:0e:3e:f2:82:cf:08:4c:75:b6:f5:62:12:d7:3a:
28:d3:18:91:0c:92:4e:dd:57:a3:22:e5:cd:59:1c:42:92:8b:
52:85:22:76:06:09:5e:28:9e:56:4b:17:61:13:9b:8f:d9:5f:
50:67:a7:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYw52VormzUvuBiqtKlxty1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjMxMjA1MTE1OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQ2N2FkMjEwMmUwMmRmNmQwODk1ZDIwYjFhYzY3MDI1OTlkNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUqj+G9VJoR0/dKUwftEvg2DmA8O
wl0rC2UGMxcmplFjrLZmt8CvV5xPtFeCAS0lsmvlKtW1vhkRpEYUBi/FNaaUQybN
xCgvAMFZsXNnh7YNBissK/mvUP68ANJ8e9vxO6tZ5ydcAE+fLhMrNnkuWGSYhPh6
V5nrANz1uEFG1f2UNlHYtErTNuqAxczYuX4nkXopaFFEONeD2JDU/Q5yHespT5rU
DV/tKgDiB1OIQJt1cpcLcv1e0qnlP/CZ/If1Q9diMGZROQoBzKAUwPoqlqMxu9N4
yrHjpkZHISd1czPvRCpcjF1DbT3Dsbmos+CmARuskp6wOft4lmnmwdeIKwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPjWetIQLgLfbQiV0gsaxnAlmdS5MB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvMS1OWjYwaEF1QXQ5dENKWFNDeHJHY0NXWjFMay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvZjljYWYwLTJjMmUtNDg5Ny04YTNiLWEyNmJjNjUzYjA2
Yi8xLzlxOURPWFRmTnp0d3E5ZHJFLUhIREhkZlZVcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3MDUwEgQCAAEwDAMEAi1V2AME
Ai1ZjDAfBAIAAjAZAwUDKg7LgAMHACoSPoABAAMHACoSPoAEADANBgkqhkiG9w0B
AQsFAAOCAQEAFSPl3t1eL4g7NMWZsbVWRe3+q7tmz5IxrPLVWBSpc/kxhryC4KPd
1Y+fRceV7ixIFkvO0Yns6/ps7fenxgm+k11gOcKhK7Yryw65evfu14PKTfwgkrIZ
aR56AX3Yc3yQTLQnIZccOnGnXxBwhS2Pi7QqJYIfasc8Wwa2AROkA0nL0FfZqP9R
n5Lfkp8MgEdhnaJ1I5K5pTTlBdSmd6kYtTgteM0U7YQcqFVdaY3yAV46qNdcB0Xa
aSL//ygvbly2fU4gWMig8eDy1g4+8oLPCEx1tvViEtc6KNMYkQySTt1XoyLlzVkc
QpKLUoUidgYJXiieVksXYRObj9lfUGenGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org