Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNZ2qPdJOiK4RMyNz_JxxguVZNM.roa
File: DNZ2qPdJOiK4RMyNz_JxxguVZNM.roa (raw, json)
Hash identifier: k2N/dEZhw3mLBAkOUXLaCl9T4JOd8yGQJhOUkHJz3Mw=
Subject key identifier: 0C:D6:76:A8:F7:49:3A:22:B8:44:CC:8D:CF:F2:71:C6:0B:95:64:D3
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018C254FE789FBA02A5B497CE58CD1F205C7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNZ2qPdJOiK4RMyNz_JxxguVZNM.roa
Signing time: Fri 01 Dec 2023 12:17:22 +0000
ROA not before: Fri 01 Dec 2023 12:17:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.139.50.0/23 maxlen: 24
193.37.248.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
193.176.244.0/23 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
45.140.212.0/23 maxlen: 23
45.140.140.0/22 maxlen: 24
45.130.119.0/24 maxlen: 24
45.138.19.0/24 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:4f:e7:89:fb:a0:2a:5b:49:7c:e5:8c:d1:f2:05:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 1 12:17:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cd676a8f7493a22b844cc8dcff271c60b9564d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d5:f8:e8:a1:d0:7b:37:38:3e:1e:ce:2a:28:
b4:ee:92:bc:e0:13:2c:a6:1b:d1:48:2e:bf:24:41:
da:db:c8:1c:4a:be:97:cc:ed:65:ee:45:76:b9:12:
e0:53:99:e3:ce:74:61:6c:de:54:df:48:f4:9f:6b:
55:f0:f0:e4:fb:3b:1c:18:81:77:01:59:ed:c6:b4:
63:1e:75:9f:68:76:64:9c:91:00:a6:0d:4e:55:b3:
18:29:6c:95:5e:d3:22:c8:b0:95:80:46:84:37:1f:
70:8c:86:3c:4f:65:fc:88:31:e6:83:fe:87:88:fc:
7e:35:56:c7:1e:1f:18:37:3a:a1:f5:98:46:33:5a:
c7:42:78:93:1b:09:94:10:7d:bf:30:e8:7a:3f:e5:
72:c2:1c:67:1f:57:5a:94:f3:3c:e6:a6:b8:b5:30:
53:3f:47:d6:c7:de:f2:35:e3:e6:6f:c2:3c:fe:e5:
ed:9f:0b:e5:b2:52:60:d2:0d:da:e8:2c:4b:a3:d7:
5e:17:ec:7c:24:6e:c5:f1:bd:be:6a:1a:47:bb:e2:
9b:e2:95:0f:b1:1b:34:9a:e3:15:d5:f5:27:c2:e0:
43:67:fa:d9:26:98:dd:11:6e:a3:34:6d:27:f6:ba:
6f:40:52:3a:e8:75:5e:ce:d0:65:95:b6:ee:0e:66:
30:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:D6:76:A8:F7:49:3A:22:B8:44:CC:8D:CF:F2:71:C6:0B:95:64:D3
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DNZ2qPdJOiK4RMyNz_JxxguVZNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.119.0/24
45.137.198.0/23
45.137.204.0/22
45.138.19.0/24
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.37.248.0/24
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
91:60:bb:f1:7e:b2:8b:8f:41:6b:6f:93:1a:56:bb:d4:f9:6d:
51:e2:22:63:57:ca:08:ba:1b:d8:21:30:ed:12:eb:46:de:88:
4f:fc:d5:67:13:e6:4b:b1:2a:46:c2:c2:47:6a:bd:89:77:97:
a2:3d:2a:30:2c:ee:33:b3:2e:37:a7:bb:b6:30:3b:fe:6e:bc:
b1:42:4d:20:e7:8d:63:52:0d:65:dc:f1:bf:82:18:40:ed:44:
60:0f:69:85:c3:7b:72:0d:33:01:75:a8:ff:3a:f3:f5:0f:02:
b1:1a:f0:4c:42:c4:03:9a:95:4a:15:60:64:6f:b4:f8:4d:5f:
5a:ae:01:61:e6:79:c5:c5:6a:95:d5:70:b8:ef:0d:f9:ef:02:
4f:06:19:6e:7a:87:e9:3f:22:57:69:1a:16:af:7f:64:86:d6:
89:e5:8d:2c:bd:9b:86:53:ac:a1:c3:7a:62:f6:1f:6d:17:0f:
42:a5:95:29:cd:1a:66:22:c8:ba:10:9e:8e:86:19:c9:ed:eb:
60:84:92:c2:ef:75:04:76:ea:ac:95:a5:f8:48:44:5e:07:4f:
a1:06:7c:3f:f2:11:38:fa:a9:ea:8f:ce:49:41:d6:5e:55:47:
58:9e:53:85:c9:c2:b3:e4:82:dc:25:14:a2:9f:d3:15:ef:bb:
69:18:4e:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYwlT+eJ+6AqW0l85YzR8gXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMjAxMTIxNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Q2NzZhOGY3NDkzYTIyYjg0NGNjOGRjZmYyNzFjNjBiOTU2NGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9X46KHQezc4Ph7OKii07pK84BMs
phvRSC6/JEHa28gcSr6XzO1l7kV2uRLgU5njznRhbN5U30j0n2tV8PDk+zscGIF3
AVntxrRjHnWfaHZknJEApg1OVbMYKWyVXtMiyLCVgEaENx9wjIY8T2X8iDHmg/6H
iPx+NVbHHh8YNzqh9ZhGM1rHQniTGwmUEH2/MOh6P+VywhxnH1dalPM85qa4tTBT
P0fWx97yNePmb8I8/uXtnwvlslJg0g3a6CxLo9deF+x8JG7F8b2+ahpHu+Kb4pUP
sRs0muMV1fUnwuBDZ/rZJpjdEW6jNG0n9rpvQFI66HVeztBllbbuDmYwrQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAzWdqj3SToiuETMjc/yccYLlWTTMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRE5aMnFQZEpPaUs0Uk15TnpfSnh4Z3VWWk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYJ3AwQB
LYnGAwQCLYnMAwQALYoTAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQAwSX4AwQB
wbD0MA0GCSqGSIb3DQEBCwUAA4IBAQCRYLvxfrKLj0Frb5MaVrvU+W1R4iJjV8oI
uhvYITDtEutG3ohP/NVnE+ZLsSpGwsJHar2Jd5eiPSowLO4zsy43p7u2MDv+bryx
Qk0g541jUg1l3PG/ghhA7URgD2mFw3tyDTMBdaj/OvP1DwKxGvBMQsQDmpVKFWBk
b7T4TV9argFh5nnFxWqV1XC47w357wJPBhlueofpPyJXaRoWr39khtaJ5Y0svZuG
U6yhw3pi9h9tFw9CpZUpzRpmIsi6EJ6OhhnJ7etghJLC73UEduqslaX4SEReB0+h
Bnw/8hE4+qnqj85JQdZeVUdYnlOFycKz5ILcJRSin9MV77tpGE45
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org