Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ra9RJ4mce06tEeZrkRFX0w-6-9o.roa
File: ra9RJ4mce06tEeZrkRFX0w-6-9o.roa (raw, json)
Hash identifier: kxXx7hQNUXaCnUSOIGYH7nteRrpwa6yF1r+3xgVxT4g=
Subject key identifier: AD:AF:51:27:89:9C:7B:4E:AD:11:E6:6B:91:11:57:D3:0F:BA:FB:DA
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018ED11040EE4C21DAAC30DEA1918BBBC576
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ra9RJ4mce06tEeZrkRFX0w-6-9o.roa
Signing time: Fri 12 Apr 2024 06:48:07 +0000
ROA not before: Fri 12 Apr 2024 06:48:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.23.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 17:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:10:40:ee:4c:21:da:ac:30:de:a1:91:8b:bb:c5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Apr 12 06:48:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adaf5127899c7b4ead11e66b911157d30fbafbda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:33:ad:af:6e:ab:0c:3a:d2:72:c0:a9:c1:6a:
51:b1:86:61:3f:c0:c3:2c:93:f9:f9:4f:d9:e5:1b:
06:8f:7a:67:40:b6:84:b7:54:ee:aa:46:3f:c0:9a:
51:aa:38:c7:f2:b1:6e:f4:94:8c:41:2e:18:28:f1:
08:91:a1:4a:1c:11:eb:77:b6:0e:32:a7:0b:75:29:
61:ca:f6:4c:c5:bc:06:10:51:41:ee:a3:4e:bf:04:
16:33:74:ed:d1:23:f9:b2:ff:c3:7c:4e:41:9b:5f:
70:28:80:65:3f:99:f1:2d:5a:ac:e9:17:97:a8:c1:
d4:74:e9:a4:80:30:78:70:fb:f5:39:e8:7a:39:da:
0c:42:d2:6b:6a:b1:3a:17:34:3f:15:dc:79:ac:9e:
35:1b:f2:03:68:17:94:b4:de:bc:84:b4:b9:7a:d6:
57:42:f0:16:d0:7e:76:94:54:7e:72:3c:e4:a5:fe:
ae:23:bb:13:98:f7:9d:8b:ac:5c:84:30:63:52:fe:
7b:43:92:de:1d:74:61:6d:36:49:89:ba:b1:31:41:
01:7d:bb:bf:cf:2d:1e:30:ff:59:c1:41:44:dd:da:
93:40:20:6d:30:03:7b:f5:6e:3d:f3:da:c6:1c:74:
94:e6:c5:89:4f:bf:b4:28:1c:a9:15:ea:69:f5:26:
53:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:51:27:89:9C:7B:4E:AD:11:E6:6B:91:11:57:D3:0F:BA:FB:DA
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/ra9RJ4mce06tEeZrkRFX0w-6-9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.23.0/24
45.156.25.0/24
45.156.27.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
194.36.171.0/24
194.36.209.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
67:6a:3e:52:65:b8:36:17:30:ca:ef:f2:2d:7b:72:e8:ca:29:
96:dc:25:e4:5e:6e:e1:3e:75:d2:93:74:e6:71:fb:1f:a0:b5:
d3:7b:cf:04:3e:d4:82:cb:2f:49:22:3e:38:0d:31:f0:08:34:
34:3d:90:74:b7:f3:fa:d9:bb:a3:ea:da:57:6d:e1:09:45:3a:
1a:bc:75:31:b9:24:43:2d:88:98:40:79:60:a7:4b:43:a5:00:
25:13:48:02:42:52:24:82:72:24:a8:91:25:e3:7b:4f:60:f8:
d4:58:f3:c4:71:9e:d0:fd:3f:1e:1d:a6:35:52:b6:25:2f:82:
81:db:1d:45:36:2b:70:29:f4:c4:51:4a:d9:eb:d3:76:a4:5e:
e0:ba:f2:eb:e1:ed:b3:86:8c:80:05:df:c0:6f:6b:4a:1c:90:
5d:9c:13:6a:0b:48:75:77:16:a0:5e:6a:81:c7:4f:23:bf:15:
96:35:79:b7:ba:7c:f0:da:6f:7d:2e:e1:d9:11:07:18:f7:25:
71:df:5a:cb:05:6e:42:a1:fa:a2:bb:fb:ab:f1:3e:c5:f3:c4:
d6:b9:8a:f3:4f:e6:91:fe:d2:86:95:af:a6:7e:22:66:e7:ed:
0e:4b:71:e6:ee:61:be:54:6e:5e:68:7e:6b:21:60:4c:38:e6:
52:84:1e:81
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY7REEDuTCHarDDeoZGLu8V2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjQwNDEyMDY0ODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFmNTEyNzg5OWM3YjRlYWQxMWU2NmI5MTExNTdkMzBmYmFmYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTOtr26rDDrScsCpwWpRsYZhP8DD
LJP5+U/Z5RsGj3pnQLaEt1TuqkY/wJpRqjjH8rFu9JSMQS4YKPEIkaFKHBHrd7YO
MqcLdSlhyvZMxbwGEFFB7qNOvwQWM3Tt0SP5sv/DfE5Bm19wKIBlP5nxLVqs6ReX
qMHUdOmkgDB4cPv1Oeh6OdoMQtJrarE6FzQ/Fdx5rJ41G/IDaBeUtN68hLS5etZX
QvAW0H52lFR+cjzkpf6uI7sTmPedi6xchDBjUv57Q5LeHXRhbTZJibqxMUEBfbu/
zy0eMP9ZwUFE3dqTQCBtMAN79W4989rGHHSU5sWJT7+0KBypFepp9SZTYQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFK2vUSeJnHtOrRHma5ERV9MPuvvaMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvcmE5Uko0bWNlMDZ0RWVacmtSRlgwdy02LTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQALZwXAwQA
LZwZAwQALZwbAwQAwbCZAwQAwbCeAwQAwbCzAwQAwiSrAwQAwiTRMAwDBAHCdNYD
BAHCdNgDBADCeBgDBADCeHQwDQQCAAIwBwMFACoTfAAwDQYJKoZIhvcNAQELBQAD
ggEBAGdqPlJluDYXMMrv8i17cujKKZbcJeRebuE+ddKTdOZx+x+gtdN7zwQ+1ILL
L0kiPjgNMfAINDQ9kHS38/rZu6Pq2ldt4QlFOhq8dTG5JEMtiJhAeWCnS0OlACUT
SAJCUiSCciSokSXje09g+NRY88RxntD9Px4dpjVStiUvgoHbHUU2K3Ap9MRRStnr
03akXuC68uvh7bOGjIAF38Bva0ockF2cE2oLSHV3FqBeaoHHTyO/FZY1ebe6fPDa
b30u4dkRBxj3JXHfWssFbkKh+qK7+6vxPsXzxNa5ivNP5pH+0oaVr6Z+Imbn7Q5L
cebuYb5Ubl5ofmshYEw45lKEHoE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:58 2024 by rpki-client on console-fra.rpki-client.org