Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9ZIGhVg2ZIOvMwmjRab6RORck98.roa
File: 9ZIGhVg2ZIOvMwmjRab6RORck98.roa (raw, json)
Hash identifier: 1On200Gll/IfUjO2baDU9hZb1tz+BlWaEdG26LI/fF0=
Subject key identifier: F5:92:06:85:58:36:64:83:AF:33:09:A3:45:A6:FA:44:E4:5C:93:DF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01861704181FE91EA4D1BF5E41B5C8F6DE56
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9ZIGhVg2ZIOvMwmjRab6RORck98.roa
Signing time: Fri 03 Feb 2023 11:23:09 +0000
ROA not before: Fri 03 Feb 2023 11:23:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211237
IP address blocks: 45.90.18.0/24 maxlen: 24
45.147.226.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 09:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:04:18:1f:e9:1e:a4:d1:bf:5e:41:b5:c8:f6:de:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 3 11:23:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f592068558366483af3309a345a6fa44e45c93df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d4:9d:ea:c7:6b:4a:a7:b3:78:7b:dc:69:2c:
cf:1f:20:8c:e3:b7:35:13:49:3f:0a:9f:7f:a6:4e:
99:65:63:95:bd:93:2a:c1:6e:c2:69:a1:04:37:43:
0a:d5:da:1b:32:c2:55:3c:e8:15:45:25:01:92:81:
1a:0e:0e:f8:6d:8b:d8:1e:8f:82:25:6b:23:3c:3c:
a3:20:25:95:90:e2:fa:b7:88:81:a3:4e:c0:a5:cc:
6f:6f:15:00:f2:1b:8e:41:5b:1e:9f:ba:b7:58:09:
8e:31:0d:8f:61:ce:13:87:f4:17:2c:62:4f:c5:fa:
13:da:dd:6b:69:fd:17:e2:e6:ea:8a:ea:e5:37:19:
99:23:22:7b:80:f7:47:e9:09:cc:6b:9d:e1:84:c2:
e5:1c:d0:e0:68:62:57:ac:33:23:9c:b1:03:0a:80:
ee:ff:1d:50:a1:d0:56:90:2e:ae:4a:99:06:5a:8e:
be:42:df:99:63:8d:3f:97:7d:99:28:95:2e:1b:f0:
18:a0:d1:5e:4f:a6:52:0d:e8:83:16:f8:7f:e1:74:
ff:51:71:dc:7e:0b:84:6a:56:84:2b:3a:a2:73:0c:
56:ae:cd:9b:43:db:22:08:25:46:c3:d0:a3:20:a0:
df:fd:a3:d2:a3:95:d2:4b:6f:c4:b3:cf:06:1f:3a:
e9:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:92:06:85:58:36:64:83:AF:33:09:A3:45:A6:FA:44:E4:5C:93:DF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/9ZIGhVg2ZIOvMwmjRab6RORck98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.18.0/24
45.147.226.0/24
185.246.113.0/24
194.147.17.0/24
Signature Algorithm: sha256WithRSAEncryption
45:59:92:be:4c:60:94:ea:b1:f5:e6:dd:7e:4a:6f:72:3b:ab:
9c:fd:af:e0:32:fe:ce:e2:96:19:e5:3f:b7:83:8b:15:94:0e:
b0:46:ce:77:13:da:33:b5:69:0e:14:3a:02:5a:0f:0c:10:b8:
0d:55:f9:88:ec:f0:c4:43:52:f1:92:3e:75:d3:2a:ff:29:f7:
84:6e:71:04:7d:40:60:6a:e2:a5:35:3f:bf:da:dc:96:ed:8e:
e0:18:88:95:b3:42:58:17:34:18:8a:78:69:fc:2a:08:ae:80:
f9:25:ca:6c:65:76:13:2e:47:1d:b2:9b:23:5b:31:6b:92:5d:
e9:54:39:7c:70:46:75:a7:b5:b1:d6:c6:72:61:98:90:a4:67:
23:07:e8:43:69:11:33:61:a5:75:52:a6:84:e7:41:33:cf:d9:
23:32:ee:12:55:fd:9e:89:fa:2f:66:f8:be:bf:17:32:50:48:
c1:63:64:52:82:53:21:28:d9:7b:3a:bd:7f:b9:6f:42:74:cb:
e6:70:a5:80:0f:c9:16:70:7a:8c:4e:45:6f:c2:bd:cf:7c:ef:
83:9d:17:2c:39:7d:06:79:56:4f:1d:89:75:6f:77:3a:f9:a6:
23:b1:f0:86:1d:aa:ba:4c:7c:08:13:6f:c5:1b:e7:4f:e1:01:
a5:de:dd:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYXBBgf6R6k0b9eQbXI9t5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMjAzMTEyMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkyMDY4NTU4MzY2NDgzYWYzMzA5YTM0NWE2ZmE0NGU0NWM5M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldSd6sdrSqezeHvcaSzPHyCM47c1
E0k/Cp9/pk6ZZWOVvZMqwW7CaaEEN0MK1dobMsJVPOgVRSUBkoEaDg74bYvYHo+C
JWsjPDyjICWVkOL6t4iBo07ApcxvbxUA8huOQVsen7q3WAmOMQ2PYc4Th/QXLGJP
xfoT2t1raf0X4ubqiurlNxmZIyJ7gPdH6QnMa53hhMLlHNDgaGJXrDMjnLEDCoDu
/x1QodBWkC6uSpkGWo6+Qt+ZY40/l32ZKJUuG/AYoNFeT6ZSDeiDFvh/4XT/UXHc
fguEalaEKzqicwxWrs2bQ9siCCVGw9CjIKDf/aPSo5XSS2/Es88GHzrpZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPWSBoVYNmSDrzMJo0Wm+kTkXJPfMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvOVpJR2hWZzJaSU92TXdtalJhYjZST1Jjazk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVoSAwQA
LZPiAwQAufZxAwQAwpMRMA0GCSqGSIb3DQEBCwUAA4IBAQBFWZK+TGCU6rH15t1+
Sm9yO6uc/a/gMv7O4pYZ5T+3g4sVlA6wRs53E9oztWkOFDoCWg8MELgNVfmI7PDE
Q1Lxkj510yr/KfeEbnEEfUBgauKlNT+/2tyW7Y7gGIiVs0JYFzQYinhp/CoIroD5
JcpsZXYTLkcdspsjWzFrkl3pVDl8cEZ1p7Wx1sZyYZiQpGcjB+hDaREzYaV1UqaE
50Ezz9kjMu4SVf2eifovZvi+vxcyUEjBY2RSglMhKNl7Or1/uW9CdMvmcKWAD8kW
cHqMTkVvwr3PfO+DnRcsOX0GeVZPHYl1b3c6+aYjsfCGHaq6THwIE2/FG+dP4QGl
3t2g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org