Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0zC0YkRT0SjaOoQW_6RfmyqSZSg.roa
File: 0zC0YkRT0SjaOoQW_6RfmyqSZSg.roa (raw, json)
Hash identifier: 9bqKL9cHooBZtIiozQvQ99+W5kqV/u7iLFnScozmnO8=
Subject key identifier: D3:30:B4:62:44:53:D1:28:DA:3A:84:16:FF:A4:5F:9B:2A:92:65:28
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018C7C57ECB84E784D4C9B0FDF67A6032A31
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0zC0YkRT0SjaOoQW_6RfmyqSZSg.roa
Signing time: Mon 18 Dec 2023 09:53:06 +0000
ROA not before: Mon 18 Dec 2023 09:53:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 45.138.2.0/23 maxlen: 23
45.141.124.0/22 maxlen: 23
213.185.90.0/23 maxlen: 23
45.130.54.0/23 maxlen: 23
213.185.94.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:57:ec:b8:4e:78:4d:4c:9b:0f:df:67:a6:03:2a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 18 09:53:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d330b4624453d128da3a8416ffa45f9b2a926528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a6:e4:d1:49:59:98:9e:bc:fd:3b:8d:ac:02:
fc:10:df:42:d6:00:b9:e6:20:36:ad:c2:9c:6e:75:
57:e9:bf:4e:10:4c:9f:41:a4:4a:0f:72:c4:2f:36:
5d:7a:93:db:8a:d6:07:7a:06:61:8a:59:23:7b:e6:
50:7f:e8:15:19:c4:bf:f9:ba:13:35:7d:a4:b3:e3:
fa:b7:db:40:15:b3:67:77:61:57:18:e0:d3:40:8b:
57:c8:bb:45:aa:a4:26:50:1b:9a:90:16:f5:cc:e0:
e0:3c:1b:e6:82:07:ca:67:d7:f0:9d:11:a4:a4:17:
00:04:c3:92:b7:b2:17:b7:40:eb:8d:6a:b3:ca:96:
0b:19:d6:2a:03:90:b5:c7:8b:aa:ec:26:bb:31:1d:
0a:c3:2a:43:3a:9b:12:47:25:48:19:61:2c:da:88:
1b:71:89:88:4f:35:47:61:7b:03:6b:c3:5e:af:f0:
b3:1e:30:03:73:23:b2:fc:0b:e6:59:95:b8:b8:15:
8d:c7:a1:17:b3:95:7e:8c:31:ea:3a:b9:c8:8b:3a:
34:90:cb:27:7c:ed:96:42:cd:3c:d6:b2:cb:e1:3e:
f6:59:32:42:70:e9:7e:6d:f9:09:43:84:79:ef:5d:
c6:a1:87:3d:7f:5b:bc:b9:c5:06:6c:95:de:40:24:
05:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:30:B4:62:44:53:D1:28:DA:3A:84:16:FF:A4:5F:9B:2A:92:65:28
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0zC0YkRT0SjaOoQW_6RfmyqSZSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.54.0/23
45.138.2.0/23
45.141.124.0/22
213.185.90.0/23
213.185.94.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:55:f7:ef:58:7e:6b:e7:3d:47:6e:be:49:28:84:16:0b:ec:
ad:a9:31:de:49:9a:55:f6:00:12:3b:3c:99:58:20:81:d4:81:
d9:b4:3f:bf:91:22:b0:2d:ac:2f:af:4f:2c:b0:1f:68:65:d8:
7c:b4:2f:7a:07:da:bc:a8:95:8b:67:9f:76:7d:37:6a:ae:d6:
44:41:63:9e:66:ed:0e:77:98:bd:cd:a6:4b:84:03:d3:99:29:
f4:59:fd:f1:09:43:9d:e0:61:89:f2:c3:ea:58:2c:d9:79:23:
12:cb:20:ec:52:ff:f4:2d:bc:26:fa:eb:b3:be:80:48:8a:37:
c4:ae:54:da:d0:1f:f3:ac:f7:a2:58:43:f4:dc:8c:aa:3a:99:
43:53:a5:36:df:a1:5d:42:2d:8e:ca:68:39:6b:40:f9:d5:73:
a2:5e:ed:81:21:00:11:a8:cb:35:4e:e8:8c:9e:79:63:04:c6:
4d:d0:9c:db:8b:04:5c:35:d8:ce:08:dd:1b:e3:67:6b:90:45:
a9:2e:34:f9:bd:91:8d:d6:1b:bf:b8:2d:b0:5c:9f:a5:8b:2e:
5d:bc:fb:13:4b:23:7b:0e:e8:a9:7d:b6:6a:8c:6a:6f:8f:80:
89:0c:05:ca:9a:5c:f0:5b:8e:53:3b:71:d6:8c:a9:b6:5d:07:
9f:25:6a:73
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx8V+y4TnhNTJsP32emAyoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjE4MDk1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzMwYjQ2MjQ0NTNkMTI4ZGEzYTg0MTZmZmE0NWY5YjJhOTI2NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqbk0UlZmJ68/TuNrAL8EN9C1gC5
5iA2rcKcbnVX6b9OEEyfQaRKD3LELzZdepPbitYHegZhilkje+ZQf+gVGcS/+boT
NX2ks+P6t9tAFbNnd2FXGODTQItXyLtFqqQmUBuakBb1zODgPBvmggfKZ9fwnRGk
pBcABMOSt7IXt0DrjWqzypYLGdYqA5C1x4uq7Ca7MR0KwypDOpsSRyVIGWEs2ogb
cYmITzVHYXsDa8Ner/CzHjADcyOy/AvmWZW4uBWNx6EXs5V+jDHqOrnIizo0kMsn
fO2WQs081rLL4T72WTJCcOl+bfkJQ4R5713GoYc9f1u8ucUGbJXeQCQFowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNMwtGJEU9Eo2jqEFv+kX5sqkmUoMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMHpDMFlrUlQwU2phT29RV182UmZteXFTWlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYI2AwQB
LYoCAwQCLY18AwQB1blaAwQB1bleMA0GCSqGSIb3DQEBCwUAA4IBAQCtVffvWH5r
5z1Hbr5JKIQWC+ytqTHeSZpV9gASOzyZWCCB1IHZtD+/kSKwLawvr08ssB9oZdh8
tC96B9q8qJWLZ592fTdqrtZEQWOeZu0Od5i9zaZLhAPTmSn0Wf3xCUOd4GGJ8sPq
WCzZeSMSyyDsUv/0Lbwm+uuzvoBIijfErlTa0B/zrPeiWEP03IyqOplDU6U236Fd
Qi2Oymg5a0D51XOiXu2BIQARqMs1TuiMnnljBMZN0JzbiwRcNdjOCN0b42drkEWp
LjT5vZGN1hu/uC2wXJ+liy5dvPsTSyN7DuipfbZqjGpvj4CJDAXKmlzwW45TO3HW
jKm2XQefJWpz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org