Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/8oivX7tvUIDaAbsz0oJpJTcWXL4.roa
File: 8oivX7tvUIDaAbsz0oJpJTcWXL4.roa (raw, json)
Hash identifier: 13RknsbAWydfVCdH3euVLAht7MGXNct6O4xgo5RVy20=
Subject key identifier: F2:88:AF:5F:BB:6F:50:80:DA:01:BB:33:D2:82:69:25:37:16:5C:BE
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 01856CB835C27C4C8DACF97778BE06EC058A
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/8oivX7tvUIDaAbsz0oJpJTcWXL4.roa
Signing time: Sun 01 Jan 2023 09:44:49 +0000
ROA not before: Sun 01 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43641
IP address blocks: 91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
45.11.56.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Jun 2023 14:06:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:35:c2:7c:4c:8d:ac:f9:77:78:be:06:ec:05:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 1 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f288af5fbb6f5080da01bb33d282692537165cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3a:0c:c1:9b:30:ed:e1:94:b6:df:89:89:6b:
c4:e0:ce:72:d6:59:7d:c1:65:64:d5:8e:ab:ed:e0:
46:69:64:32:52:b3:c2:74:22:9b:a6:65:08:04:9b:
ba:9d:2f:dd:c3:d9:39:cd:95:84:2f:7f:09:a9:5c:
b6:7a:21:ec:47:1d:30:f4:22:14:e3:2e:2e:9c:5c:
0a:61:61:86:87:15:ae:f0:c3:be:b9:f8:44:15:35:
02:3d:1b:57:11:57:42:be:a2:7b:dc:d6:b6:90:d7:
46:29:04:6c:df:d7:db:1a:fa:5e:66:43:f2:df:91:
c2:0f:c3:de:be:53:ea:75:53:03:6f:4b:9a:46:ab:
2e:0e:bf:4c:4c:dc:de:f1:f2:6e:c7:94:70:90:7a:
d3:56:3c:3f:7e:46:cf:12:fb:f2:d4:c6:b4:51:68:
db:f7:79:69:63:c3:6a:7b:12:d7:63:9f:b9:ca:12:
dc:61:a6:f9:06:1c:84:d3:75:c5:13:00:91:6b:79:
d1:5d:77:a2:33:18:bd:0d:11:e9:bc:2a:10:0f:04:
91:17:48:28:71:58:3a:cd:25:ae:bf:1d:ea:a8:3c:
6b:06:ba:17:bc:e8:c1:27:39:52:fc:e6:da:3c:a0:
5c:3f:bf:27:cf:d9:3e:15:96:f3:ac:5f:5c:96:18:
dc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:88:AF:5F:BB:6F:50:80:DA:01:BB:33:D2:82:69:25:37:16:5C:BE
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/8oivX7tvUIDaAbsz0oJpJTcWXL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
195.26.86.0/23
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
49:24:b5:af:33:fb:e1:1f:70:7b:0d:1d:d9:37:07:2d:94:5b:
2e:3d:74:c4:66:d8:8f:54:70:48:cd:7e:b8:d4:1d:1c:c1:a0:
ab:95:95:62:e4:e1:55:6b:c4:18:7b:e5:20:51:20:c9:dc:96:
fa:ea:40:74:0b:b0:5b:1b:6c:39:f4:a3:7a:43:29:0f:55:11:
d3:09:1a:0a:1d:bb:f3:f8:64:22:cb:21:24:48:03:92:ad:bc:
22:aa:5a:a1:64:0a:85:32:4e:59:ca:a5:6c:89:9a:ae:b1:bc:
77:64:16:3b:dc:63:eb:3f:87:f8:a5:4c:7f:91:fb:74:64:9f:
4d:bc:e1:91:33:be:e2:67:8c:6f:37:9e:7b:4c:a8:80:db:02:
ee:28:19:45:03:47:94:62:16:f5:6e:42:85:5a:89:50:7c:73:
f0:10:84:f2:1c:a3:ef:cb:e6:b8:87:27:39:64:74:92:31:1d:
79:32:09:80:4c:e8:4e:61:ac:b9:c5:c4:2e:d3:32:0b:9a:3c:
2b:d0:5c:3a:74:0a:c2:db:57:36:c1:8c:a2:3a:2d:ab:3f:a7:
4b:f5:fd:b9:13:ce:7c:75:e2:35:ef:76:ac:a1:13:a3:0d:bd:
ee:7e:ed:d7:4a:6f:a4:b4:75:07:77:cb:1c:37:43:a4:3f:17:
04:71:ff:1a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsuDXCfEyNrPl3eL4G7AWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjMwMTAxMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjg4YWY1ZmJiNmY1MDgwZGEwMWJiMzNkMjgyNjkyNTM3MTY1Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzoMwZsw7eGUtt+JiWvE4M5y1ll9
wWVk1Y6r7eBGaWQyUrPCdCKbpmUIBJu6nS/dw9k5zZWEL38JqVy2eiHsRx0w9CIU
4y4unFwKYWGGhxWu8MO+ufhEFTUCPRtXEVdCvqJ73Na2kNdGKQRs39fbGvpeZkPy
35HCD8PevlPqdVMDb0uaRqsuDr9MTNze8fJux5RwkHrTVjw/fkbPEvvy1Ma0UWjb
93lpY8NqexLXY5+5yhLcYab5BhyE03XFEwCRa3nRXXeiMxi9DRHpvCoQDwSRF0go
cVg6zSWuvx3qqDxrBroXvOjBJzlS/ObaPKBcP78nz9k+FZbzrF9clhjcYwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPKIr1+7b1CA2gG7M9KCaSU3Fly+MB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvOG9pdlg3dHZVSURhQWJzejBvSnBKVGNXWEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALQs4AwQB
LYauAwQCW96sAwQBW+rGAwQBwxpWMA0EAgACMAcDBQAqCS3BMA0GCSqGSIb3DQEB
CwUAA4IBAQBJJLWvM/vhH3B7DR3ZNwctlFsuPXTEZtiPVHBIzX641B0cwaCrlZVi
5OFVa8QYe+UgUSDJ3Jb66kB0C7BbG2w59KN6QykPVRHTCRoKHbvz+GQiyyEkSAOS
rbwiqlqhZAqFMk5ZyqVsiZqusbx3ZBY73GPrP4f4pUx/kft0ZJ9NvOGRM77iZ4xv
N557TKiA2wLuKBlFA0eUYhb1bkKFWolQfHPwEITyHKPvy+a4hyc5ZHSSMR15MgmA
TOhOYay5xcQu0zILmjwr0Fw6dArC21c2wYyiOi2rP6dL9f25E858deI173asoROj
Db3ufu3XSm+ktHUHd8scN0OkPxcEcf8a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org