Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/YwUFDqZti7eQzzSyTB2rsE7HY_E.roa
File: YwUFDqZti7eQzzSyTB2rsE7HY_E.roa (raw, json)
Hash identifier: tSe8usX8If6oAnQTU38UXlWeOSMHWuWjEDLxERpwkJ0=
Subject key identifier: 63:05:05:0E:A6:6D:8B:B7:90:CF:34:B2:4C:1D:AB:B0:4E:C7:63:F1
Certificate issuer: /CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Certificate serial: 0186FFBAA4DEEA03F07D36BE266817B9DCDA
Authority key identifier: FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/YwUFDqZti7eQzzSyTB2rsE7HY_E.roa
Signing time: Mon 20 Mar 2023 15:54:27 +0000
ROA not before: Mon 20 Mar 2023 15:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199046
IP address blocks: 192.145.120.0/22 maxlen: 24
45.130.96.0/22 maxlen: 24
45.158.156.0/22 maxlen: 24
152.89.40.0/22 maxlen: 24
185.5.220.0/22 maxlen: 24
176.106.40.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:ba:a4:de:ea:03:f0:7d:36:be:26:68:17:b9:dc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa56c7e660b1c74e3b0318b14338c3f00dd7bc72
Validity
Not Before: Mar 20 15:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6305050ea66d8bb790cf34b24c1dabb04ec763f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:40:c5:3b:4f:f1:26:c3:79:06:0e:bd:52:3c:
97:59:0f:58:03:5d:de:c8:65:d4:2a:00:17:92:85:
29:f1:86:d3:1c:fd:98:bb:05:91:3f:1e:ef:cf:f9:
be:9f:d4:04:d3:b7:98:d7:14:67:a8:d0:76:4b:5f:
f8:12:fc:56:63:89:ea:20:9c:25:8c:df:9d:6b:40:
3e:40:0e:2c:a1:35:e4:53:84:4d:98:2d:35:f6:4e:
73:f9:f1:b4:41:8e:b7:12:0d:d6:d2:f0:f4:70:a6:
8a:62:2d:5f:27:d1:62:91:70:1e:35:41:4f:c9:34:
13:f6:f2:85:cf:a6:62:d4:b0:16:d7:f9:32:7d:15:
d6:b7:51:b4:ef:bb:09:c9:80:c1:91:20:5b:c5:1d:
5f:39:ab:ac:2d:92:65:b4:08:a6:a3:dd:bd:96:e7:
73:ba:e5:ab:6d:56:6a:3b:e5:23:3a:c2:ad:bd:f7:
82:82:b9:67:6d:26:01:dc:b6:f8:97:06:31:b7:e2:
2d:60:d6:f2:76:a5:92:d2:6c:1b:52:f9:a6:e3:6f:
b9:15:e4:04:1a:00:b2:58:52:8c:5d:07:94:68:50:
58:b6:b8:69:25:41:b4:ae:cc:3a:94:ca:c9:45:97:
55:f9:9f:4b:6a:c1:9a:47:f0:cb:5f:e0:b3:f0:78:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:05:05:0E:A6:6D:8B:B7:90:CF:34:B2:4C:1D:AB:B0:4E:C7:63:F1
X509v3 Authority Key Identifier:
keyid:FA:56:C7:E6:60:B1:C7:4E:3B:03:18:B1:43:38:C3:F0:0D:D7:BC:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-lbH5mCxx047AxixQzjD8A3XvHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/YwUFDqZti7eQzzSyTB2rsE7HY_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/276c24-2a7f-4726-8d9f-8bf4fe4c7732/1/1-lbH5mCxx047AxixQzjD8A3XvHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.96.0/22
45.158.156.0/22
152.89.40.0/22
176.106.40.0/21
185.5.220.0/22
192.145.120.0/22
Signature Algorithm: sha256WithRSAEncryption
45:2c:cb:2a:42:df:b5:65:a5:0b:86:f2:96:d6:e0:48:b1:6a:
5c:f8:e4:fc:82:f3:27:9d:e8:b5:ff:f8:be:e6:03:7a:78:08:
0a:a2:2b:c3:d9:90:b7:b8:53:75:49:76:83:7f:65:7d:ce:7a:
26:fe:41:8c:2a:b3:df:aa:f0:d6:45:a3:19:b3:31:91:bb:83:
64:a9:9e:c3:a4:4f:7b:a2:77:62:8d:52:f3:f9:0e:d1:7d:97:
31:ea:99:e2:85:e4:6a:71:34:de:1d:22:dd:b5:e6:2e:ee:ff:
26:89:0d:a2:f3:0a:71:5f:f9:af:af:92:80:8c:58:69:4f:55:
d3:a7:3f:e8:66:6e:56:7d:70:72:24:3a:af:9d:3e:37:69:c8:
16:eb:fd:4a:4f:57:77:d8:15:31:f4:6b:a0:9e:44:47:8a:4e:
b1:ff:da:cc:63:a3:1d:47:89:cb:16:5e:bf:46:f5:d6:b7:96:
8f:b4:6b:a7:61:be:95:e6:e2:e3:23:69:22:b0:23:f6:e0:f6:
81:fb:fb:97:26:b6:1c:36:df:b0:9f:08:55:06:47:55:66:08:
87:9d:4f:59:74:1a:fe:3b:9f:53:39:9b:4e:94:b9:1d:41:94:
77:3b:89:ec:b3:f8:4f:23:ae:1b:3a:de:1d:5b:a9:2b:25:5e:
5f:a7:9c:8a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYb/uqTe6gPwfTa+JmgXudzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTZjN2U2NjBiMWM3NGUzYjAzMThiMTQzMzhjM2YwMGRk
N2JjNzIwHhcNMjMwMzIwMTU1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA1MDUwZWE2NmQ4YmI3OTBjZjM0YjI0YzFkYWJiMDRlYzc2M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUDFO0/xJsN5Bg69UjyXWQ9YA13e
yGXUKgAXkoUp8YbTHP2YuwWRPx7vz/m+n9QE07eY1xRnqNB2S1/4EvxWY4nqIJwl
jN+da0A+QA4soTXkU4RNmC019k5z+fG0QY63Eg3W0vD0cKaKYi1fJ9FikXAeNUFP
yTQT9vKFz6Zi1LAW1/kyfRXWt1G077sJyYDBkSBbxR1fOausLZJltAimo929ludz
uuWrbVZqO+UjOsKtvfeCgrlnbSYB3Lb4lwYxt+ItYNbydqWS0mwbUvmm42+5FeQE
GgCyWFKMXQeUaFBYtrhpJUG0rsw6lMrJRZdV+Z9LasGaR/DLX+Cz8Hj92wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGMFBQ6mbYu3kM80skwdq7BOx2PxMB8GA1UdIwQY
MBaAFPpWx+ZgscdOOwMYsUM4w/AN17xyMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sYkg1bUN4eDA0N0F4aXhRempEOEEzWHZISS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlm
LThiZjRmZTRjNzczMi8xL1l3VUZEcVp0aTdlUXp6U3lUQjJyc0U3SFlfRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODIvMjc2YzI0LTJhN2YtNDcyNi04ZDlmLThiZjRmZTRjNzcz
Mi8xLzEtbGJINW1DeHgwNDdBeGl4UXpqRDhBM1h2SEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAItgmAD
BAItnpwDBAKYWSgDBAOwaigDBAK5BdwDBALAkXgwDQYJKoZIhvcNAQELBQADggEB
AEUsyypC37VlpQuG8pbW4Eixalz45PyC8yed6LX/+L7mA3p4CAqiK8PZkLe4U3VJ
doN/ZX3Oeib+QYwqs9+q8NZFoxmzMZG7g2SpnsOkT3uid2KNUvP5DtF9lzHqmeKF
5GpxNN4dIt215i7u/yaJDaLzCnFf+a+vkoCMWGlPVdOnP+hmblZ9cHIkOq+dPjdp
yBbr/UpPV3fYFTH0a6CeREeKTrH/2sxjox1HicsWXr9G9da3lo+0a6dhvpXm4uMj
aSKwI/bg9oH7+5cmthw237CfCFUGR1VmCIedT1l0Gv47n1M5m06UuR1BlHc7ieyz
+E8jrhs63h1bqSslXl+nnIo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:50 2024 by rpki-client on console-ams.rpki-client.org