Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/9bQ8RNwXmuWSnuxmxblztxDspdc.roa
File: 9bQ8RNwXmuWSnuxmxblztxDspdc.roa (raw, json)
Hash identifier: HhaXLynE9N3Fr8wSVXNV6fT8XB7gEBwUvbsnuNZuZb8=
Subject key identifier: F5:B4:3C:44:DC:17:9A:E5:92:9E:EC:66:C5:B9:73:B7:10:EC:A5:D7
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 01856BB800AE672678A3361818769A0ECDDB
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/9bQ8RNwXmuWSnuxmxblztxDspdc.roa
Signing time: Sun 01 Jan 2023 05:04:58 +0000
ROA not before: Sun 01 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43915
IP address blocks: 193.35.146.0/23 maxlen: 23
87.117.68.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
195.206.172.0/22 maxlen: 24
185.147.184.0/22 maxlen: 22
217.14.184.0/21 maxlen: 21
109.224.226.0/23 maxlen: 24
178.248.128.0/21 maxlen: 21
109.224.240.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
147.189.156.0/22 maxlen: 24
185.161.4.0/22 maxlen: 22
87.117.64.0/22 maxlen: 22
213.225.224.0/22 maxlen: 24
144.178.104.0/23 maxlen: 23
217.20.244.0/22 maxlen: 24
79.135.122.0/23 maxlen: 24
144.178.118.0/23 maxlen: 23
185.23.254.0/23 maxlen: 24
45.66.36.0/22 maxlen: 22
144.178.252.0/23 maxlen: 23
2a07:5940::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 26 Jan 2023 16:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b8:00:ae:67:26:78:a3:36:18:18:76:9a:0e:cd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: Jan 1 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5b43c44dc179ae5929eec66c5b973b710eca5d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:d3:87:71:b3:0b:ca:de:86:a6:18:01:d2:
53:6a:82:ea:9c:2d:97:dc:0e:00:68:c0:ce:2c:d5:
64:50:e1:9a:b0:87:03:d8:a5:8e:82:eb:04:95:28:
e0:b4:76:c0:46:70:cd:87:4c:bc:3d:b4:8e:11:65:
e1:1a:3d:8f:0f:8e:2e:b0:c3:f9:cd:db:e3:6c:db:
58:fd:97:0a:6d:80:b9:83:87:cb:d1:4a:9c:a7:e9:
e1:3d:aa:91:8c:59:d6:de:bd:96:d5:d3:31:ce:a8:
5f:49:c8:d1:6d:46:35:e7:43:a9:3d:8b:3a:91:e6:
76:b3:9b:85:65:49:83:cd:82:e9:b1:8e:5b:37:3e:
c5:9b:96:93:0c:4a:90:cd:13:a0:7a:90:5a:64:cb:
72:d0:65:e9:2b:97:e3:00:ce:fc:a3:fc:21:d8:cc:
71:3e:a4:5d:99:ce:e0:d4:1c:d5:e0:5c:7c:3a:8d:
52:74:85:ef:58:99:3d:ce:cd:fd:9b:c8:19:67:1b:
91:b6:cb:e2:90:67:4d:46:20:0b:ac:14:fe:d1:36:
58:8f:19:23:9c:1a:dc:8f:a6:a8:20:11:4a:45:b0:
7d:a9:b1:b6:5b:99:07:10:cf:df:6b:bd:26:24:b5:
4f:b6:fe:2f:38:de:ec:c6:5c:c7:c7:c3:d5:d9:66:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B4:3C:44:DC:17:9A:E5:92:9E:EC:66:C5:B9:73:B7:10:EC:A5:D7
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/9bQ8RNwXmuWSnuxmxblztxDspdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.36.0/22
79.135.122.0/23
87.117.64.0-87.117.69.255
109.224.226.0/23
109.224.234.0/23
109.224.240.0/23
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.206.172.0/22
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
7f:4e:a9:46:fc:63:04:72:77:5e:cb:b2:6c:3b:12:52:fc:df:
f5:d4:1b:9b:cf:9c:de:e2:c5:f2:b4:a5:1c:c7:01:7e:d0:e1:
8a:72:de:89:00:88:c7:81:84:83:a2:39:0d:71:7f:8b:6c:64:
04:9d:e3:65:fd:d7:14:a7:d6:aa:90:97:6f:2c:91:c0:fc:f1:
2e:c9:cc:c6:50:08:9e:6f:34:2f:27:6b:05:5a:53:58:55:7b:
74:d3:7b:c3:ff:2f:44:4d:b1:4a:26:1b:17:26:fd:ec:b2:b5:
72:77:50:99:ed:3b:e9:ba:9c:28:f4:26:af:89:e7:b3:e4:d7:
0b:59:53:3c:a3:06:d8:bc:c5:6d:e2:9b:1d:fc:5a:d2:54:33:
2a:1a:ac:52:a0:40:a8:7c:12:76:29:fb:7f:4b:ff:a0:06:1d:
11:10:fb:e2:60:89:67:8a:33:cb:97:72:e4:c4:a1:67:83:c4:
e9:78:da:08:5d:c7:d2:ea:32:11:05:ef:fb:cf:32:f0:8a:71:
b4:ae:98:1e:ec:d2:8e:4f:d4:5a:21:90:78:c7:6c:e3:48:64:
74:68:b3:b0:7c:54:18:40:37:e0:15:e2:fc:72:a9:21:f0:00:
43:74:ab:9e:ad:27:ac:d2:b0:8f:2a:96:a6:f3:16:e6:c2:be:
e3:e9:38:be
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAYVruACuZyZ4ozYYGHaaDs3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjMwMTAxMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI0M2M0NGRjMTc5YWU1OTI5ZWVjNjZjNWI5NzNiNzEwZWNhNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+3Th3GzC8rehqYYAdJTaoLqnC2X
3A4AaMDOLNVkUOGasIcD2KWOgusElSjgtHbARnDNh0y8PbSOEWXhGj2PD44usMP5
zdvjbNtY/ZcKbYC5g4fL0Uqcp+nhPaqRjFnW3r2W1dMxzqhfScjRbUY150OpPYs6
keZ2s5uFZUmDzYLpsY5bNz7Fm5aTDEqQzROgepBaZMty0GXpK5fjAM78o/wh2Mxx
PqRdmc7g1BzV4Fx8Oo1SdIXvWJk9zs39m8gZZxuRtsvikGdNRiALrBT+0TZYjxkj
nBrcj6aoIBFKRbB9qbG2W5kHEM/fa70mJLVPtv4vON7sxlzHx8PV2WYy8QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFPW0PETcF5rlkp7sZsW5c7cQ7KXXMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvOWJROFJOd1htdVdTbnV4bXhibHp0eERzcGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIt
QiQDBAFPh3owDAMEBld1QAMEAVd1RAMEAW3g4gMEAW3g6gMEAW3g8AMEAZCyaAME
AZCydgMEAZCy/AMEApO9nAMEA7L4gAMEAbkX/gMEArmTuAMEArmhBAMEAcEjkgME
AcJphgMEAcKR8gMEAsKSoAMEAsPOrAMEAtXh4AMEA9kOuAMEAtkU9DANBAIAAjAH
AwUAKgdZQDANBgkqhkiG9w0BAQsFAAOCAQEAf06pRvxjBHJ3XsuybDsSUvzf9dQb
m8+c3uLF8rSlHMcBftDhinLeiQCIx4GEg6I5DXF/i2xkBJ3jZf3XFKfWqpCXbyyR
wPzxLsnMxlAInm80LydrBVpTWFV7dNN7w/8vRE2xSiYbFyb97LK1cndQme076bqc
KPQmr4nns+TXC1lTPKMG2LzFbeKbHfxa0lQzKhqsUqBAqHwSdin7f0v/oAYdERD7
4mCJZ4ozy5dy5MShZ4PE6XjaCF3H0uoyEQXv+88y8IpxtK6YHuzSjk/UWiGQeMds
40hkdGizsHxUGEA34BXi/HKpIfAAQ3Srnq0nrNKwjyqWpvMW5sK+4+k4vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org