Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/huZ3sa1O-vNvCQzrlsIVop4-CQg.roa
File: huZ3sa1O-vNvCQzrlsIVop4-CQg.roa (raw, json)
Hash identifier: C18xT6AtyEW1/izETbLjmvlohmf8Q/sRfHD2Jw8rMZE=
Subject key identifier: 86:E6:77:B1:AD:4E:FA:F3:6F:09:0C:EB:96:C2:15:A2:9E:3E:09:08
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0187190AF20F0A7600C3CEBAEB6A7D612A92
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/huZ3sa1O-vNvCQzrlsIVop4-CQg.roa
Signing time: Sat 25 Mar 2023 13:52:40 +0000
ROA not before: Sat 25 Mar 2023 13:52:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Apr 2023 07:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:19:0a:f2:0f:0a:76:00:c3:ce:ba:eb:6a:7d:61:2a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Mar 25 13:52:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86e677b1ad4efaf36f090ceb96c215a29e3e0908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e0:62:b7:7f:a7:e3:e7:e0:6e:53:12:39:61:
c3:85:e5:97:31:e2:24:cf:8d:cf:09:c9:d4:10:e1:
48:29:be:06:91:1d:63:76:b0:6e:a2:0c:45:2c:8f:
b8:f3:23:fd:04:c1:13:76:69:9c:99:11:19:8d:a3:
7f:16:19:47:1c:ea:d7:ba:3f:2d:95:51:64:d5:e4:
f5:86:cb:9d:27:bb:47:8c:83:b5:2c:64:e2:6c:e9:
3c:25:de:2e:40:53:89:be:7c:db:0d:a5:62:87:96:
7f:db:ff:01:ec:13:0d:e5:15:25:5d:9e:a1:12:19:
62:da:43:ac:60:59:46:e3:64:8c:9e:66:3e:3e:87:
33:ab:22:1c:72:0b:55:71:24:2f:26:80:1e:92:cb:
d1:28:7c:aa:be:c3:ca:9f:22:55:3b:53:1c:94:7f:
38:74:ba:38:8b:e8:48:bf:f6:72:6c:e8:f2:99:24:
69:48:a3:4a:69:d1:bb:d5:c8:d3:3a:20:84:0c:2b:
d9:8a:0e:aa:ac:6d:5c:5a:05:ad:1c:0b:e1:71:eb:
a8:3a:d2:d7:07:2d:9d:47:27:19:fd:1a:63:0e:fb:
5c:d6:d5:4e:82:a4:04:34:de:fa:f9:07:7b:28:b6:
55:f8:41:89:a0:be:1d:d2:4b:09:ad:8c:61:bf:1b:
ee:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E6:77:B1:AD:4E:FA:F3:6F:09:0C:EB:96:C2:15:A2:9E:3E:09:08
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/huZ3sa1O-vNvCQzrlsIVop4-CQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.45.245.0/24
185.47.172.0/24
185.53.209.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:b0:fe:a0:f6:d9:40:f2:d6:d6:18:1e:46:6a:ac:7a:dc:8c:
db:c9:5b:33:b7:39:28:d6:94:33:75:cb:ae:7a:66:88:2a:33:
4a:24:f6:2f:80:d0:d7:0f:96:1a:62:9b:70:f1:5f:8b:7f:2c:
5f:73:fd:4e:e7:5f:b7:aa:dc:e4:9a:3b:5c:fa:b3:de:51:ec:
c0:5f:1b:0e:f5:57:4e:0f:9e:a5:04:43:88:6f:12:92:63:92:
83:e2:69:88:df:b6:5b:a6:f9:eb:9d:63:c9:f5:ad:3b:38:5a:
ad:6a:8c:63:8d:37:ff:29:c1:8b:0d:2e:e3:3b:07:b5:40:23:
9d:81:8c:fb:6c:52:9c:6d:e3:12:9d:cc:cc:23:a0:24:b8:00:
f6:ad:05:f0:6f:1c:5b:11:91:69:38:39:f6:6b:1d:b9:47:b3:
d1:a7:5d:7e:cf:a1:14:03:39:3d:0b:72:79:c0:a2:00:36:d3:
71:ef:b7:af:72:6b:d8:23:bb:7d:82:46:fe:56:a2:3b:08:87:
9c:c6:cc:7c:82:59:f9:d6:41:30:03:5c:a3:66:c8:3c:fb:71:
3f:e0:6c:96:56:3e:9f:c2:05:ee:e5:f9:76:28:2c:4d:db:76:
04:76:f5:8d:74:db:b2:68:a2:b7:73:20:d2:60:8e:45:f2:2a:
13:75:2f:b7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcZCvIPCnYAw86662p9YSqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwMzI1MTM1MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU2NzdiMWFkNGVmYWYzNmYwOTBjZWI5NmMyMTVhMjllM2UwOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+Bit3+n4+fgblMSOWHDheWXMeIk
z43PCcnUEOFIKb4GkR1jdrBuogxFLI+48yP9BMETdmmcmREZjaN/FhlHHOrXuj8t
lVFk1eT1hsudJ7tHjIO1LGTibOk8Jd4uQFOJvnzbDaVih5Z/2/8B7BMN5RUlXZ6h
Ehli2kOsYFlG42SMnmY+PoczqyIccgtVcSQvJoAeksvRKHyqvsPKnyJVO1MclH84
dLo4i+hIv/ZybOjymSRpSKNKadG71cjTOiCEDCvZig6qrG1cWgWtHAvhceuoOtLX
By2dRycZ/RpjDvtc1tVOgqQENN76+Qd7KLZV+EGJoL4d0ksJrYxhvxvu2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIbmd7GtTvrzbwkM65bCFaKePgkIMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvaHVaM3NhMU8tdk52Q1F6cmxzSVZvcDQtQ1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVurAwQA
W8qqAwQAW9+pAwQAZy31AwQAuS+sAwQAuTXRMA0GCSqGSIb3DQEBCwUAA4IBAQDm
sP6g9tlA8tbWGB5Gaqx63IzbyVsztzko1pQzdcuuemaIKjNKJPYvgNDXD5YaYptw
8V+Lfyxfc/1O51+3qtzkmjtc+rPeUezAXxsO9VdOD56lBEOIbxKSY5KD4mmI37Zb
pvnrnWPJ9a07OFqtaoxjjTf/KcGLDS7jOwe1QCOdgYz7bFKcbeMSnczMI6AkuAD2
rQXwbxxbEZFpODn2ax25R7PRp11+z6EUAzk9C3J5wKIANtNx77evcmvYI7t9gkb+
VqI7CIecxsx8gln51kEwA1yjZsg8+3E/4GyWVj6fwgXu5fl2KCxN23YEdvWNdNuy
aKK3cyDSYI5F8ioTdS+3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:36 2024 by rpki-client on console-ams.rpki-client.org