Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0szZ40KPwCam4hgwyF_eM-I4cpY.roa
File: 0szZ40KPwCam4hgwyF_eM-I4cpY.roa (raw, json)
Hash identifier: bD3lPk6ajm2KaRk6CvmIxs722PguL+ayI/Fx41VLpeg=
Subject key identifier: D2:CC:D9:E3:42:8F:C0:26:A6:E2:18:30:C8:5F:DE:33:E2:38:72:96
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018570676C8916C07A487F2F533DDADD8EB1
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0szZ40KPwCam4hgwyF_eM-I4cpY.roa
Signing time: Mon 02 Jan 2023 02:55:04 +0000
ROA not before: Mon 02 Jan 2023 02:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210489
IP address blocks: 45.135.96.0/23 maxlen: 23
45.135.98.0/23 maxlen: 23
45.136.64.0/22 maxlen: 23
185.222.32.0/23 maxlen: 23
185.222.34.0/23 maxlen: 23
45.141.16.0/23 maxlen: 23
45.141.18.0/23 maxlen: 23
91.244.204.0/22 maxlen: 23
46.161.220.0/23 maxlen: 23
46.161.222.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 09 Aug 2023 13:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:6c:89:16:c0:7a:48:7f:2f:53:3d:da:dd:8e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ccd9e3428fc026a6e21830c85fde33e2387296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3b:42:86:de:66:47:b8:1c:f9:5b:de:35:bc:
6f:02:b6:d1:54:cf:ca:4b:84:fb:ae:35:47:c2:22:
60:01:0b:2e:e5:94:20:9d:00:3d:0c:6b:4c:46:15:
c3:ba:67:5f:2e:f7:67:7b:77:f7:64:6b:dc:53:3e:
f4:73:3c:66:02:1c:01:c8:a4:3d:7b:9f:8c:b6:b1:
62:17:90:bf:af:c6:42:59:d6:fa:d9:fd:84:52:d0:
2a:cf:10:6d:25:f8:af:a1:15:c2:f9:4f:dd:f0:66:
b1:48:97:f0:58:f8:b9:97:df:9d:67:e4:14:d8:66:
d5:3d:cd:60:51:89:40:7a:c2:cb:d9:9a:10:1c:0e:
58:16:3c:e6:04:1b:71:c8:ee:81:b6:a5:bf:d7:0a:
4e:3d:39:ea:c7:f1:8f:d5:fb:94:99:e6:fb:37:71:
15:7d:d4:73:e6:99:33:0f:3d:46:d8:4a:b0:26:21:
5d:55:34:b4:59:3b:64:c9:4a:33:b3:8d:eb:0a:f3:
2c:67:e1:91:56:d2:f5:43:51:09:95:0b:b5:52:5a:
19:07:db:30:cc:f3:b7:9e:21:14:b6:98:be:36:72:
b4:33:05:40:6b:ad:1e:4e:4b:2b:bc:bd:e3:0a:8a:
9a:60:1f:ae:17:46:18:1a:8b:48:fe:3f:1a:eb:57:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CC:D9:E3:42:8F:C0:26:A6:E2:18:30:C8:5F:DE:33:E2:38:72:96
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0szZ40KPwCam4hgwyF_eM-I4cpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.96.0/22
45.136.64.0/22
45.141.16.0/22
46.161.220.0/22
91.244.204.0/22
185.222.32.0/22
Signature Algorithm: sha256WithRSAEncryption
81:03:fc:d4:a6:bc:de:0a:8d:c6:54:c7:80:b3:a7:a4:fc:66:
a0:3a:b5:eb:6d:0c:b7:7c:ec:4e:3e:16:59:5f:50:cd:e2:48:
37:b3:82:5a:65:9f:a5:21:90:f6:36:f5:74:f7:43:63:d4:f5:
1d:e4:a9:e9:6a:12:3f:98:ad:4c:9a:2b:e9:f4:c2:21:0a:e3:
01:77:bd:75:c5:7a:13:46:be:e8:94:46:3f:15:34:bc:fd:cf:
3b:e7:f1:d4:11:24:7e:18:50:ce:0e:15:b5:a6:e2:6f:09:af:
b1:de:4b:7c:da:4b:3b:64:f2:93:5e:04:ec:f9:41:6a:4c:2a:
66:c4:f6:77:87:18:d4:df:0d:c4:43:ed:39:49:db:33:c3:98:
17:7c:48:d5:20:4e:92:d8:03:d5:c1:fb:8c:ed:ff:c7:c1:27:
8e:8e:a9:95:83:df:eb:09:52:08:2e:b2:56:cf:fa:ad:e3:d1:
4f:67:af:ab:14:0b:db:bf:06:f2:57:25:9c:a3:44:24:c0:cf:
d6:ab:7d:05:e6:ea:7d:9f:83:f7:61:76:dd:73:5d:9f:02:a6:
f0:f7:47:ff:03:8c:8d:64:ed:98:e1:dc:21:ce:5f:f1:b7:63:
58:01:62:82:c1:b9:16:65:77:41:82:ce:78:04:f7:06:ff:57:
a4:59:01:68
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwZ2yJFsB6SH8vUz3a3Y6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNjZDllMzQyOGZjMDI2YTZlMjE4MzBjODVmZGUzM2UyMzg3Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTtCht5mR7gc+VveNbxvArbRVM/K
S4T7rjVHwiJgAQsu5ZQgnQA9DGtMRhXDumdfLvdne3f3ZGvcUz70czxmAhwByKQ9
e5+MtrFiF5C/r8ZCWdb62f2EUtAqzxBtJfivoRXC+U/d8GaxSJfwWPi5l9+dZ+QU
2GbVPc1gUYlAesLL2ZoQHA5YFjzmBBtxyO6BtqW/1wpOPTnqx/GP1fuUmeb7N3EV
fdRz5pkzDz1G2EqwJiFdVTS0WTtkyUozs43rCvMsZ+GRVtL1Q1EJlQu1UloZB9sw
zPO3niEUtpi+NnK0MwVAa60eTksrvL3jCoqaYB+uF0YYGotI/j8a61eUjwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNLM2eNCj8AmpuIYMMhf3jPiOHKWMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMHN6WjQwS1B3Q2FtNGhnd3lGX2VNLUk0Y3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYdgAwQC
LYhAAwQCLY0QAwQCLqHcAwQCW/TMAwQCud4gMA0GCSqGSIb3DQEBCwUAA4IBAQCB
A/zUprzeCo3GVMeAs6ek/GagOrXrbQy3fOxOPhZZX1DN4kg3s4JaZZ+lIZD2NvV0
90Nj1PUd5KnpahI/mK1Mmivp9MIhCuMBd711xXoTRr7olEY/FTS8/c875/HUESR+
GFDODhW1puJvCa+x3kt82ks7ZPKTXgTs+UFqTCpmxPZ3hxjU3w3EQ+05Sdszw5gX
fEjVIE6S2APVwfuM7f/HwSeOjqmVg9/rCVIILrJWz/qt49FPZ6+rFAvbvwbyVyWc
o0QkwM/Wq30F5up9n4P3YXbdc12fAqbw90f/A4yNZO2Y4dwhzl/xt2NYAWKCwbkW
ZXdBgs54BPcG/1ekWQFo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org