Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lUxlXaM9uTGyK_HA5oRcW97ptu4.roa
File: lUxlXaM9uTGyK_HA5oRcW97ptu4.roa (raw, json)
Hash identifier: P7V54P0A2dyLGjAohXgbYTLyKcI5tzqRvAc6lRk7nTc=
Subject key identifier: 95:4C:65:5D:A3:3D:B9:31:B2:2B:F1:C0:E6:84:5C:5B:DE:E9:B6:EE
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 018A36A9D33F9CEC8E7A9D37E3EA97F9A482
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lUxlXaM9uTGyK_HA5oRcW97ptu4.roa
Signing time: Sun 27 Aug 2023 11:03:33 +0000
ROA not before: Sun 27 Aug 2023 11:03:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8342
IP address blocks: 185.66.12.0/22 maxlen: 22
185.126.84.0/23 maxlen: 23
45.153.74.0/23 maxlen: 23
185.126.86.0/23 maxlen: 23
195.158.224.0/23 maxlen: 23
185.80.148.0/22 maxlen: 22
195.190.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:a9:d3:3f:9c:ec:8e:7a:9d:37:e3:ea:97:f9:a4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Aug 27 11:03:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954c655da33db931b22bf1c0e6845c5bdee9b6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:9b:61:68:a2:ad:c2:f5:7a:59:c8:53:12:
a4:e6:ef:b5:06:0b:0e:d6:bf:7a:ae:6d:0d:0d:d2:
0a:58:98:52:78:0f:eb:0f:86:18:9d:e4:64:b0:87:
a5:73:91:ed:ae:c2:f2:35:b2:12:49:ed:37:b9:97:
58:c7:29:4e:11:39:0a:b0:e7:37:c0:75:19:b8:ab:
cf:a9:9f:ea:5a:fa:04:e5:22:50:d7:a2:09:39:de:
02:73:07:7c:78:3b:fd:84:eb:2a:8b:1a:3e:1a:38:
36:00:f7:8f:84:ab:ab:d3:6e:6d:be:e4:33:a3:5c:
0d:10:08:a9:d0:17:39:cd:e1:77:f9:18:92:74:ca:
0b:2c:f6:59:bc:f2:d4:b6:bd:ea:1c:42:59:9e:2a:
55:e2:3e:dc:e2:9b:83:ab:a6:33:3e:96:a9:20:75:
2b:05:21:51:dc:92:c0:20:29:48:1d:e2:70:bd:46:
f2:df:86:95:18:e6:01:6d:2a:47:56:1a:09:08:a2:
c0:51:06:d9:3b:8b:58:69:66:8e:7a:0f:28:af:03:
91:34:ee:04:03:b1:e1:0c:4a:e4:04:36:63:79:44:
79:e6:3d:16:b8:09:16:21:27:05:f6:64:25:43:6a:
01:df:09:89:ee:71:50:4b:08:2a:24:d1:80:32:05:
9d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4C:65:5D:A3:3D:B9:31:B2:2B:F1:C0:E6:84:5C:5B:DE:E9:B6:EE
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/lUxlXaM9uTGyK_HA5oRcW97ptu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.74.0/23
185.66.12.0/22
185.80.148.0/22
185.126.84.0/22
195.158.224.0/23
195.190.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:06:92:8b:07:34:62:37:e8:ef:b1:aa:9b:49:66:ce:86:d5:
c7:a5:bd:55:b2:3c:11:1f:74:9a:2c:65:80:4e:85:97:4b:56:
aa:56:3c:e3:6a:ea:1e:0a:54:fa:21:96:9d:ce:1a:ae:a8:f8:
63:71:c0:a9:b3:91:f6:86:9a:56:05:0b:1c:b6:17:71:f0:87:
ca:73:9d:01:c9:9d:78:2b:ef:da:36:dc:fa:36:cf:e6:1c:8f:
4a:50:92:aa:a5:d4:33:fc:a6:cb:45:39:16:f4:15:2b:da:10:
2d:8e:70:9d:3b:0b:66:c1:4b:64:b2:e5:d5:bf:17:4e:d7:2d:
81:54:d4:2c:a7:4d:23:ab:ed:07:73:b8:32:ee:30:76:07:34:
f3:47:8e:b5:8a:26:31:bc:af:83:f7:18:79:c2:3d:0f:6c:33:
f6:cf:4f:e0:a6:69:63:f1:2c:d0:57:2e:01:7a:12:77:65:0a:
72:c5:e8:12:08:38:60:fb:05:77:eb:72:1a:2f:c2:c9:1f:af:
c1:ac:b1:d5:b8:f3:49:f5:9e:a1:55:83:44:0f:5b:25:73:a7:
55:78:37:56:c4:60:34:b8:01:7c:bd:a9:4d:1a:5d:ff:a2:d3:
52:37:9f:d0:3a:66:cb:f5:f9:52:d9:ef:04:63:2b:ba:c5:9e:
94:9c:28:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYo2qdM/nOyOep034+qX+aSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwODI3MTEwMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRjNjU1ZGEzM2RiOTMxYjIyYmYxYzBlNjg0NWM1YmRlZTliNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWebYWiircL1elnIUxKk5u+1BgsO
1r96rm0NDdIKWJhSeA/rD4YYneRksIelc5HtrsLyNbISSe03uZdYxylOETkKsOc3
wHUZuKvPqZ/qWvoE5SJQ16IJOd4Ccwd8eDv9hOsqixo+Gjg2APePhKur025tvuQz
o1wNEAip0Bc5zeF3+RiSdMoLLPZZvPLUtr3qHEJZnipV4j7c4puDq6YzPpapIHUr
BSFR3JLAIClIHeJwvUby34aVGOYBbSpHVhoJCKLAUQbZO4tYaWaOeg8orwORNO4E
A7HhDErkBDZjeUR55j0WuAkWIScF9mQlQ2oB3wmJ7nFQSwgqJNGAMgWdRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJVMZV2jPbkxsivxwOaEXFve6bbuMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvbFV4bFhhTTl1VEd5S19IQTVvUmNXOTdwdHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLZlKAwQC
uUIMAwQCuVCUAwQCuX5UAwQBw57gAwQAw74MMA0GCSqGSIb3DQEBCwUAA4IBAQBL
BpKLBzRiN+jvsaqbSWbOhtXHpb1VsjwRH3SaLGWAToWXS1aqVjzjauoeClT6IZad
zhquqPhjccCps5H2hppWBQscthdx8IfKc50ByZ14K+/aNtz6Ns/mHI9KUJKqpdQz
/KbLRTkW9BUr2hAtjnCdOwtmwUtksuXVvxdO1y2BVNQsp00jq+0Hc7gy7jB2BzTz
R461iiYxvK+D9xh5wj0PbDP2z0/gpmlj8SzQVy4BehJ3ZQpyxegSCDhg+wV363Ia
L8LJH6/BrLHVuPNJ9Z6hVYNED1slc6dVeDdWxGA0uAF8valNGl3/otNSN5/QOmbL
9flS2e8EYyu6xZ6UnCgq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:42 2024 by rpki-client on console-ams.rpki-client.org