Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/9w-IEQH7iLhp33yUB6higd1XD1o.roa
File: 9w-IEQH7iLhp33yUB6higd1XD1o.roa (raw, json)
Hash identifier: 0U6eQJJDHqM1vlujpRzf6uMHu15nDvNaOeb/T9LdFK8=
Subject key identifier: F7:0F:88:11:01:FB:88:B8:69:DF:7C:94:07:A8:62:81:DD:57:0F:5A
Certificate issuer: /CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Certificate serial: 018A978F5EEEF271FF16C21EBCFBBFEC417F
Authority key identifier: AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/9w-IEQH7iLhp33yUB6higd1XD1o.roa
Signing time: Fri 15 Sep 2023 06:37:50 +0000
ROA not before: Fri 15 Sep 2023 06:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209500
IP address blocks: 193.31.7.0/24 maxlen: 24
46.226.121.0/24 maxlen: 24
45.182.188.0/24 maxlen: 24
85.193.79.0/24 maxlen: 24
103.14.1.0/24 maxlen: 24
83.229.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:97:8f:5e:ee:f2:71:ff:16:c2:1e:bc:fb:bf:ec:41:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acf6ea0ffb2aee4f76ee1a1048969b8b5065da45
Validity
Not Before: Sep 15 06:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f70f881101fb88b869df7c9407a86281dd570f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d4:6c:98:a0:b1:69:c7:a9:c2:6b:80:c6:f4:
d2:74:8f:e5:80:c7:af:b4:90:74:ff:95:86:43:a4:
7f:70:a9:72:bc:a7:d1:bc:88:cb:74:e9:69:de:d6:
3b:0f:c1:74:1c:40:69:0a:ab:2c:a4:94:05:0c:85:
f4:3e:05:67:9e:a6:18:a2:13:0a:91:57:f1:7f:d9:
71:ce:e8:b4:e8:59:37:d2:a1:7b:55:b4:eb:54:7f:
ac:da:c7:4d:d4:ed:78:bf:65:59:d0:9a:03:ec:ab:
7f:c4:cf:09:f4:67:44:92:a8:0e:1a:53:23:e8:50:
80:5e:44:e9:3c:f3:b8:f4:0a:62:82:da:75:61:24:
d6:08:98:24:56:7f:52:6a:e9:b5:5d:25:e4:80:8a:
83:c8:62:35:0f:b9:44:20:fa:70:57:ed:2e:21:5b:
86:ce:06:ca:47:33:77:16:ac:7e:3b:0d:61:be:67:
f1:40:98:df:7e:92:76:70:95:00:9b:98:8b:61:b9:
f5:50:f0:3f:71:08:f3:38:d4:11:92:f8:a3:35:1f:
eb:88:f7:55:2c:f4:ac:4f:05:3a:e1:bf:a2:7c:db:
a3:74:57:a1:d0:c2:3e:b2:c9:21:6e:df:0e:2c:4e:
42:a0:a1:0d:f8:33:c1:8a:58:70:da:b0:f1:24:9c:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0F:88:11:01:FB:88:B8:69:DF:7C:94:07:A8:62:81:DD:57:0F:5A
X509v3 Authority Key Identifier:
keyid:AC:F6:EA:0F:FB:2A:EE:4F:76:EE:1A:10:48:96:9B:8B:50:65:DA:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPbqD_sq7k927hoQSJabi1Bl2kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/9w-IEQH7iLhp33yUB6higd1XD1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/34439e-9cd2-44c5-9cfd-555f3f18e54f/1/rPbqD_sq7k927hoQSJabi1Bl2kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.182.188.0/24
46.226.121.0/24
83.229.62.0/24
85.193.79.0/24
103.14.1.0/24
193.31.7.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c5:2c:72:08:3c:c7:ba:59:5e:82:0e:6e:31:0c:17:7d:92:
24:23:28:ba:2f:d6:f2:a2:f4:cd:91:9f:0c:61:eb:2d:83:68:
40:ea:33:94:5f:d2:4a:0c:19:34:fb:54:98:88:e8:5e:a6:4f:
39:87:4b:43:6a:b3:33:92:fc:f8:e6:5c:59:3b:9d:81:66:d3:
9a:48:c8:69:2a:10:ac:d6:40:78:2d:a1:8b:56:d2:ac:7e:3f:
7a:a1:4e:0b:b0:23:d1:78:8d:c9:13:8b:4b:12:92:38:41:e5:
64:df:15:1b:94:ce:04:54:5c:7c:b6:ab:ed:66:59:c9:c0:23:
26:43:a9:b5:12:fc:ff:6e:db:5d:d8:f1:f8:d2:0c:f2:46:46:
56:b5:4d:a0:a2:3f:a2:fe:78:b6:ba:f5:8c:d0:30:be:ef:ab:
63:38:8f:2e:a8:b9:39:be:61:96:ef:ea:b5:33:40:dc:a5:1e:
95:4b:89:82:aa:35:9c:86:4e:f5:a8:0c:75:a0:d9:71:24:6a:
f1:3a:a7:83:bb:41:c3:e9:a6:3f:3e:b4:e9:5e:99:3a:ea:08:
61:4a:24:7f:0d:fe:30:fe:d4:92:d5:d5:fa:37:47:e1:69:8e:
98:bd:92:db:1f:8e:ef:b3:c0:b7:04:e9:e8:1b:c8:22:c2:97:
f7:e6:35:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqXj17u8nH/FsIevPu/7EF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZjZlYTBmZmIyYWVlNGY3NmVlMWExMDQ4OTY5YjhiNTA2
NWRhNDUwHhcNMjMwOTE1MDYzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBmODgxMTAxZmI4OGI4NjlkZjdjOTQwN2E4NjI4MWRkNTcwZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tRsmKCxacepwmuAxvTSdI/lgMev
tJB0/5WGQ6R/cKlyvKfRvIjLdOlp3tY7D8F0HEBpCqsspJQFDIX0PgVnnqYYohMK
kVfxf9lxzui06Fk30qF7VbTrVH+s2sdN1O14v2VZ0JoD7Kt/xM8J9GdEkqgOGlMj
6FCAXkTpPPO49Apigtp1YSTWCJgkVn9Saum1XSXkgIqDyGI1D7lEIPpwV+0uIVuG
zgbKRzN3Fqx+Ow1hvmfxQJjffpJ2cJUAm5iLYbn1UPA/cQjzONQRkvijNR/riPdV
LPSsTwU64b+ifNujdFeh0MI+sskhbt8OLE5CoKEN+DPBilhw2rDxJJyxeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPcPiBEB+4i4ad98lAeoYoHdVw9aMB8GA1UdIwQY
MBaAFKz26g/7Ku5Pdu4aEEiWm4tQZdpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQt
NTU1ZjNmMThlNTRmLzEvOXctSUVRSDdpTGhwMzN5VUI2aGlnZDFYRDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNDQzOWUtOWNkMi00NGM1LTljZmQtNTU1ZjNmMThlNTRm
LzEvclBicURfc3E3azkyN2hvUVNKYWJpMUJsMmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALba8AwQA
LuJ5AwQAU+U+AwQAVcFPAwQAZw4BAwQAwR8HMA0GCSqGSIb3DQEBCwUAA4IBAQAi
xSxyCDzHullegg5uMQwXfZIkIyi6L9byovTNkZ8MYestg2hA6jOUX9JKDBk0+1SY
iOhepk85h0tDarMzkvz45lxZO52BZtOaSMhpKhCs1kB4LaGLVtKsfj96oU4LsCPR
eI3JE4tLEpI4QeVk3xUblM4EVFx8tqvtZlnJwCMmQ6m1Evz/bttd2PH40gzyRkZW
tU2goj+i/ni2uvWM0DC+76tjOI8uqLk5vmGW7+q1M0DcpR6VS4mCqjWchk71qAx1
oNlxJGrxOqeDu0HD6aY/PrTpXpk66ghhSiR/Df4w/tSS1dX6N0fhaY6YvZLbH47v
s8C3BOnoG8giwpf35jW2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:24 2024 by rpki-client on console-ams.rpki-client.org