Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/RsXKBFP8m-thjLzacdQ2pHqq0M0.roa
File: RsXKBFP8m-thjLzacdQ2pHqq0M0.roa (raw, json)
Hash identifier: vgcbxVSTIxKMyWYqWE3wd6vHJMYzHDSVgnr5yeVqIi4=
Subject key identifier: 46:C5:CA:04:53:FC:9B:EB:61:8C:BC:DA:71:D4:36:A4:7A:AA:D0:CD
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 0185724C5B971CAB99FAE96AEC5D9AB9F0A9
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/RsXKBFP8m-thjLzacdQ2pHqq0M0.roa
Signing time: Mon 02 Jan 2023 11:44:44 +0000
ROA not before: Mon 02 Jan 2023 11:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29650
IP address blocks: 79.140.128.0/20 maxlen: 24
212.84.40.0/21 maxlen: 24
84.51.224.0/19 maxlen: 24
212.78.224.0/19 maxlen: 24
45.139.240.0/22 maxlen: 24
82.195.128.0/19 maxlen: 24
2001:1bd8::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:5b:97:1c:ab:99:fa:e9:6a:ec:5d:9a:b9:f0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Jan 2 11:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46c5ca0453fc9beb618cbcda71d436a47aaad0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:db:9f:a4:ea:27:c9:cd:2a:ad:60:49:b6:
c1:7f:3b:b7:c1:bc:2a:92:22:d1:c5:9d:16:cf:67:
56:d0:b7:21:3d:85:70:fb:a1:a0:fe:f9:b3:df:dc:
59:7b:be:db:5c:4d:46:c4:5b:48:51:be:48:05:01:
e9:64:20:8e:26:4d:8a:26:9c:8b:70:66:ee:16:eb:
23:0c:7b:bf:cf:3e:6c:e9:fc:c7:70:73:ec:7a:f8:
91:65:02:7d:fd:bf:eb:7c:3a:fb:41:84:00:56:c4:
7f:2d:1b:2d:29:b5:35:2b:cd:4c:ee:b2:1f:f7:13:
7b:87:67:cc:19:24:82:23:a0:53:b1:2b:0b:6c:18:
23:59:f7:ab:f3:34:a2:0e:99:00:0d:9b:ae:68:ec:
38:08:eb:84:32:49:f0:7c:af:b0:e1:7f:aa:12:8c:
ef:15:9a:7a:18:d5:e2:d9:f9:23:cb:1c:24:87:8d:
70:89:f9:b1:e6:ee:80:f3:a6:e8:3b:3f:26:95:49:
03:6f:14:41:4e:4c:08:fc:6b:dc:5b:41:e3:80:f0:
2a:ad:15:79:55:6d:f5:8d:35:3c:11:30:8b:81:9b:
0e:3c:87:7e:9a:88:50:ce:d3:0c:a4:43:cb:74:c4:
5f:60:c1:a1:c9:98:7f:f8:fc:0f:6c:03:e3:d2:65:
17:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C5:CA:04:53:FC:9B:EB:61:8C:BC:DA:71:D4:36:A4:7A:AA:D0:CD
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/RsXKBFP8m-thjLzacdQ2pHqq0M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.240.0/22
79.140.128.0/20
82.195.128.0/19
84.51.224.0/19
212.78.224.0/19
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
23:53:df:8e:40:aa:15:b3:a3:8f:6a:92:82:5b:c6:bf:41:01:
67:c2:ab:e7:be:77:91:39:e9:f9:1a:41:1b:b3:14:fc:11:e5:
62:ed:a2:32:8e:19:c9:7e:f0:13:4f:75:9e:33:10:5c:3b:27:
07:87:93:9f:76:c0:9b:fb:8d:12:f2:f7:e3:a9:1b:6d:9f:7e:
4d:59:b5:84:55:03:8f:4b:12:dd:7d:b8:cf:eb:d4:c8:6e:70:
03:cb:77:4c:03:ac:5e:80:53:dd:6b:4e:b3:5f:b1:b3:9e:54:
01:9a:c3:b2:93:24:46:1a:ba:45:05:ae:8a:73:26:a1:5c:da:
c3:6f:b4:bd:2d:6b:6c:63:fc:84:c0:2c:72:04:42:83:75:13:
f4:99:82:bf:f9:01:6a:d1:61:6e:a3:4c:79:cb:2b:21:41:86:
b9:5e:47:b4:c8:88:6e:4d:8b:27:fc:1f:92:c7:85:69:c7:b3:
cc:a8:ca:be:65:4d:ad:40:56:02:2c:f2:62:82:1b:26:76:29:
80:d7:ff:6d:80:7e:26:92:c0:17:ea:16:e7:4e:2e:0b:69:a3:
f2:fa:9c:2b:c3:77:b8:0f:5e:78:1b:8d:58:3d:92:c7:06:fc:
d7:ea:c3:be:bb:84:54:aa:f1:b6:fe:63:87:ca:0d:0c:f6:67:
80:c0:36:02
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVyTFuXHKuZ+ulq7F2aufCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjMwMTAyMTE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM1Y2EwNDUzZmM5YmViNjE4Y2JjZGE3MWQ0MzZhNDdhYWFkMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoXbn6TqJ8nNKq1gSbbBfzu3wbwq
kiLRxZ0Wz2dW0LchPYVw+6Gg/vmz39xZe77bXE1GxFtIUb5IBQHpZCCOJk2KJpyL
cGbuFusjDHu/zz5s6fzHcHPseviRZQJ9/b/rfDr7QYQAVsR/LRstKbU1K81M7rIf
9xN7h2fMGSSCI6BTsSsLbBgjWfer8zSiDpkADZuuaOw4COuEMknwfK+w4X+qEozv
FZp6GNXi2fkjyxwkh41wifmx5u6A86boOz8mlUkDbxRBTkwI/GvcW0HjgPAqrRV5
VW31jTU8ETCLgZsOPId+mohQztMMpEPLdMRfYMGhyZh/+PwPbAPj0mUXnQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEbFygRT/JvrYYy82nHUNqR6qtDNMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvUnNYS0JGUDhtLXRoakx6YWNkUTJwSHFxME0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYvwAwQE
T4yAAwQFUsOAAwQFVDPgAwQF1E7gAwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqG
SIb3DQEBCwUAA4IBAQAjU9+OQKoVs6OPapKCW8a/QQFnwqvnvneROen5GkEbsxT8
EeVi7aIyjhnJfvATT3WeMxBcOycHh5OfdsCb+40S8vfjqRttn35NWbWEVQOPSxLd
fbjP69TIbnADy3dMA6xegFPda06zX7GznlQBmsOykyRGGrpFBa6KcyahXNrDb7S9
LWtsY/yEwCxyBEKDdRP0mYK/+QFq0WFuo0x5yyshQYa5Xke0yIhuTYsn/B+Sx4Vp
x7PMqMq+ZU2tQFYCLPJighsmdimA1/9tgH4mksAX6hbnTi4LaaPy+pwrw3e4D154
G41YPZLHBvzX6sO+u4RUqvG2/mOHyg0M9meAwDYC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:41 2024 by rpki-client on console-fra.rpki-client.org