Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Vhn6kpujARsxFlLYeiCfnNw4WY0.roa
File: Vhn6kpujARsxFlLYeiCfnNw4WY0.roa (raw, json)
Hash identifier: 5B9fT0BIr59VmF3CDE6UyrqyKVkBbyFX18FDxl2RjwI=
Subject key identifier: 56:19:FA:92:9B:A3:01:1B:31:16:52:D8:7A:20:9F:9C:DC:38:59:8D
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018C453329C7F8D11F40D8EDCBD7C606C7DD
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Vhn6kpujARsxFlLYeiCfnNw4WY0.roa
Signing time: Thu 07 Dec 2023 16:53:50 +0000
ROA not before: Thu 07 Dec 2023 16:53:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16633
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
185.225.27.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
87.236.163.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
188.190.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Dec 2023 17:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:33:29:c7:f8:d1:1f:40:d8:ed:cb:d7:c6:06:c7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Dec 7 16:53:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5619fa929ba3011b311652d87a209f9cdc38598d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:04:b8:8d:92:bc:fa:1a:14:13:98:e8:2d:48:
c0:cf:05:54:a7:1d:a8:6f:fb:60:92:87:d8:15:fb:
64:56:96:c6:85:eb:01:aa:5d:1c:8a:81:3b:79:40:
0a:30:4f:19:b1:61:27:1a:70:e2:6f:47:0f:04:63:
f3:8d:2a:20:4e:b3:55:40:b9:e9:65:6e:d6:00:13:
67:6f:4c:62:5c:45:de:22:b2:a2:3f:13:0a:bb:a1:
e6:ef:43:56:e4:27:b5:e0:29:77:71:6c:75:34:81:
5e:4d:0b:b1:5c:bc:27:6c:0b:9b:35:a9:2d:f5:7d:
1e:96:ff:d9:2d:89:6f:88:75:94:6f:df:02:57:b6:
4a:0f:53:1d:52:a1:80:1a:69:79:d9:48:d8:a3:fc:
26:45:98:96:7b:5a:2f:4c:8e:01:bb:f0:39:ee:0b:
f2:29:29:26:c4:f8:10:30:e6:dc:f6:0c:53:27:5a:
af:75:e7:63:0a:4a:c8:1f:bb:e0:0d:a8:37:ed:9d:
44:d9:5f:04:53:7f:4a:f8:a1:3a:d6:d2:f2:8e:32:
ab:da:8c:0a:88:05:86:05:78:4d:cd:e0:e3:3a:a7:
94:19:ac:92:d2:bb:50:e5:93:f3:1d:33:1e:08:09:
e1:b0:1c:08:5c:85:66:63:fb:e3:3f:6e:3f:6d:d7:
a5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:19:FA:92:9B:A3:01:1B:31:16:52:D8:7A:20:9F:9C:DC:38:59:8D
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Vhn6kpujARsxFlLYeiCfnNw4WY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
87.236.163.0/24
185.201.17.0-185.201.18.255
185.225.27.0/24
188.190.112.0/24
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9f:41:b7:94:c7:51:2e:17:67:4d:d1:54:c9:cd:63:97:12:
53:f6:71:f6:d4:ac:71:94:30:99:55:7e:7c:a0:52:ad:f2:d8:
39:3a:b2:5e:75:92:c4:c7:06:e2:6f:f0:32:d5:29:4f:73:b5:
03:f5:b8:61:66:48:ca:0f:40:82:b7:e3:fe:e6:8d:20:4b:fb:
ca:7e:09:6b:4f:c5:66:83:02:5f:f5:5e:bb:3c:f1:d5:a5:a0:
26:98:e8:83:e8:03:7c:9d:90:19:4d:82:03:a3:f5:7a:1a:18:
83:b1:a6:af:37:5a:e3:51:6f:b1:32:0a:ed:a9:1c:f5:3b:99:
84:e6:ee:03:7c:16:be:5d:9d:e9:5e:01:d3:07:6a:78:38:73:
27:68:32:b7:62:2b:09:ab:5c:e3:90:e1:48:c5:61:43:e5:76:
26:96:3a:d4:5c:2c:da:25:3e:c4:07:1c:d7:1e:f2:d2:c4:65:
a8:20:18:98:b8:cb:4e:d9:4c:dd:c7:73:88:72:67:25:e5:d6:
9d:a4:c1:97:b9:04:2b:58:e0:9a:00:22:ac:d7:e6:d9:af:f2:
b9:3e:71:f8:a2:59:29:ae:54:af:36:4c:bd:1c:2f:9d:88:b0:
be:a5:2c:62:70:d7:76:21:81:dc:f8:ec:9a:0e:24:3e:a6:25:
22:00:3e:dc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYxFMynH+NEfQNjty9fGBsfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMxMjA3MTY1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE5ZmE5MjliYTMwMTFiMzExNjUyZDg3YTIwOWY5Y2RjMzg1OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gS4jZK8+hoUE5joLUjAzwVUpx2o
b/tgkofYFftkVpbGhesBql0cioE7eUAKME8ZsWEnGnDib0cPBGPzjSogTrNVQLnp
ZW7WABNnb0xiXEXeIrKiPxMKu6Hm70NW5Ce14Cl3cWx1NIFeTQuxXLwnbAubNakt
9X0elv/ZLYlviHWUb98CV7ZKD1MdUqGAGml52UjYo/wmRZiWe1ovTI4Bu/A57gvy
KSkmxPgQMObc9gxTJ1qvdedjCkrIH7vgDag37Z1E2V8EU39K+KE61tLyjjKr2owK
iAWGBXhNzeDjOqeUGayS0rtQ5ZPzHTMeCAnhsBwIXIVmY/vjP24/bdelRwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFYZ+pKbowEbMRZS2Hogn5zcOFmNMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvVmhuNmtwdWpBUnN4RmxMWWVpQ2ZuTnc0V1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZNfAwQA
LuXwAwQAV+yjMAwDBAC5yREDBAC5yRIDBAC54RsDBAC8vnADBADByNYwDQYJKoZI
hvcNAQELBQADggEBAAefQbeUx1EuF2dN0VTJzWOXElP2cfbUrHGUMJlVfnygUq3y
2Dk6sl51ksTHBuJv8DLVKU9ztQP1uGFmSMoPQIK34/7mjSBL+8p+CWtPxWaDAl/1
Xrs88dWloCaY6IPoA3ydkBlNggOj9XoaGIOxpq83WuNRb7EyCu2pHPU7mYTm7gN8
Fr5dneleAdMHang4cydoMrdiKwmrXOOQ4UjFYUPldiaWOtRcLNolPsQHHNce8tLE
ZaggGJi4y07ZTN3Hc4hyZyXl1p2kwZe5BCtY4JoAIqzX5tmv8rk+cfiiWSmuVK82
TL0cL52IsL6lLGJw13Yhgdz47JoOJD6mJSIAPtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org