Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w2MLtNQQYERbbLuLBpYeRUum9uI.roa
File: w2MLtNQQYERbbLuLBpYeRUum9uI.roa (raw, json)
Hash identifier: 0sZV99Lr5ZO2zZgH+VujQLl4TxCwemqK0E6QnJ1LXGY=
Subject key identifier: C3:63:0B:B4:D4:10:60:44:5B:6C:BB:8B:06:96:1E:45:4B:A6:F6:E2
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0187989E934745784DC755744C8B07E6B2EC
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w2MLtNQQYERbbLuLBpYeRUum9uI.roa
Signing time: Wed 19 Apr 2023 08:25:41 +0000
ROA not before: Wed 19 Apr 2023 08:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
139.28.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:9e:93:47:45:78:4d:c7:55:74:4c:8b:07:e6:b2:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Apr 19 08:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3630bb4d41060445b6cbb8b06961e454ba6f6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:72:de:0c:6c:40:5e:ac:16:df:d1:d5:02:93:
26:a7:e7:ab:ef:95:15:cf:55:1a:60:5f:4c:8b:f7:
e7:80:eb:74:a0:8f:53:35:13:ff:64:f6:8a:1f:cc:
83:98:cd:a9:44:ec:8b:06:3b:1f:35:0d:18:2c:23:
c9:11:d1:de:ea:fb:25:7b:75:49:9b:91:bf:f0:df:
e8:4d:ae:ff:4e:d4:ce:4b:68:9a:84:17:fa:a9:ab:
36:7d:2b:f9:ca:42:f3:e3:28:96:80:e8:95:ab:aa:
3d:04:36:48:89:5d:b3:65:4c:a7:a2:18:5f:43:99:
64:13:0c:e9:81:69:b5:a3:4b:2c:4d:7b:ac:94:3f:
ab:82:e2:9a:c5:33:37:5e:c6:89:1a:ed:3b:8b:25:
56:cc:b0:c7:33:07:b9:bc:6f:d4:b9:dc:3c:f0:a7:
5c:7f:f5:15:83:6a:da:5c:ea:61:a1:e8:53:d1:43:
a7:df:4b:64:fb:24:26:c0:87:37:0e:af:19:96:4d:
39:49:1a:f9:b8:38:1b:c6:89:ed:d9:57:4f:03:a7:
69:34:87:73:46:52:b5:5a:25:1e:9b:38:db:e6:68:
50:43:41:23:b6:e0:0a:6c:51:c0:e2:d4:1a:67:ae:
5e:f4:f1:4e:31:99:67:77:a7:40:03:e0:f4:a6:29:
36:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:63:0B:B4:D4:10:60:44:5B:6C:BB:8B:06:96:1E:45:4B:A6:F6:E2
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w2MLtNQQYERbbLuLBpYeRUum9uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.180.0/22
139.28.72.0/22
Signature Algorithm: sha256WithRSAEncryption
18:4d:88:6c:09:e4:dd:a6:53:cf:2a:0d:f6:1a:48:4d:f2:29:
d5:a4:e2:be:31:9a:5b:8f:8b:94:5f:cc:46:fa:aa:6e:60:81:
a8:ea:e4:03:66:c5:d5:1d:b7:27:21:93:7e:c7:75:2e:0f:9c:
cf:87:d9:c6:fe:a5:10:3f:55:8d:00:d7:cc:5b:9b:b1:16:2c:
e0:a2:64:c8:a2:9d:17:8d:32:8c:56:bf:86:7a:9b:ab:a7:d0:
ee:d3:e7:0b:76:4d:1b:c9:35:88:88:48:a8:c8:4b:d4:19:ee:
31:82:1c:ee:15:fa:b9:c1:1c:c8:66:68:3d:9b:6b:b5:da:c2:
a2:09:b4:d8:ec:ca:7b:2e:17:ad:aa:4a:2c:77:b8:c4:de:55:
09:63:be:e5:41:5a:cc:60:8f:d0:ef:dc:ab:1e:29:08:c2:c9:
45:fd:84:77:1b:9f:50:09:5f:c2:9a:b1:c6:3c:94:78:d9:8b:
89:64:0f:56:14:ff:7b:c1:79:bc:12:39:f9:4f:f0:51:51:de:
58:0b:c9:5a:24:98:4e:b5:63:1e:e5:a7:b4:23:7a:37:1a:07:
70:51:f7:dd:d4:ab:98:e4:6c:4a:07:ee:82:a6:39:47:65:ea:
94:d2:13:97:80:20:5f:67:00:ac:97:2b:d8:18:a4:52:71:db:
d4:e1:f3:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeYnpNHRXhNx1V0TIsH5rLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwNDE5MDgyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYzMGJiNGQ0MTA2MDQ0NWI2Y2JiOGIwNjk2MWU0NTRiYTZmNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHLeDGxAXqwW39HVApMmp+er75UV
z1UaYF9Mi/fngOt0oI9TNRP/ZPaKH8yDmM2pROyLBjsfNQ0YLCPJEdHe6vsle3VJ
m5G/8N/oTa7/TtTOS2iahBf6qas2fSv5ykLz4yiWgOiVq6o9BDZIiV2zZUynohhf
Q5lkEwzpgWm1o0ssTXuslD+rguKaxTM3XsaJGu07iyVWzLDHMwe5vG/Uudw88Kdc
f/UVg2raXOphoehT0UOn30tk+yQmwIc3Dq8Zlk05SRr5uDgbxont2VdPA6dpNIdz
RlK1WiUemzjb5mhQQ0EjtuAKbFHA4tQaZ65e9PFOMZlnd6dAA+D0pik2mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNjC7TUEGBEW2y7iwaWHkVLpvbiMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvdzJNTHROUVFZRVJiYkx1TEJwWWVSVXVtOXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVO0AwQC
ixxIMA0GCSqGSIb3DQEBCwUAA4IBAQAYTYhsCeTdplPPKg32GkhN8inVpOK+MZpb
j4uUX8xG+qpuYIGo6uQDZsXVHbcnIZN+x3UuD5zPh9nG/qUQP1WNANfMW5uxFizg
omTIop0XjTKMVr+Gepurp9Du0+cLdk0byTWIiEioyEvUGe4xghzuFfq5wRzIZmg9
m2u12sKiCbTY7Mp7Lhetqkosd7jE3lUJY77lQVrMYI/Q79yrHikIwslF/YR3G59Q
CV/CmrHGPJR42YuJZA9WFP97wXm8Ejn5T/BRUd5YC8laJJhOtWMe5ae0I3o3Ggdw
Uffd1KuY5GxKB+6CpjlHZeqU0hOXgCBfZwCslyvYGKRScdvU4fPZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org