Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/j8Kmr2PVTMlRevyooAc7WKXbDc0.roa
File: j8Kmr2PVTMlRevyooAc7WKXbDc0.roa (raw, json)
Hash identifier: 333vIFLB2pfN5y3Of9snjJkBQqq6Ve2gkApFlLqvMTw=
Subject key identifier: 8F:C2:A6:AF:63:D5:4C:C9:51:7A:FC:A8:A0:07:3B:58:A5:DB:0D:CD
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 018E1DEC7B5C8B6DAF56CE534CBC7447C8C8
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/j8Kmr2PVTMlRevyooAc7WKXbDc0.roa
Signing time: Fri 08 Mar 2024 11:57:01 +0000
ROA not before: Fri 08 Mar 2024 11:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47952
IP address blocks: 45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Mar 2024 19:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:ec:7b:5c:8b:6d:af:56:ce:53:4c:bc:74:47:c8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Mar 8 11:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fc2a6af63d54cc9517afca8a0073b58a5db0dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:08:0a:0b:0f:a4:b9:29:e2:6f:bd:bc:e7:a7:
30:10:cd:b7:cd:eb:f8:b1:79:01:2f:16:0f:92:a9:
96:5f:17:32:3c:29:db:b0:37:85:59:10:b9:e9:46:
02:f9:bf:7b:31:da:c1:f7:cc:88:48:8d:36:db:a6:
cd:09:30:cd:2c:33:74:c7:19:18:d7:4a:f5:bf:4d:
7e:bb:33:59:51:f8:69:68:46:21:d2:91:f6:03:16:
e7:68:35:02:01:6b:02:aa:03:07:7d:6f:7e:63:d8:
17:80:2a:6d:fe:bc:c9:0c:f6:73:4f:be:87:b7:ad:
3b:3c:a6:48:a2:b2:91:9d:43:a8:18:d4:bf:4c:8a:
66:22:a9:ec:f6:27:0e:ee:16:c4:e8:cd:e5:6e:e7:
e7:e8:55:6b:5c:c3:76:06:a7:df:33:79:42:1c:a3:
ce:25:ec:0e:84:09:9a:e7:73:0f:0e:ef:7f:0d:83:
7b:2f:88:ee:ea:dd:47:01:88:37:a5:54:c0:2e:69:
86:1a:9a:af:cd:9e:b2:7b:ca:a1:3a:3a:b6:95:92:
a4:a2:a9:2c:ba:80:ee:41:3f:39:74:00:b1:10:73:
f6:99:71:70:b3:10:37:1f:88:96:35:03:b2:79:9d:
43:e2:4b:16:27:10:4e:24:af:71:de:42:3d:2b:de:
0c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C2:A6:AF:63:D5:4C:C9:51:7A:FC:A8:A0:07:3B:58:A5:DB:0D:CD
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/j8Kmr2PVTMlRevyooAc7WKXbDc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.221.0/24
45.139.223.0/24
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.201.212.0/22
IPv6:
2a0a:c4c0::/47
Signature Algorithm: sha256WithRSAEncryption
11:e5:d4:6f:a8:19:e7:aa:58:50:c0:81:ad:35:87:73:48:e0:
11:57:dd:5e:42:23:0f:5c:de:c9:ec:73:73:1b:1f:16:64:79:
2b:44:88:1e:b6:0c:4f:31:d9:af:a0:f9:85:03:8b:e9:dd:1f:
0f:d8:a4:b9:69:8d:75:ca:44:a3:fe:9f:e1:a6:d7:68:78:5a:
4e:40:2a:9d:17:5a:2e:81:92:f9:44:07:3e:70:60:90:64:28:
22:70:37:e8:db:a4:69:86:85:8a:b1:f6:c2:16:8d:da:54:d3:
fd:37:ca:21:f0:70:10:d4:66:21:9c:3f:dd:b7:ec:c1:d8:e5:
af:72:a3:e8:0f:12:f9:27:03:35:af:de:45:20:ac:3c:d5:83:
82:0b:be:ae:f5:36:e9:f2:9a:a9:c1:65:7e:c1:6e:eb:27:01:
0b:00:46:39:05:9d:70:b7:8c:0f:e7:5b:cb:86:09:83:6f:23:
12:7d:5e:e8:88:85:0a:ec:c9:53:10:d3:ec:e5:76:cc:ee:59:
db:41:14:29:76:f7:75:a9:15:45:24:b9:40:d5:6b:a2:dc:96:
3f:6c:48:f1:06:b7:01:34:d8:2b:8f:76:58:1d:8d:d1:63:a1:
b3:e5:3c:1f:c7:a9:82:0b:f1:d1:40:0f:4e:34:83:9b:28:c4:
c4:71:64:37
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY4d7Htci22vVs5TTLx0R8jIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjQwMzA4MTE1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmMyYTZhZjYzZDU0Y2M5NTE3YWZjYThhMDA3M2I1OGE1ZGIwZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwgKCw+kuSnib72856cwEM23zev4
sXkBLxYPkqmWXxcyPCnbsDeFWRC56UYC+b97MdrB98yISI0226bNCTDNLDN0xxkY
10r1v01+uzNZUfhpaEYh0pH2AxbnaDUCAWsCqgMHfW9+Y9gXgCpt/rzJDPZzT76H
t607PKZIorKRnUOoGNS/TIpmIqns9icO7hbE6M3lbufn6FVrXMN2BqffM3lCHKPO
JewOhAma53MPDu9/DYN7L4ju6t1HAYg3pVTALmmGGpqvzZ6ye8qhOjq2lZKkoqks
uoDuQT85dACxEHP2mXFwsxA3H4iWNQOyeZ1D4ksWJxBOJK9x3kI9K94MpQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFI/Cpq9j1UzJUXr8qKAHO1il2w3NMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvajhLbXIyUFZUTWxSZXZ5b29BYzdXS1hiRGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQALYvdAwQA
LYvfAwQAW8I0AwQAW8I2AwQCuVLcAwQCucnUMA8EAgACMAkDBwEqCsTAAAAwDQYJ
KoZIhvcNAQELBQADggEBABHl1G+oGeeqWFDAga01h3NI4BFX3V5CIw9c3snsc3Mb
HxZkeStEiB62DE8x2a+g+YUDi+ndHw/YpLlpjXXKRKP+n+Gm12h4Wk5AKp0XWi6B
kvlEBz5wYJBkKCJwN+jbpGmGhYqx9sIWjdpU0/03yiHwcBDUZiGcP9237MHY5a9y
o+gPEvknAzWv3kUgrDzVg4ILvq71NunymqnBZX7BbusnAQsARjkFnXC3jA/nW8uG
CYNvIxJ9XuiIhQrsyVMQ0+zldszuWdtBFCl293WpFUUkuUDVa6Lclj9sSPEGtwE0
2CuPdlgdjdFjobPlPB/HqYIL8dFAD040g5soxMRxZDc=
-----END CERTIFICATE-----
Generated at Fri Mar 22 03:27:01 2024 by rpki-client on console.sobornost.net