Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/n0V4NiR1uvEj-yrk5Frf_wRNZ9g.roa
File: n0V4NiR1uvEj-yrk5Frf_wRNZ9g.roa (raw, json)
Hash identifier: n2uCLArK7y6Pk/cjIKPNLWl5n5gMwfuUqgcCwDQrmio=
Subject key identifier: 9F:45:78:36:24:75:BA:F1:23:FB:2A:E4:E4:5A:DF:FF:04:4D:67:D8
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0189CF30543974D736C419BF5EBF521E4A34
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/n0V4NiR1uvEj-yrk5Frf_wRNZ9g.roa
Signing time: Mon 07 Aug 2023 08:49:58 +0000
ROA not before: Mon 07 Aug 2023 08:49:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.114.199.0/24 maxlen: 24
195.114.206.0/24 maxlen: 24
195.114.200.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
195.114.201.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
45.155.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 08:51:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:30:54:39:74:d7:36:c4:19:bf:5e:bf:52:1e:4a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Aug 7 08:49:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f4578362475baf123fb2ae4e45adfff044d67d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:7b:fb:9b:f2:25:b7:b2:82:ad:b2:de:45:7f:
81:83:67:d3:2e:d2:fc:4a:f0:96:30:e6:71:ad:74:
dc:7e:01:f8:99:96:ce:c1:fc:e5:04:33:3d:0c:db:
1d:c4:72:55:f6:db:48:e9:a6:30:ad:97:ae:60:37:
f2:79:83:dc:98:6c:25:05:f3:e0:99:93:51:00:86:
1c:dc:c3:bb:13:f4:13:3f:ed:6f:41:fb:bc:4d:ee:
66:e5:3e:40:70:4f:01:e8:10:39:55:01:73:f6:c6:
e3:c7:16:d9:84:78:ca:77:b4:24:3e:ff:55:32:f7:
cc:db:c7:90:29:fc:96:fa:eb:36:97:34:cd:22:73:
9e:c8:bc:98:e1:fb:4e:d7:46:67:1d:f4:01:8d:57:
24:3b:e3:4e:18:3b:e6:e6:33:fd:8b:75:d0:91:2d:
bb:90:2a:e2:9e:03:e1:be:56:05:8a:52:3b:49:7a:
0f:f7:8d:08:7a:09:21:49:e2:6e:0f:cc:0e:49:16:
29:84:2d:a7:b1:c4:f7:fb:65:f4:59:d7:7e:fb:2f:
50:6d:4a:09:a2:ea:30:ac:dc:87:63:26:96:f1:05:
ca:75:0d:0a:b6:6b:7b:47:a4:7a:03:c4:bc:81:a8:
41:2b:12:ae:28:50:42:19:4f:2f:8f:f3:c0:ca:1d:
bd:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:45:78:36:24:75:BA:F1:23:FB:2A:E4:E4:5A:DF:FF:04:4D:67:D8
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/n0V4NiR1uvEj-yrk5Frf_wRNZ9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/23
194.143.217.0-194.143.218.255
194.143.222.0/23
195.114.199.0-195.114.201.255
195.114.206.0/24
Signature Algorithm: sha256WithRSAEncryption
67:cd:53:c5:6e:53:6d:3a:0e:46:32:57:0d:c1:69:ac:18:79:
73:b6:72:4d:09:3b:69:70:8b:14:04:da:52:cc:53:5e:5b:38:
69:a5:18:b3:e4:01:61:6b:f4:6e:ff:f7:f6:c2:ca:fc:ce:d8:
de:09:33:e5:15:59:33:37:71:e9:76:26:01:9c:f2:16:93:70:
f4:ca:03:f0:ac:e6:08:eb:49:77:52:04:28:24:49:6e:67:7a:
45:9f:01:0f:7e:4a:f6:c1:b2:a8:5a:2f:3f:88:d3:98:87:e9:
25:18:5a:84:d7:05:b7:0d:27:68:63:68:50:1c:e1:da:e1:b0:
d6:42:e2:29:dc:dc:da:6c:5e:38:eb:54:d4:60:f0:f5:ed:7b:
c6:5c:2d:52:b4:5c:b7:a5:97:ad:71:47:99:b8:ce:03:bb:df:
c0:fa:cd:27:a0:da:a4:3e:61:83:48:53:1e:9e:96:46:21:a1:
c4:16:31:34:17:0f:a2:37:6d:b3:7f:14:84:76:31:6a:99:94:
1e:e0:e2:8b:39:a4:43:20:ae:d0:d6:e3:00:20:97:0b:d8:b0:
a3:08:aa:af:b6:0e:6c:46:3a:5b:20:dc:83:fc:3a:e2:95:94:
1f:ac:1f:f5:60:78:a8:87:fb:72:44:b0:47:5d:7f:57:de:74:
09:c3:76:d9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYnPMFQ5dNc2xBm/Xr9SHko0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwODA3MDg0OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ1NzgzNjI0NzViYWYxMjNmYjJhZTRlNDVhZGZmZjA0NGQ2N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHv7m/Ilt7KCrbLeRX+Bg2fTLtL8
SvCWMOZxrXTcfgH4mZbOwfzlBDM9DNsdxHJV9ttI6aYwrZeuYDfyeYPcmGwlBfPg
mZNRAIYc3MO7E/QTP+1vQfu8Te5m5T5AcE8B6BA5VQFz9sbjxxbZhHjKd7QkPv9V
MvfM28eQKfyW+us2lzTNInOeyLyY4ftO10ZnHfQBjVckO+NOGDvm5jP9i3XQkS27
kCringPhvlYFilI7SXoP940IegkhSeJuD8wOSRYphC2nscT3+2X0Wdd++y9QbUoJ
ouowrNyHYyaW8QXKdQ0Ktmt7R6R6A8S8gahBKxKuKFBCGU8vj/PAyh29gwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJ9FeDYkdbrxI/sq5ORa3/8ETWfYMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvbjBWNE5pUjF1dkVqLXlyazVGcmZfd1JOWjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBLZvyMAwD
BADCj9kDBADCj9oDBAHCj94wDAMEAMNyxwMEAcNyyAMEAMNyzjANBgkqhkiG9w0B
AQsFAAOCAQEAZ81TxW5TbToORjJXDcFprBh5c7ZyTQk7aXCLFATaUsxTXls4aaUY
s+QBYWv0bv/39sLK/M7Y3gkz5RVZMzdx6XYmAZzyFpNw9MoD8KzmCOtJd1IEKCRJ
bmd6RZ8BD35K9sGyqFovP4jTmIfpJRhahNcFtw0naGNoUBzh2uGw1kLiKdzc2mxe
OOtU1GDw9e17xlwtUrRct6WXrXFHmbjOA7vfwPrNJ6DapD5hg0hTHp6WRiGhxBYx
NBcPojdts38UhHYxapmUHuDiizmkQyCu0NbjACCXC9iwowiqr7YObEY6WyDcg/w6
4pWUH6wf9WB4qIf7ckSwR11/V950CcN22Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:18 2024 by rpki-client on console-fra.rpki-client.org