Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/icfC8n4jKaFg1EFEtmWMOGKnWvY.roa
File: icfC8n4jKaFg1EFEtmWMOGKnWvY.roa (raw, json)
Hash identifier: VKRcs9yraoG2ZxYCR8AxN1O5LCOaHdeNcAkI2cbfzN8=
Subject key identifier: 89:C7:C2:F2:7E:23:29:A1:60:D4:41:44:B6:65:8C:38:62:A7:5A:F6
Certificate issuer: /CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Certificate serial: 0187BC925D063AE9822A23713812F784D210
Authority key identifier: 92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/icfC8n4jKaFg1EFEtmWMOGKnWvY.roa
Signing time: Wed 26 Apr 2023 07:58:41 +0000
ROA not before: Wed 26 Apr 2023 07:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42156
IP address blocks: 45.83.172.0/22 maxlen: 22
45.143.62.0/23 maxlen: 23
45.143.60.0/24 maxlen: 24
45.143.61.0/24 maxlen: 24
69.48.159.0/24 maxlen: 24
2a0e:e2c0::/29 maxlen: 29
2a0e:8480::/29 maxlen: 29
2a0e:e2c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 09 Nov 2023 16:32:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:92:5d:06:3a:e9:82:2a:23:71:38:12:f7:84:d2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Validity
Not Before: Apr 26 07:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89c7c2f27e2329a160d44144b6658c3862a75af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:62:e0:f1:39:e6:67:69:6b:cd:19:36:a6:
b1:a7:1b:11:ef:af:ba:a3:64:b0:75:40:31:b7:9d:
9d:f1:2c:c2:1b:84:f6:93:7f:3d:e2:81:1f:e2:9c:
0f:25:b4:0f:c2:f8:d1:56:34:77:be:de:99:73:f6:
8b:78:45:3a:f5:ff:06:3a:5e:08:8d:f6:40:9f:cd:
15:c7:98:fb:71:07:41:13:5e:ed:a7:97:91:87:d2:
29:39:11:69:78:ab:31:7c:fa:3c:cf:84:98:2c:4d:
e3:d7:53:09:46:76:b4:33:16:39:5b:a0:a4:b2:9d:
0a:76:7f:79:11:39:aa:40:81:62:53:8e:10:23:51:
ea:e5:69:b9:d8:79:92:20:fc:2f:d1:31:f9:ab:bc:
c2:dd:ad:e3:47:20:57:84:a4:75:6e:a1:f7:3b:d2:
2e:54:8c:75:51:0a:27:cf:30:ea:2c:ba:5b:ca:af:
f4:e9:f2:93:f9:2b:e5:b0:9c:cc:86:aa:ac:95:ed:
98:6a:b1:b9:de:d6:52:2d:6c:72:b6:63:cb:b3:0c:
a3:b3:72:f4:83:42:9f:9f:c6:53:c6:db:cf:69:7e:
34:a8:7e:86:9c:64:95:36:2f:5d:25:ae:50:25:6c:
41:7e:15:34:6e:c4:e2:3d:89:37:de:0b:80:d0:4e:
b3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C7:C2:F2:7E:23:29:A1:60:D4:41:44:B6:65:8C:38:62:A7:5A:F6
X509v3 Authority Key Identifier:
keyid:92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/icfC8n4jKaFg1EFEtmWMOGKnWvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.172.0/22
45.143.60.0/22
69.48.159.0/24
IPv6:
2a0e:8480::/29
2a0e:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:1d:81:51:c1:01:f0:5f:92:3c:81:90:7d:f2:ce:54:06:8f:
17:34:21:d2:3c:39:38:ac:1d:50:36:df:e3:d8:e4:3b:78:65:
47:f4:52:e7:5e:14:22:8b:dd:f6:85:33:da:1b:11:b3:de:cf:
ba:e6:8b:31:b2:2f:ca:6a:43:52:05:e9:8b:dd:e4:ed:70:bf:
2d:ac:00:91:86:d7:48:d4:23:d0:cf:93:63:8e:ed:d4:bf:53:
63:8e:b5:6a:d9:70:a2:03:fd:5c:68:78:8c:f5:bd:a7:5b:05:
b1:e4:94:89:b9:10:b8:3f:4f:2e:29:5d:10:39:19:e4:19:a9:
c9:22:c0:a3:a4:e8:ae:56:29:a3:05:29:5b:3c:1c:ef:c0:cd:
d1:35:2c:c6:d3:e4:d0:fc:e8:cb:6b:d1:5b:da:e0:e0:6c:87:
ff:54:1d:14:10:50:a4:33:1a:d0:2c:1c:32:37:96:35:e9:1c:
1a:2e:1d:87:82:88:22:6f:2a:66:ea:0c:de:d5:8e:5b:8f:9c:
d1:9a:b9:c8:c3:f7:b7:40:05:dd:51:03:e3:a9:b7:4a:21:00:
2e:78:d4:11:ba:ed:52:2a:41:b0:6d:49:32:a0:17:0c:4a:fe:
3c:85:b3:71:2e:0e:3f:c2:b1:9c:08:be:6a:5c:b8:d2:0d:1f:
38:97:a5:d7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYe8kl0GOumCKiNxOBL3hNIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYWYwM2NhMmRmNjQyM2I3N2QwZWYzNzM3YjBmNDc5MWFh
MDM1YTMwHhcNMjMwNDI2MDc1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWM3YzJmMjdlMjMyOWExNjBkNDQxNDRiNjY1OGMzODYyYTc1YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP1i4PE55mdpa80ZNqaxpxsR76+6
o2SwdUAxt52d8SzCG4T2k3894oEf4pwPJbQPwvjRVjR3vt6Zc/aLeEU69f8GOl4I
jfZAn80Vx5j7cQdBE17tp5eRh9IpORFpeKsxfPo8z4SYLE3j11MJRna0MxY5W6Ck
sp0Kdn95ETmqQIFiU44QI1Hq5Wm52HmSIPwv0TH5q7zC3a3jRyBXhKR1bqH3O9Iu
VIx1UQonzzDqLLpbyq/06fKT+SvlsJzMhqqsle2YarG53tZSLWxytmPLswyjs3L0
g0Kfn8ZTxtvPaX40qH6GnGSVNi9dJa5QJWxBfhU0bsTiPYk33guA0E6zKwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFInHwvJ+IymhYNRBRLZljDhip1r2MB8GA1UdIwQY
MBaAFJKvA8ot9kI7d9DvNzew9HkaoDWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEt
NzAzYjZiNzBhN2VjLzEvaWNmQzhuNGpLYUZnMUVGRXRtV01PR0tuV3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEtNzAzYjZiNzBhN2Vj
LzEva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLVOsAwQC
LY88AwQARTCfMBQEAgACMA4DBQMqDoSAAwUDKg7iwDANBgkqhkiG9w0BAQsFAAOC
AQEAMR2BUcEB8F+SPIGQffLOVAaPFzQh0jw5OKwdUDbf49jkO3hlR/RS514UIovd
9oUz2hsRs97PuuaLMbIvympDUgXpi93k7XC/LawAkYbXSNQj0M+TY47t1L9TY461
atlwogP9XGh4jPW9p1sFseSUibkQuD9PLildEDkZ5BmpySLAo6TorlYpowUpWzwc
78DN0TUsxtPk0Pzoy2vRW9rg4GyH/1QdFBBQpDMa0CwcMjeWNekcGi4dh4KIIm8q
ZuoM3tWOW4+c0Zq5yMP3t0AF3VED46m3SiEALnjUEbrtUipBsG1JMqAXDEr+PIWz
cS4OP8KxnAi+aly40g0fOJel1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:08 2024 by rpki-client on console-ams.rpki-client.org