Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T478qdO94iQAN8R5Rzk4hhfjoMU.roa
File: T478qdO94iQAN8R5Rzk4hhfjoMU.roa (raw, json)
Hash identifier: sBjQvmBwEqmnPD+3bRwvHBxNhvyvRZDDBNbrJZm/0aE=
Subject key identifier: 4F:8E:FC:A9:D3:BD:E2:24:00:37:C4:79:47:39:38:86:17:E3:A0:C5
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018F525868B334CDF3455CAA9F2069224E4B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T478qdO94iQAN8R5Rzk4hhfjoMU.roa
Signing time: Tue 07 May 2024 09:17:56 +0000
ROA not before: Tue 07 May 2024 09:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204402
IP address blocks: 45.152.38.0/24 maxlen: 24
45.152.39.0/24 maxlen: 24
45.157.200.0/24 maxlen: 24
45.157.201.0/24 maxlen: 24
45.159.192.0/24 maxlen: 24
45.159.193.0/24 maxlen: 24
45.159.194.0/24 maxlen: 24
2a0b:3c40:24::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Jul 2024 11:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:58:68:b3:34:cd:f3:45:5c:aa:9f:20:69:22:4e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 7 09:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8efca9d3bde2240037c4794739388617e3a0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fd:4f:d9:53:1d:92:e0:ad:b5:80:0f:ee:f2:
76:c9:d1:98:61:59:e2:2a:7d:a3:84:d5:8f:a9:ee:
64:ef:6f:c6:5a:b1:21:61:8c:c5:3f:27:5b:7f:82:
82:ed:7c:37:0f:62:d6:f8:f0:09:22:60:a2:89:a9:
50:f9:58:95:ee:03:b9:86:27:ed:a5:5e:54:17:a7:
18:6e:e9:d6:0b:c8:83:15:71:40:55:2b:b9:20:a8:
3a:64:6e:77:e4:54:31:6c:df:78:18:86:14:b6:bf:
ba:ea:5f:d6:ce:cb:bc:dd:c5:e1:c3:1e:18:8d:b2:
14:b7:5f:1f:c1:00:11:60:5e:ab:3c:c8:93:37:d7:
c5:34:20:5a:42:5b:a4:d5:70:e5:10:fa:ff:c1:a4:
de:42:8c:e7:f2:98:0e:57:1b:68:ad:e9:33:69:a6:
67:a4:19:69:a9:6a:af:47:78:00:71:46:da:78:4c:
6d:86:b6:20:8f:18:51:c6:4e:5b:fe:70:8d:00:7d:
f2:e7:42:91:12:8a:de:83:48:19:21:1b:4a:e4:33:
49:20:c2:f0:3f:b9:d7:ce:77:bf:b3:8a:c8:58:41:
03:b1:69:fe:a9:30:85:8a:ff:81:f0:85:4a:5b:56:
88:5d:7b:0e:9f:5b:88:6d:dd:83:fa:19:f7:55:74:
59:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8E:FC:A9:D3:BD:E2:24:00:37:C4:79:47:39:38:86:17:E3:A0:C5
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T478qdO94iQAN8R5Rzk4hhfjoMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.38.0/23
45.157.200.0/23
45.159.192.0-45.159.194.255
IPv6:
2a0b:3c40:24::/48
Signature Algorithm: sha256WithRSAEncryption
7d:b4:0d:bd:94:ba:4b:49:a6:95:3d:76:8b:8f:7e:29:fa:4a:
f5:3c:f7:d8:d9:0c:e9:3f:da:d4:ed:76:7e:c2:24:cd:60:a8:
73:c7:65:f4:75:6b:6c:20:bc:47:88:8a:45:f8:ca:aa:93:b1:
b5:78:41:05:c8:6a:4a:18:a9:5e:ec:fc:f6:eb:c2:f1:93:c6:
1c:a0:42:3a:50:dd:7c:4c:ee:24:ac:16:43:d7:fe:bf:80:a8:
a8:e2:7e:2b:42:22:82:64:f8:ff:5a:34:95:27:de:c8:8f:d0:
8e:d8:65:d3:67:31:58:0c:1d:07:43:2f:06:92:5c:13:e2:66:
cf:e2:f6:7b:ee:e7:f1:f2:d7:bc:db:12:f5:0e:ea:b9:f7:3b:
62:5a:52:9d:9d:2a:64:d2:18:3f:7c:74:df:b4:7f:a5:ee:bd:
1f:4d:0c:42:58:21:9f:e7:03:fd:e5:6f:bf:67:b0:db:29:fd:
ed:82:aa:49:2b:d1:d7:10:49:d0:b7:6e:6f:14:06:69:12:9e:
79:49:a6:40:fa:e8:2e:62:37:77:d8:b5:4a:b0:56:38:03:38:
20:48:4b:5c:0d:76:2a:25:90:05:7a:d2:99:d0:6d:dd:86:ed:
ba:18:59:50:2d:38:4d:f7:f8:05:9e:db:a8:c1:14:1f:20:01:
f3:b5:e0:05
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY9SWGizNM3zRVyqnyBpIk5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNTA3MDkxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhlZmNhOWQzYmRlMjI0MDAzN2M0Nzk0NzM5Mzg4NjE3ZTNhMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP1P2VMdkuCttYAP7vJ2ydGYYVni
Kn2jhNWPqe5k72/GWrEhYYzFPydbf4KC7Xw3D2LW+PAJImCiialQ+ViV7gO5hift
pV5UF6cYbunWC8iDFXFAVSu5IKg6ZG535FQxbN94GIYUtr+66l/Wzsu83cXhwx4Y
jbIUt18fwQARYF6rPMiTN9fFNCBaQluk1XDlEPr/waTeQozn8pgOVxtorekzaaZn
pBlpqWqvR3gAcUbaeExthrYgjxhRxk5b/nCNAH3y50KREoreg0gZIRtK5DNJIMLw
P7nXzne/s4rIWEEDsWn+qTCFiv+B8IVKW1aIXXsOn1uIbd2D+hn3VXRZswIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFE+O/KnTveIkADfEeUc5OIYX46DFMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvVDQ3OHFkTzk0aVFBTjhSNVJ6azRoaGZqb01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQBLZgmAwQB
LZ3IMAwDBAYtn8ADBAAtn8IwDwQCAAIwCQMHACoLPEAAJDANBgkqhkiG9w0BAQsF
AAOCAQEAfbQNvZS6S0mmlT12i49+KfpK9Tz32NkM6T/a1O12fsIkzWCoc8dl9HVr
bCC8R4iKRfjKqpOxtXhBBchqShipXuz89uvC8ZPGHKBCOlDdfEzuJKwWQ9f+v4Co
qOJ+K0IigmT4/1o0lSfeyI/Qjthl02cxWAwdB0MvBpJcE+Jmz+L2e+7n8fLXvNsS
9Q7qufc7YlpSnZ0qZNIYP3x037R/pe69H00MQlghn+cD/eVvv2ew2yn97YKqSSvR
1xBJ0LdubxQGaRKeeUmmQProLmI3d9i1SrBWOAM4IEhLXA12KiWQBXrSmdBt3Ybt
uhhZUC04Tff4BZ7bqMEUHyAB87XgBQ==
-----END CERTIFICATE-----
Generated at Mon Jul 8 12:53:40 2024 by rpki-client on console-fra.rpki-client.org