Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3fV_j3KwrjYTMlMETB71GkZzQTs.roa
File: 3fV_j3KwrjYTMlMETB71GkZzQTs.roa (raw, json)
Hash identifier: TtrErIpm+Jae4yhHlhjxn+qmu+jPoBD/eMJ30qcUDec=
Subject key identifier: DD:F5:7F:8F:72:B0:AE:36:13:32:53:04:4C:1E:F5:1A:46:73:41:3B
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01899661C2301CD90FD448925510E99250FF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3fV_j3KwrjYTMlMETB71GkZzQTs.roa
Signing time: Thu 27 Jul 2023 08:05:36 +0000
ROA not before: Thu 27 Jul 2023 08:05:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.139.50.0/23 maxlen: 24
45.140.140.0/22 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
193.176.244.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
45.140.212.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:61:c2:30:1c:d9:0f:d4:48:92:55:10:e9:92:50:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jul 27 08:05:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf57f8f72b0ae36133253044c1ef51a4673413b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:01:4b:81:57:81:34:8d:44:2c:f5:14:7a:cf:
e5:9c:78:7a:87:fb:f6:65:ed:94:35:f6:34:b2:68:
1e:41:30:6e:a5:c8:99:e9:1b:27:0a:e8:e7:93:a7:
b3:f2:dc:70:c6:08:e0:0a:d6:8a:6e:f0:58:56:2d:
27:79:22:7c:c4:7f:f5:07:d8:68:5c:6b:af:12:dd:
b6:9c:37:62:41:de:09:20:d0:bc:80:b6:99:38:6e:
3c:99:9f:42:78:12:23:7c:8b:df:4d:df:78:ef:e8:
a7:62:9e:f6:54:aa:69:15:ab:a2:55:2c:2d:10:bd:
a3:ba:c1:73:e6:e7:6f:ca:03:45:a0:91:9e:28:a8:
7c:b9:0c:62:c2:97:1a:76:86:3d:c7:c5:b6:45:15:
f5:87:64:c5:b1:0b:e1:2e:8f:46:4a:d5:4d:0f:6a:
fe:ea:e5:90:df:9e:73:7c:9a:78:de:e6:ac:66:ee:
c1:1d:29:9c:08:c6:c5:4b:5d:dc:89:b0:5f:d2:a0:
0c:4e:ff:8c:39:70:63:bc:6e:aa:62:3c:10:f3:0f:
ab:9d:b4:84:fc:06:c6:72:d1:b9:8a:03:6b:8f:f6:
56:41:b8:b5:a5:ad:55:7e:de:f4:72:01:1a:dd:ff:
30:b8:85:c8:66:40:6f:db:6f:dd:20:05:2d:dd:02:
ea:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F5:7F:8F:72:B0:AE:36:13:32:53:04:4C:1E:F5:1A:46:73:41:3B
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3fV_j3KwrjYTMlMETB71GkZzQTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.198.0/23
45.137.204.0/22
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:52:a0:d4:fe:73:41:82:54:70:63:48:35:0f:57:0c:a0:9a:
d3:78:7f:09:97:55:a3:aa:78:88:de:06:43:72:15:42:a9:e0:
0b:a0:14:42:e7:9f:41:84:f4:78:53:2c:0b:b2:bc:00:f6:e8:
41:75:14:41:7b:28:17:93:45:84:9b:da:23:90:a8:e1:b4:82:
b8:fd:e2:b7:2d:14:c2:bc:eb:0b:78:a1:dc:3e:ba:c3:23:de:
8a:4a:91:b9:fc:8f:2f:da:63:7a:ce:5a:f3:b5:25:d9:c2:c1:
7c:ed:1f:12:33:9b:1c:fe:a3:e6:5f:7b:3c:e1:5a:f4:97:6f:
2b:74:c0:c4:52:99:82:84:18:ba:c3:ae:66:f7:e4:f5:fb:e4:
c4:ac:b9:61:05:1a:e7:dc:14:b0:dc:a1:26:7c:d1:46:28:e3:
0c:99:d9:a2:09:5d:ac:11:69:a8:3a:76:59:d6:41:8c:a4:6a:
34:d7:22:31:ba:1d:d8:35:78:fc:bb:51:f9:a5:b2:1c:de:b0:
c6:00:df:79:93:13:26:95:ae:c2:11:d0:77:12:0a:53:72:66:
ab:d7:73:af:72:e6:b6:64:83:2d:23:3d:b4:a5:f9:65:44:2b:
ec:f9:e5:ae:04:56:55:e8:6f:1f:5b:ab:85:8d:96:27:ba:f0:
78:87:e0:95
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmWYcIwHNkP1EiSVRDpklD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzI3MDgwNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY1N2Y4ZjcyYjBhZTM2MTMzMjUzMDQ0YzFlZjUxYTQ2NzM0MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQFLgVeBNI1ELPUUes/lnHh6h/v2
Ze2UNfY0smgeQTBupciZ6RsnCujnk6ez8txwxgjgCtaKbvBYVi0neSJ8xH/1B9ho
XGuvEt22nDdiQd4JINC8gLaZOG48mZ9CeBIjfIvfTd947+inYp72VKppFauiVSwt
EL2jusFz5udvygNFoJGeKKh8uQxiwpcadoY9x8W2RRX1h2TFsQvhLo9GStVND2r+
6uWQ355zfJp43uasZu7BHSmcCMbFS13cibBf0qAMTv+MOXBjvG6qYjwQ8w+rnbSE
/AbGctG5igNrj/ZWQbi1pa1Vft70cgEa3f8wuIXIZkBv22/dIAUt3QLqvQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN31f49ysK42EzJTBEwe9RpGc0E7MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvM2ZWX2ozS3dyallUTWxNRVRCNzFHa1p6UVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYnGAwQC
LYnMAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQBwbD0MA0GCSqGSIb3DQEBCwUA
A4IBAQBtUqDU/nNBglRwY0g1D1cMoJrTeH8Jl1WjqniI3gZDchVCqeALoBRC559B
hPR4UywLsrwA9uhBdRRBeygXk0WEm9ojkKjhtIK4/eK3LRTCvOsLeKHcPrrDI96K
SpG5/I8v2mN6zlrztSXZwsF87R8SM5sc/qPmX3s84Vr0l28rdMDEUpmChBi6w65m
9+T1++TErLlhBRrn3BSw3KEmfNFGKOMMmdmiCV2sEWmoOnZZ1kGMpGo01yIxuh3Y
NXj8u1H5pbIc3rDGAN95kxMmla7CEdB3EgpTcmar13Ovcua2ZIMtIz20pfllRCvs
+eWuBFZV6G8fW6uFjZYnuvB4h+CV
-----END CERTIFICATE-----
Generated at Fri Dec 1 13:08:31 2023 by rpki-client on console-ams.rpki-client.org