Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ACmQLtQI5v3Ol6JKplKj_VKZXqA.roa
File: ACmQLtQI5v3Ol6JKplKj_VKZXqA.roa (raw, json)
Hash identifier: 27jrzggOLkJv1uRjHfPaTVo/hoGCU8aKFWmPX2FFZUs=
Subject key identifier: 00:29:90:2E:D4:08:E6:FD:CE:97:A2:4A:A6:52:A3:FD:52:99:5E:A0
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018FAFD5E922FDA22E4B9BC38D66B630BFF4
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ACmQLtQI5v3Ol6JKplKj_VKZXqA.roa
Signing time: Sat 25 May 2024 12:59:42 +0000
ROA not before: Sat 25 May 2024 12:59:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211750
IP address blocks: 45.128.157.0/24 maxlen: 24
185.228.81.0/24 maxlen: 24
185.228.82.0/24 maxlen: 24
195.88.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 17:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:d5:e9:22:fd:a2:2e:4b:9b:c3:8d:66:b6:30:bf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 25 12:59:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0029902ed408e6fdce97a24aa652a3fd52995ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e7:df:f9:ad:f7:fc:67:0b:df:43:71:74:3e:
db:bb:97:03:ee:92:4d:84:64:35:24:97:08:66:32:
cf:f4:f7:81:d3:07:f7:68:c4:66:46:ae:a4:8b:67:
c8:04:49:90:1c:69:d4:cb:80:9e:e4:60:85:8a:46:
e2:38:f7:2c:a2:97:9d:85:70:da:86:d3:e1:08:b0:
5f:00:c1:1c:ce:8b:38:d6:92:27:7b:5f:c3:69:c7:
f2:8a:29:09:3b:d6:71:bc:98:ff:fa:3f:40:1c:f3:
4e:c4:be:34:50:b5:d7:51:85:9e:f7:64:e8:cf:28:
68:e5:bd:23:0d:c0:84:6a:b7:01:28:05:db:de:ed:
94:c7:59:df:e8:f3:4d:20:bb:4c:e3:21:a7:1e:a0:
56:47:f5:25:59:3e:ee:11:05:87:96:0b:b4:e6:16:
5b:9a:8a:1b:6d:f8:6b:2c:36:5b:96:51:db:7f:a2:
2a:c7:fc:6e:f5:0f:d8:d5:a4:99:1c:48:cf:9f:c1:
f3:45:f0:dd:e5:c3:4c:a5:92:ee:f0:65:52:c1:7d:
b0:60:aa:fe:5d:ed:28:d3:23:9f:41:c2:1b:9a:e5:
cb:94:5f:b6:dc:60:87:dd:a9:04:ac:ec:ba:36:a4:
7a:03:27:4a:c1:ac:01:5e:6f:53:3e:0b:0c:88:9a:
9e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:29:90:2E:D4:08:E6:FD:CE:97:A2:4A:A6:52:A3:FD:52:99:5E:A0
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ACmQLtQI5v3Ol6JKplKj_VKZXqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.157.0/24
185.228.81.0-185.228.82.255
195.88.190.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e3:fd:dd:fd:68:f8:6b:fe:ba:f9:1b:3b:68:f9:95:c8:88:
a6:bb:1a:b9:af:22:08:78:41:e0:55:f8:41:52:9d:32:03:77:
0f:7c:2c:bc:47:b0:d5:19:49:b5:72:9a:16:0c:fb:0b:49:b6:
1d:b2:6f:99:ac:8a:9a:79:8b:c0:01:44:7d:53:95:c1:d5:e7:
8e:6b:3c:de:20:02:a3:24:4a:d3:da:a5:c3:71:39:78:74:57:
cf:17:c8:f0:be:7f:d6:63:b5:0f:22:5a:3d:a6:1a:36:15:01:
40:87:90:38:37:32:b9:f6:8b:7f:5c:ee:f7:e1:cb:90:af:f7:
6a:07:b8:4d:6d:62:b4:36:6c:9a:6e:ba:37:43:64:2f:ff:52:
90:5d:2b:f5:9e:f4:4a:54:4f:65:93:6a:3e:ca:ba:5e:5d:03:
ab:df:ed:e1:cf:e9:08:6f:10:f7:68:73:d4:31:20:61:18:d3:
0d:be:3a:a6:6a:bd:1e:72:72:fd:95:3d:e8:87:b9:65:61:85:
59:09:d6:a3:0d:63:81:a3:f4:30:1c:5d:4a:64:fb:2f:f0:49:
c0:4d:25:a8:c4:96:6a:9d:90:28:67:73:d4:ac:20:6e:f0:85:
fd:96:98:19:7b:a2:2e:e1:36:cf:a2:56:15:81:95:17:14:d8:
8d:ba:e9:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY+v1eki/aIuS5vDjWa2ML/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTI1MTI1OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDI5OTAyZWQ0MDhlNmZkY2U5N2EyNGFhNjUyYTNmZDUyOTk1ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuff+a33/GcL30NxdD7bu5cD7pJN
hGQ1JJcIZjLP9PeB0wf3aMRmRq6ki2fIBEmQHGnUy4Ce5GCFikbiOPcsopedhXDa
htPhCLBfAMEczos41pIne1/DacfyiikJO9ZxvJj/+j9AHPNOxL40ULXXUYWe92To
zyho5b0jDcCEarcBKAXb3u2Ux1nf6PNNILtM4yGnHqBWR/UlWT7uEQWHlgu05hZb
moobbfhrLDZbllHbf6Iqx/xu9Q/Y1aSZHEjPn8HzRfDd5cNMpZLu8GVSwX2wYKr+
Xe0o0yOfQcIbmuXLlF+23GCH3akErOy6NqR6AydKwawBXm9TPgsMiJqeRwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAApkC7UCOb9zpeiSqZSo/1SmV6gMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvQUNtUUx0UUk1djNPbDZKS3BsS2pfVktaWHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALYCdMAwD
BAC55FEDBAC55FIDBADDWL4wDQYJKoZIhvcNAQELBQADggEBAGHj/d39aPhr/rr5
Gzto+ZXIiKa7GrmvIgh4QeBV+EFSnTIDdw98LLxHsNUZSbVymhYM+wtJth2yb5ms
ipp5i8ABRH1TlcHV545rPN4gAqMkStPapcNxOXh0V88XyPC+f9ZjtQ8iWj2mGjYV
AUCHkDg3Mrn2i39c7vfhy5Cv92oHuE1tYrQ2bJpuujdDZC//UpBdK/We9EpUT2WT
aj7Kul5dA6vf7eHP6QhvEPdoc9QxIGEY0w2+OqZqvR5ycv2VPeiHuWVhhVkJ1qMN
Y4Gj9DAcXUpk+y/wScBNJajElmqdkChnc9SsIG7whf2WmBl7oi7hNs+iVhWBlRcU
2I266YI=
-----END CERTIFICATE-----
Generated at Sat Sep 7 19:48:30 2024 by rpki-client on console-ams.rpki-client.org