Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RNjpVmifQketSoJNc3BVx7eOOQg.roa
File: RNjpVmifQketSoJNc3BVx7eOOQg.roa (raw, json)
Hash identifier: K15K9WrXwlOU2GrsWa9irqVScZxgXVC8xpAXo29iWlI=
Subject key identifier: 44:D8:E9:56:68:9F:42:47:AD:4A:82:4D:73:70:55:C7:B7:8E:39:08
Certificate issuer: /CN=4419e02f046e1bfb5927fe731ff725e469599171
Certificate serial: 0189359566C2C22F8A643E9C003918589C72
Authority key identifier: 44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RNjpVmifQketSoJNc3BVx7eOOQg.roa
Signing time: Sat 08 Jul 2023 12:58:50 +0000
ROA not before: Sat 08 Jul 2023 12:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51013
IP address blocks: 185.87.12.0/22 maxlen: 24
37.9.168.0/21 maxlen: 24
195.210.28.0/23 maxlen: 24
45.13.137.0/24 maxlen: 24
45.138.185.0/24 maxlen: 24
45.138.184.0/24 maxlen: 24
2a00:4b40::/32 maxlen: 64
2a0e:bb40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:35:95:66:c2:c2:2f:8a:64:3e:9c:00:39:18:58:9c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4419e02f046e1bfb5927fe731ff725e469599171
Validity
Not Before: Jul 8 12:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44d8e956689f4247ad4a824d737055c7b78e3908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e0:11:4f:bc:fe:f4:c6:33:36:6b:f2:2e:36:
ac:68:30:94:01:f5:0a:55:af:69:c3:35:b5:07:a6:
4f:0c:80:dd:77:83:d5:54:c9:b9:b5:97:b8:95:47:
9a:eb:cd:15:e9:72:30:ed:17:d0:b7:a2:44:24:41:
ae:31:c9:e2:74:0f:e9:ae:59:63:66:be:a1:4e:e0:
07:05:06:cf:09:16:43:b7:23:00:09:4a:df:0f:e2:
b6:a3:cd:0d:5b:94:51:94:ab:04:93:33:2f:24:b0:
7c:38:c2:ce:72:07:66:01:02:65:66:ff:1e:ee:20:
d5:85:c7:73:8b:c3:45:e5:c5:f5:43:ef:c4:4e:5e:
30:0e:fc:20:c7:a6:4a:8e:f6:88:10:12:fc:e5:81:
64:eb:90:48:ca:6e:d0:7e:9a:3c:6a:1b:66:b9:ae:
dd:16:47:12:96:7d:15:91:a0:78:87:a4:3f:7d:38:
0e:2e:6c:87:da:1f:cd:58:96:f3:d4:92:e3:fd:a5:
2e:c7:c1:68:5b:ca:9b:15:17:b7:71:e0:83:28:02:
66:0d:7d:ab:56:f1:1e:11:3d:b6:68:10:8b:a1:29:
f0:fd:87:41:f0:70:7f:12:f4:9d:31:cf:6e:fb:ae:
a8:af:bb:04:98:f2:d5:70:77:0f:97:ae:97:27:35:
be:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D8:E9:56:68:9F:42:47:AD:4A:82:4D:73:70:55:C7:B7:8E:39:08
X509v3 Authority Key Identifier:
keyid:44:19:E0:2F:04:6E:1B:FB:59:27:FE:73:1F:F7:25:E4:69:59:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBngLwRuG_tZJ_5zH_cl5GlZkXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RNjpVmifQketSoJNc3BVx7eOOQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4de665-a7e3-440b-93a7-f9b7836f2391/1/RBngLwRuG_tZJ_5zH_cl5GlZkXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.168.0/21
45.13.137.0/24
45.138.184.0/23
185.87.12.0/22
195.210.28.0/23
IPv6:
2a00:4b40::/32
2a0e:bb40::/48
Signature Algorithm: sha256WithRSAEncryption
76:56:0b:51:e5:99:d6:bc:c4:93:15:70:56:fb:d1:7f:06:24:
cd:22:a4:8f:bb:62:6d:12:54:77:6f:e2:79:c4:c5:9e:3c:8a:
8e:dc:ad:2f:af:7d:2f:a0:f3:7d:b1:4a:0e:79:e9:d1:6a:ff:
3d:f0:78:8f:ea:0f:c5:98:55:2b:c4:97:a3:79:7a:2d:44:8a:
ab:1a:06:0c:7e:d1:b6:a1:74:51:c6:99:ad:d2:ee:9b:31:c7:
fc:cd:28:d4:a9:ae:4c:83:da:16:10:85:26:b2:b0:4b:82:e5:
66:7c:9f:73:94:cb:cc:82:27:a2:e2:09:77:bb:02:29:35:56:
81:55:56:8c:69:79:a5:41:ea:8a:81:72:fd:fa:93:85:d2:b4:
8d:63:61:02:07:53:ce:73:8a:20:db:e3:b3:13:7f:73:b7:0b:
e6:1c:eb:67:7d:d8:2d:8d:26:f0:f0:2c:c4:4d:1f:23:7b:77:
87:d3:e6:98:d9:74:37:8f:f1:95:a6:0b:ac:c0:19:f4:36:6f:
e4:63:1b:13:9e:44:ed:39:53:fb:02:cb:82:a9:4e:cb:71:1a:
fc:c7:7d:98:2e:78:24:2f:02:76:fa:4a:9a:e2:cc:f1:2b:4c:
e0:17:a9:bc:37:ba:9f:c3:bd:7a:ca:3b:23:78:e0:76:f3:b1:
f6:e8:fc:0e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYk1lWbCwi+KZD6cADkYWJxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MTllMDJmMDQ2ZTFiZmI1OTI3ZmU3MzFmZjcyNWU0Njk1
OTkxNzEwHhcNMjMwNzA4MTI1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ4ZTk1NjY4OWY0MjQ3YWQ0YTgyNGQ3MzcwNTVjN2I3OGUzOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+ART7z+9MYzNmvyLjasaDCUAfUK
Va9pwzW1B6ZPDIDdd4PVVMm5tZe4lUea680V6XIw7RfQt6JEJEGuMcnidA/prllj
Zr6hTuAHBQbPCRZDtyMACUrfD+K2o80NW5RRlKsEkzMvJLB8OMLOcgdmAQJlZv8e
7iDVhcdzi8NF5cX1Q+/ETl4wDvwgx6ZKjvaIEBL85YFk65BIym7Qfpo8ahtmua7d
FkcSln0VkaB4h6Q/fTgOLmyH2h/NWJbz1JLj/aUux8FoW8qbFRe3ceCDKAJmDX2r
VvEeET22aBCLoSnw/YdB8HB/EvSdMc9u+66or7sEmPLVcHcPl66XJzW+UQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFETY6VZon0JHrUqCTXNwVce3jjkIMB8GA1UdIwQY
MBaAFEQZ4C8Ebhv7WSf+cx/3JeRpWZFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkJuZ0x3UnVHX3RaSl81ekhfY2w1R2xaa1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZGU2NjUtYTdlMy00NDBiLTkzYTct
ZjliNzgzNmYyMzkxLzEvUk5qcFZtaWZRa2V0U29KTmMzQlZ4N2VPT1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZGU2NjUtYTdlMy00NDBiLTkzYTctZjliNzgzNmYyMzkx
LzEvUkJuZ0x3UnVHX3RaSl81ekhfY2w1R2xaa1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQDJQmoAwQA
LQ2JAwQBLYq4AwQCuVcMAwQBw9IcMBYEAgACMBADBQAqAEtAAwcAKg67QAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQB2VgtR5ZnWvMSTFXBW+9F/BiTNIqSPu2JtElR3b+J5
xMWePIqO3K0vr30voPN9sUoOeenRav898HiP6g/FmFUrxJejeXotRIqrGgYMftG2
oXRRxpmt0u6bMcf8zSjUqa5Mg9oWEIUmsrBLguVmfJ9zlMvMgiei4gl3uwIpNVaB
VVaMaXmlQeqKgXL9+pOF0rSNY2ECB1POc4og2+OzE39ztwvmHOtnfdgtjSbw8CzE
TR8je3eH0+aY2XQ3j/GVpguswBn0Nm/kYxsTnkTtOVP7AsuCqU7LcRr8x32YLngk
LwJ2+kqa4szxK0zgF6m8N7qfw716yjsjeOB287H26PwO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:54 2024 by rpki-client on console-ams.rpki-client.org