Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/9NN-m78Zn6mXbDwWbg_VHUXR8Xs.roa
File: 9NN-m78Zn6mXbDwWbg_VHUXR8Xs.roa (raw, json)
Hash identifier: 6TcCmyRpU6Oxu7zXtokc55XvbVmVRTPEHMc6Cf7wk6c=
Subject key identifier: F4:D3:7E:9B:BF:19:9F:A9:97:6C:3C:16:6E:0F:D5:1D:45:D1:F1:7B
Certificate issuer: /CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Certificate serial: 01856FF03325C89BD2850C858F722EA69E78
Authority key identifier: 44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/9NN-m78Zn6mXbDwWbg_VHUXR8Xs.roa
Signing time: Mon 02 Jan 2023 00:44:50 +0000
ROA not before: Mon 02 Jan 2023 00:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14127
IP address blocks: 185.45.2.0/23 maxlen: 24
185.45.0.0/23 maxlen: 24
193.246.192.0/24 maxlen: 24
193.246.196.0/24 maxlen: 24
193.246.195.0/24 maxlen: 24
193.246.194.0/24 maxlen: 24
193.246.193.0/24 maxlen: 24
193.246.199.0/24 maxlen: 24
193.246.198.0/24 maxlen: 24
193.246.197.0/24 maxlen: 24
89.106.176.0/22 maxlen: 24
89.106.180.0/23 maxlen: 23
89.106.182.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:33:25:c8:9b:d2:85:0c:85:8f:72:2e:a6:9e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Validity
Not Before: Jan 2 00:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d37e9bbf199fa9976c3c166e0fd51d45d1f17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:37:b7:50:87:89:65:0a:0b:31:83:e8:80:62:
b2:8d:24:04:72:38:1d:5a:38:99:c5:86:bd:32:54:
8a:50:0f:cc:4f:02:49:d4:b8:a6:fe:b2:b5:da:fc:
4f:83:db:49:49:17:aa:63:59:c2:13:3d:68:a8:3e:
f1:9e:56:7d:41:55:cd:51:66:f1:3a:71:3b:d0:69:
46:7f:17:00:11:b2:1a:b5:0a:70:9c:03:a5:5d:d5:
69:be:65:e7:42:cf:b1:c6:ef:28:da:7d:70:e4:02:
f7:51:c9:dd:af:e2:62:95:66:41:87:48:f8:09:5a:
2f:4d:a1:a5:92:ec:5b:f7:b0:03:d3:fa:0d:15:45:
c8:69:18:7b:14:56:49:e8:06:7a:cd:06:e0:42:6e:
67:fb:dd:c6:cf:d3:cf:e0:7d:aa:22:43:de:d3:d8:
66:5e:58:c1:da:47:62:fc:70:dd:76:23:61:a9:b7:
dc:49:25:81:33:0d:a7:1e:e2:0e:7b:10:b3:eb:55:
af:37:d7:ec:98:b3:98:7c:61:9d:e3:3e:5c:fe:d8:
78:35:10:8b:3f:4d:69:8b:7d:c5:b4:68:a3:9b:75:
5c:be:e8:fd:ef:00:29:7c:a2:85:09:39:97:f5:6a:
c6:65:00:3a:92:4a:45:ff:24:14:44:ad:0b:be:25:
c7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D3:7E:9B:BF:19:9F:A9:97:6C:3C:16:6E:0F:D5:1D:45:D1:F1:7B
X509v3 Authority Key Identifier:
keyid:44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/9NN-m78Zn6mXbDwWbg_VHUXR8Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.176.0/21
185.45.0.0/22
193.246.192.0/21
Signature Algorithm: sha256WithRSAEncryption
88:5e:3e:ac:44:84:f6:1f:14:d4:72:9e:24:36:08:1d:b3:f8:
29:19:44:e0:5b:62:7f:4f:10:f0:91:e8:bc:93:92:da:4c:e7:
2c:2e:0e:7d:63:c2:51:de:c7:63:79:3b:ce:5c:f7:0d:00:6a:
b1:a4:6e:6a:13:3b:7f:7f:a6:d2:a9:2a:59:c7:23:96:42:a9:
ed:c3:ae:01:6a:13:d6:c0:d7:96:39:cd:65:7d:4e:d6:43:6d:
f5:2b:d6:65:5a:26:0d:ea:c9:5d:32:b7:fb:34:0f:8b:d1:ab:
d5:ba:7f:41:17:11:e2:c4:c1:d9:91:a9:d5:ca:bc:fa:c7:49:
e9:11:b8:42:d3:6e:ba:cb:21:3d:16:44:0f:d6:5b:58:66:0e:
4e:85:d3:c6:3c:a5:bc:19:8a:e0:0a:a8:53:69:86:8c:42:b0:
a0:21:3a:c8:45:7b:a7:f9:15:db:97:f6:f1:fd:df:d1:6d:e4:
53:05:91:25:50:0a:8e:e3:32:fa:ff:70:bb:d4:1f:07:d2:d9:
d5:4d:61:3c:14:2e:32:e7:21:d9:6a:24:d1:69:c4:3a:56:7c:
65:f5:d2:a9:d4:69:51:2b:06:5d:d0:08:1d:9d:97:ca:16:d2:
f6:90:9f:e4:87:e1:ce:ff:38:7b:ca:1a:9c:82:a5:99:0e:f5:
36:32:b6:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVv8DMlyJvShQyFj3Iupp54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTNiNDNmNjQ3ZTFlNzcxNGNkMTMwNzY0Y2JiYzQ4MTRl
N2ExNDgwHhcNMjMwMTAyMDA0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQzN2U5YmJmMTk5ZmE5OTc2YzNjMTY2ZTBmZDUxZDQ1ZDFmMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDe3UIeJZQoLMYPogGKyjSQEcjgd
WjiZxYa9MlSKUA/MTwJJ1Lim/rK12vxPg9tJSReqY1nCEz1oqD7xnlZ9QVXNUWbx
OnE70GlGfxcAEbIatQpwnAOlXdVpvmXnQs+xxu8o2n1w5AL3Ucndr+JilWZBh0j4
CVovTaGlkuxb97AD0/oNFUXIaRh7FFZJ6AZ6zQbgQm5n+93Gz9PP4H2qIkPe09hm
XljB2kdi/HDddiNhqbfcSSWBMw2nHuIOexCz61WvN9fsmLOYfGGd4z5c/th4NRCL
P01pi33FtGijm3Vcvuj97wApfKKFCTmX9WrGZQA6kkpF/yQURK0LviXHAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPTTfpu/GZ+pl2w8Fm4P1R1F0fF7MB8GA1UdIwQY
MBaAFESjtD9kfh53FM0TB2TLvEgU56FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgt
YTNjNTM5ZjBiNmQyLzEvOU5OLW03OFpuNm1YYkR3V2JnX1ZIVVhSOFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgtYTNjNTM5ZjBiNmQy
LzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWqwAwQC
uS0AAwQDwfbAMA0GCSqGSIb3DQEBCwUAA4IBAQCIXj6sRIT2HxTUcp4kNggds/gp
GUTgW2J/TxDwkei8k5LaTOcsLg59Y8JR3sdjeTvOXPcNAGqxpG5qEzt/f6bSqSpZ
xyOWQqntw64BahPWwNeWOc1lfU7WQ231K9ZlWiYN6sldMrf7NA+L0avVun9BFxHi
xMHZkanVyrz6x0npEbhC0266yyE9FkQP1ltYZg5OhdPGPKW8GYrgCqhTaYaMQrCg
ITrIRXun+RXbl/bx/d/RbeRTBZElUAqO4zL6/3C71B8H0tnVTWE8FC4y5yHZaiTR
acQ6Vnxl9dKp1GlRKwZd0AgdnZfKFtL2kJ/kh+HO/zh7yhqcgqWZDvU2MrZV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org