Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZxeBEe8toSi3xVsvXmWqB0dhIyQ.roa
File: ZxeBEe8toSi3xVsvXmWqB0dhIyQ.roa (raw, json)
Hash identifier: pLvfCnY72SMS+mewH+zwTByUWiHxnChXHDMjfCiBQLw=
Subject key identifier: 67:17:81:11:EF:2D:A1:28:B7:C5:5B:2F:5E:65:AA:07:47:61:23:24
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F797618BEB8633E7F78539BBB0A9355
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZxeBEe8toSi3xVsvXmWqB0dhIyQ.roa
Signing time: Sun 01 Jan 2023 22:35:09 +0000
ROA not before: Sun 01 Jan 2023 22:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14178
IP address blocks: 45.86.248.0/22 maxlen: 22
45.145.251.0/24 maxlen: 24
45.144.188.0/22 maxlen: 24
45.85.224.0/22 maxlen: 22
45.130.138.0/24 maxlen: 24
136.144.41.0/24 maxlen: 24
185.227.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:76:18:be:b8:63:3e:7f:78:53:9b:bb:0a:93:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67178111ef2da128b7c55b2f5e65aa0747612324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:15:7f:72:26:93:b2:30:fc:a8:17:d4:26:20:
76:2a:a7:66:e3:85:d6:7f:53:0c:9f:a6:71:1b:86:
f7:76:21:00:31:5c:16:0c:86:92:d6:cd:c6:ac:cc:
b5:6f:7f:f3:54:eb:c0:67:1f:35:f8:31:e0:71:ef:
00:13:1e:6e:10:60:55:b5:96:e0:25:b2:4d:4c:a0:
1b:42:4a:ff:ce:5a:00:d3:34:93:d8:d8:d2:80:6b:
f4:c9:45:9a:a8:4e:33:de:7d:96:24:4a:16:60:08:
71:80:4c:59:23:aa:03:29:29:0a:ba:46:9c:45:c6:
8c:c8:2b:c4:3d:ab:06:3a:eb:96:a1:16:e4:24:b9:
18:a1:05:10:7d:13:77:71:61:1b:7f:c7:40:1f:c6:
fc:65:7d:b0:d1:bb:bf:16:9e:48:d9:82:09:4c:ed:
17:bc:d0:2c:0e:c3:88:50:91:04:8e:83:12:e8:e0:
a2:85:09:cd:21:00:ea:9f:1b:3f:0d:f7:5f:2b:1e:
ae:fc:7e:f1:bc:70:4b:75:97:52:86:70:9b:89:ab:
2c:9c:fe:67:9f:85:98:f5:85:6d:af:9b:8a:2b:a3:
6e:11:72:f2:83:d1:f5:af:b5:b5:8a:a1:e3:2a:f2:
62:62:74:bd:96:64:ea:67:4f:e3:5e:90:64:d3:7c:
cb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:17:81:11:EF:2D:A1:28:B7:C5:5B:2F:5E:65:AA:07:47:61:23:24
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZxeBEe8toSi3xVsvXmWqB0dhIyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.224.0/22
45.86.248.0/22
45.130.138.0/24
45.144.188.0/22
45.145.251.0/24
136.144.41.0/24
185.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
75:c5:aa:1a:dd:1b:0a:4c:77:84:bf:44:9a:46:b7:cf:aa:92:
46:07:b0:e1:dc:f0:7e:af:f7:17:86:21:4f:55:7a:6d:38:8f:
02:82:1c:bd:d8:15:f6:f8:52:a2:7d:ec:c7:d5:53:97:d6:3e:
a8:91:ab:f8:42:de:9b:4d:e2:c9:1c:b1:b1:9c:85:ef:5d:51:
08:7a:7c:17:a9:3d:81:04:d0:60:4b:39:eb:c7:15:55:14:a5:
2d:2a:4c:ea:6d:3c:ba:e6:d3:dc:f3:d2:2d:ab:c4:47:dd:7d:
56:45:eb:22:dc:dd:5b:a6:9f:75:bf:d3:ad:86:5f:c6:1d:aa:
e8:82:9c:56:3f:f2:3e:fb:31:5e:28:e7:7b:06:2c:73:ed:56:
ba:da:d4:75:6b:9e:5c:0c:44:78:7e:f5:61:95:4c:ae:70:82:
8e:bf:56:0b:dc:93:aa:28:09:e2:e4:23:55:02:66:15:ff:8e:
55:56:f3:a2:e4:b1:6d:f4:45:51:91:07:5b:12:70:b0:9b:91:
28:aa:af:ec:29:31:26:b3:37:f0:83:3a:52:be:00:a9:eb:be:
a7:a3:f8:bc:b7:dc:0d:d7:29:8e:ad:10:bd:84:76:20:fc:f7:
77:5c:18:82:e8:f5:41:06:14:ce:3f:13:15:33:44:d3:d3:d8:
f6:2e:e7:88
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVveXYYvrhjPn94U5u7CpNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzE3ODExMWVmMmRhMTI4YjdjNTViMmY1ZTY1YWEwNzQ3NjEyMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxV/ciaTsjD8qBfUJiB2Kqdm44XW
f1MMn6ZxG4b3diEAMVwWDIaS1s3GrMy1b3/zVOvAZx81+DHgce8AEx5uEGBVtZbg
JbJNTKAbQkr/zloA0zST2NjSgGv0yUWaqE4z3n2WJEoWYAhxgExZI6oDKSkKukac
RcaMyCvEPasGOuuWoRbkJLkYoQUQfRN3cWEbf8dAH8b8ZX2w0bu/Fp5I2YIJTO0X
vNAsDsOIUJEEjoMS6OCihQnNIQDqnxs/DfdfKx6u/H7xvHBLdZdShnCbiassnP5n
n4WY9YVtr5uKK6NuEXLyg9H1r7W1iqHjKvJiYnS9lmTqZ0/jXpBk03zLjQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGcXgRHvLaEot8VbL15lqgdHYSMkMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWnhlQkVlOHRvU2kzeFZzdlhtV3FCMGRoSXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLVXgAwQC
LVb4AwQALYKKAwQCLZC8AwQALZH7AwQAiJApAwQAueMjMA0GCSqGSIb3DQEBCwUA
A4IBAQB1xaoa3RsKTHeEv0SaRrfPqpJGB7Dh3PB+r/cXhiFPVXptOI8Cghy92BX2
+FKifezH1VOX1j6okav4Qt6bTeLJHLGxnIXvXVEIenwXqT2BBNBgSznrxxVVFKUt
KkzqbTy65tPc89Itq8RH3X1WResi3N1bpp91v9Othl/GHarogpxWP/I++zFeKOd7
Bixz7Va62tR1a55cDER4fvVhlUyucIKOv1YL3JOqKAni5CNVAmYV/45VVvOi5LFt
9EVRkQdbEnCwm5Eoqq/sKTEmszfwgzpSvgCp676no/i8t9wN1ymOrRC9hHYg/Pd3
XBiC6PVBBhTOPxMVM0TT09j2LueI
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org