Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gNRuS7NYIp0w8WeZpwaOvZzu9B0.roa
File: gNRuS7NYIp0w8WeZpwaOvZzu9B0.roa (raw, json)
Hash identifier: Si2fb+402GLI0zl0UVlT4krcJWW0qDoXbzLrsbhtDuY=
Subject key identifier: 80:D4:6E:4B:B3:58:22:9D:30:F1:67:99:A7:06:8E:BD:9C:EE:F4:1D
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018DF93F8EEED1A2BDD69522146D6C8810C0
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gNRuS7NYIp0w8WeZpwaOvZzu9B0.roa
Signing time: Fri 01 Mar 2024 09:01:48 +0000
ROA not before: Fri 01 Mar 2024 09:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 08:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:3f:8e:ee:d1:a2:bd:d6:95:22:14:6d:6c:88:10:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 1 09:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80d46e4bb358229d30f16799a7068ebd9ceef41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:1f:14:72:11:fe:92:4f:bc:f5:d9:5e:58:
51:0d:a5:d8:a7:f2:a5:83:d7:2b:1f:dc:f2:0b:08:
1e:5f:50:5d:9e:ad:bc:e9:ab:4f:43:5a:c8:49:de:
7c:0f:75:5c:05:d1:44:d2:29:0d:d6:5c:be:8d:7e:
7c:40:d6:c0:a4:4b:d7:a0:dd:4f:6c:fd:13:78:0b:
46:aa:fa:9d:0e:26:21:78:6e:6f:27:f4:59:be:07:
83:eb:f7:ff:f5:77:8d:3e:1a:52:2b:d3:48:00:54:
a6:63:f2:0a:58:31:3e:9c:bd:7d:e3:57:25:49:fe:
8a:f1:96:db:eb:a4:78:c4:de:97:e1:9f:62:c2:10:
3e:01:de:64:c0:fb:c5:78:fa:58:9b:e1:a5:7a:da:
75:dc:0e:2e:fd:5f:cc:37:dc:c4:ef:74:95:b9:33:
00:33:95:0f:41:0e:cf:c2:b8:94:25:5c:91:fa:f0:
8b:78:35:b7:93:f2:ef:3e:c3:e1:24:af:08:09:7c:
75:03:d4:3d:eb:d3:3c:78:08:eb:77:14:56:c1:31:
61:5b:e4:11:4c:e0:d8:ba:e8:0c:27:54:9d:e4:4a:
21:21:b1:2f:3b:84:e8:01:c4:e2:d8:ee:9f:82:a9:
20:60:03:3f:6a:93:0c:d4:26:dd:31:03:8a:88:cf:
a7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D4:6E:4B:B3:58:22:9D:30:F1:67:99:A7:06:8E:BD:9C:EE:F4:1D
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gNRuS7NYIp0w8WeZpwaOvZzu9B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.68.0/22
83.150.240.0/22
95.181.216.0/22
185.75.208.0/22
193.108.243.0/24
193.201.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:e0:49:8d:6a:e7:a3:f9:5d:65:ea:c7:49:ef:4a:8b:67:85:
a8:93:a1:f6:11:2a:d9:7d:9f:37:db:c2:09:31:43:fb:00:ae:
34:e6:ce:83:c6:df:05:72:07:68:47:8b:e4:e2:9a:3d:23:95:
50:26:11:d3:21:8b:82:37:2b:98:0b:7d:ce:90:cf:4a:e5:5d:
83:f4:c9:b1:40:96:80:39:65:9c:4e:a3:fa:e9:b3:e2:54:cd:
11:83:20:75:2c:60:1b:55:9c:88:5d:fb:69:9e:d1:11:1c:7f:
51:28:96:1b:2b:42:2c:bd:e4:6a:74:ba:f5:9c:69:78:dc:48:
6a:53:a3:9e:dc:4c:2d:51:7a:91:c8:e6:8a:71:a2:b1:2c:24:
0d:a8:cc:9f:2f:07:5e:83:5f:c8:0c:b7:40:0e:e1:38:a2:e9:
07:ac:b2:28:49:31:2d:bf:fe:49:c6:00:ed:b0:5b:95:ac:5b:
60:07:0e:be:22:18:24:b9:47:ce:6d:66:50:05:62:c4:5c:07:
c9:db:c1:a5:a8:07:bb:41:86:a8:01:e8:e0:0a:36:d2:0e:29:
4e:1c:38:fc:4e:42:f0:5e:1b:ca:65:74:15:a8:03:52:bb:b3:
85:39:cb:d0:d4:c0:48:3c:5d:2d:64:4f:b7:3b:70:8c:e6:fe:
b6:76:cb:31
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY35P47u0aK91pUiFG1siBDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzAxMDkwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ0NmU0YmIzNTgyMjlkMzBmMTY3OTlhNzA2OGViZDljZWVmNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppIfFHIR/pJPvPXZXlhRDaXYp/Kl
g9crH9zyCwgeX1Bdnq286atPQ1rISd58D3VcBdFE0ikN1ly+jX58QNbApEvXoN1P
bP0TeAtGqvqdDiYheG5vJ/RZvgeD6/f/9XeNPhpSK9NIAFSmY/IKWDE+nL1941cl
Sf6K8Zbb66R4xN6X4Z9iwhA+Ad5kwPvFePpYm+Gletp13A4u/V/MN9zE73SVuTMA
M5UPQQ7PwriUJVyR+vCLeDW3k/LvPsPhJK8ICXx1A9Q969M8eAjrdxRWwTFhW+QR
TODYuugMJ1Sd5EohIbEvO4ToAcTi2O6fgqkgYAM/apMM1CbdMQOKiM+nTQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIDUbkuzWCKdMPFnmacGjr2c7vQdMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvZ05SdVM3TllJcDB3OFdlWnB3YU92Wnp1OUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLY9EAwQC
U5bwAwQCX7XYAwQCuUvQAwQAwWzzAwQCwcn4MA0GCSqGSIb3DQEBCwUAA4IBAQAb
4EmNauej+V1l6sdJ70qLZ4Wok6H2ESrZfZ8328IJMUP7AK405s6Dxt8FcgdoR4vk
4po9I5VQJhHTIYuCNyuYC33OkM9K5V2D9MmxQJaAOWWcTqP66bPiVM0RgyB1LGAb
VZyIXftpntERHH9RKJYbK0IsveRqdLr1nGl43EhqU6Oe3EwtUXqRyOaKcaKxLCQN
qMyfLwdeg1/IDLdADuE4oukHrLIoSTEtv/5JxgDtsFuVrFtgBw6+IhgkuUfObWZQ
BWLEXAfJ28GlqAe7QYaoAejgCjbSDilOHDj8TkLwXhvKZXQVqANSu7OFOcvQ1MBI
PF0tZE+3O3CM5v62dssx
-----END CERTIFICATE-----
Generated at Mon Mar 4 11:57:01 2024 by rpki-client on console-fra.rpki-client.org