Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7zxIiW3tnTl_Djwi5OyiGPIwavQ.roa
File: 7zxIiW3tnTl_Djwi5OyiGPIwavQ.roa (raw, json)
Hash identifier: jcKwNhj+Kn8BZcQ2b14Jpw8Ly+T1uwVcSmnwTCS9WtU=
Subject key identifier: EF:3C:48:89:6D:ED:9D:39:7F:0E:3C:22:E4:EC:A2:18:F2:30:6A:F4
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018970404506394B729C90449242F4CA6A58
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7zxIiW3tnTl_Djwi5OyiGPIwavQ.roa
Signing time: Wed 19 Jul 2023 22:23:27 +0000
ROA not before: Wed 19 Jul 2023 22:23:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52423
IP address blocks: 45.85.85.0/24 maxlen: 24
185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
45.85.86.0/24 maxlen: 24
77.243.92.0/24 maxlen: 32
185.190.80.0/24 maxlen: 32
77.243.94.0/24 maxlen: 32
185.184.141.0/24 maxlen: 32
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
45.130.72.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 14:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:70:40:45:06:39:4b:72:9c:90:44:92:42:f4:ca:6a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jul 19 22:23:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef3c48896ded9d397f0e3c22e4eca218f2306af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3c:02:39:99:3e:71:05:95:7b:40:2b:6f:54:
60:97:37:e3:a4:91:51:fe:19:fb:e7:e0:55:3a:af:
66:b3:5d:c5:21:dd:be:9b:9f:6d:2d:5f:55:2c:41:
2a:ea:08:60:57:97:d7:34:65:4f:a4:81:74:54:4a:
8e:1b:49:be:28:4d:f6:81:37:5d:c8:09:d9:ab:20:
05:ca:88:c0:83:59:15:a4:89:b4:0a:c1:98:ae:c2:
84:70:e7:01:df:c5:4f:5a:b0:8d:f8:b1:e7:fd:fa:
ba:06:4a:64:a5:b0:20:30:8b:f9:bc:b3:bd:26:55:
8f:f9:d8:f1:40:ca:f5:7f:42:31:26:f2:68:11:9c:
27:a6:3a:00:18:df:43:e2:c2:01:43:b5:5d:f9:65:
d2:40:5a:f8:75:af:d1:68:ad:68:34:38:fd:c1:da:
1c:97:45:6d:31:aa:03:52:47:29:3b:f2:a4:1a:a9:
80:a9:86:54:af:ce:75:6b:10:06:49:ac:07:ef:06:
9b:16:1f:43:00:4c:07:89:fb:aa:78:42:97:58:07:
2b:c4:c6:f3:33:b4:35:ea:38:52:5d:70:9a:f7:54:
8e:5f:26:a0:27:22:8e:c3:e9:58:61:33:7c:c2:7d:
b9:c8:5e:7a:8e:e8:88:8f:ec:e2:c2:d6:92:bd:c2:
03:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3C:48:89:6D:ED:9D:39:7F:0E:3C:22:E4:EC:A2:18:F2:30:6A:F4
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7zxIiW3tnTl_Djwi5OyiGPIwavQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.85.0-45.85.86.255
45.130.72.0/23
77.243.92.0/24
77.243.94.0/24
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:91:05:e5:f8:ab:f5:a4:83:41:91:2f:30:fe:c7:c4:45:7b:
e8:3c:cf:36:52:e0:f8:a9:f0:00:18:ef:79:ea:62:7f:4a:d0:
42:a1:03:f0:9a:0e:42:06:d3:b8:0d:f4:d7:33:6b:01:17:9b:
6d:68:12:e6:a6:63:d5:c1:6f:8a:8c:c5:14:6c:11:0c:e8:57:
b2:29:57:6b:69:a5:3c:05:3b:b4:f4:63:aa:45:dc:0c:f1:aa:
88:03:6d:0b:3d:4e:91:81:eb:5e:42:72:2d:8c:28:f9:ea:28:
39:71:9f:1a:12:9c:c8:c2:65:92:c7:b4:97:a0:51:f1:8d:8d:
14:2a:78:13:8e:18:a3:1e:33:1e:60:44:ac:00:c3:21:66:d4:
15:a4:6b:46:1d:84:ae:f7:07:71:94:40:e9:44:52:69:c2:89:
44:9f:5f:ac:f7:3e:84:c4:76:b2:40:d5:44:be:d0:dc:87:00:
d3:21:bc:42:fb:51:03:03:a8:46:a5:f4:fe:17:dc:b2:6a:c1:
0d:52:02:dc:ae:82:18:6e:f8:3c:eb:69:a0:f3:b4:a6:f7:2f:
c4:83:95:75:68:a2:b9:b0:83:9c:7b:5e:5e:0f:18:1c:30:3d:
c1:60:8e:09:77:d5:b0:9e:13:e5:c3:49:06:8a:d8:a0:1b:3d:
d1:1f:24:31
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYlwQEUGOUtynJBEkkL0ympYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwNzE5MjIyMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNjNDg4OTZkZWQ5ZDM5N2YwZTNjMjJlNGVjYTIxOGYyMzA2YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjwCOZk+cQWVe0Arb1RglzfjpJFR
/hn75+BVOq9ms13FId2+m59tLV9VLEEq6ghgV5fXNGVPpIF0VEqOG0m+KE32gTdd
yAnZqyAFyojAg1kVpIm0CsGYrsKEcOcB38VPWrCN+LHn/fq6BkpkpbAgMIv5vLO9
JlWP+djxQMr1f0IxJvJoEZwnpjoAGN9D4sIBQ7Vd+WXSQFr4da/RaK1oNDj9wdoc
l0VtMaoDUkcpO/KkGqmAqYZUr851axAGSawH7wabFh9DAEwHifuqeEKXWAcrxMbz
M7Q16jhSXXCa91SOXyagJyKOw+lYYTN8wn25yF56juiIj+ziwtaSvcID1QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFO88SIlt7Z05fw48IuTsohjyMGr0MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvN3p4SWlXM3RuVGxfRGp3aTVPeWlHUEl3YXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAAtVVUD
BAAtVVYDBAEtgkgDBABN81wDBABN814wDAMEALm4jQMEBLm4gAMEAbm5+AMEALm+
UDANBgkqhkiG9w0BAQsFAAOCAQEAipEF5fir9aSDQZEvMP7HxEV76DzPNlLg+Knw
ABjveepif0rQQqED8JoOQgbTuA301zNrARebbWgS5qZj1cFviozFFGwRDOhXsilX
a2mlPAU7tPRjqkXcDPGqiANtCz1OkYHrXkJyLYwo+eooOXGfGhKcyMJlkse0l6BR
8Y2NFCp4E44Yox4zHmBErADDIWbUFaRrRh2ErvcHcZRA6URSacKJRJ9frPc+hMR2
skDVRL7Q3IcA0yG8QvtRAwOoRqX0/hfcsmrBDVIC3K6CGG74POtpoPO0pvcvxIOV
dWiiubCDnHteXg8YHDA9wWCOCXfVsJ4T5cNJBorYoBs90R8kMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:32 2024 by rpki-client on console-ams.rpki-client.org