Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YjzkTMpdMrDB1DbRk4jT5Uz5_SQ.roa
File: YjzkTMpdMrDB1DbRk4jT5Uz5_SQ.roa (raw, json)
Hash identifier: RPNBZZ/mtgZFwu6S2630r8s+fQkqbRXa0sQIWtJ3CBg=
Subject key identifier: 62:3C:E4:4C:CA:5D:32:B0:C1:D4:36:D1:93:88:D3:E5:4C:F9:FD:24
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01928A80D596819008CD88CFC0A8197AF3CE
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YjzkTMpdMrDB1DbRk4jT5Uz5_SQ.roa
Signing time: Mon 14 Oct 2024 10:09:12 +0000
ROA not before: Mon 14 Oct 2024 10:09:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
45.149.90.0/23 maxlen: 23
195.88.191.0/24 maxlen: 24
195.88.210.0/24 maxlen: 24
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Oct 2024 19:57:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:80:d5:96:81:90:08:cd:88:cf:c0:a8:19:7a:f3:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 14 10:09:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=623ce44cca5d32b0c1d436d19388d3e54cf9fd24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7e:e8:f0:b0:56:ba:78:69:16:38:f4:3f:eb:
9d:de:68:86:09:0c:e2:e2:40:73:56:70:4e:19:80:
d6:00:3a:93:24:d0:d3:a8:26:53:80:da:53:65:57:
c8:31:ad:cf:e4:1b:90:9e:5f:2b:f9:39:a6:69:82:
32:ab:d8:7f:50:fd:10:c5:ef:1e:b4:7a:93:63:ba:
9e:cf:e2:48:1a:d3:07:59:6a:75:46:7b:dd:5d:8c:
c9:3d:12:3b:5f:18:99:85:f8:52:f7:48:17:c1:da:
4c:97:ae:7d:ef:f9:de:7b:f6:81:b3:00:5d:c8:bd:
b3:87:df:b8:15:36:cf:7e:b1:69:1f:6d:47:29:fd:
15:9b:bf:93:19:a1:01:57:97:6e:b1:5c:cb:df:c8:
63:26:d9:cb:95:87:2e:ce:cd:12:c1:9f:6c:e1:a6:
ac:45:2c:35:da:30:ba:48:e8:9a:2e:fc:58:1f:67:
42:c5:a3:f3:92:6a:bf:9a:41:20:52:d3:02:1d:5e:
1d:92:cc:7a:b0:8e:7c:94:d6:43:be:9d:97:2c:d5:
b7:13:d5:61:e0:c2:e3:7b:de:0a:60:8a:a2:ea:d0:
38:0e:67:dc:cd:bd:ba:5a:ab:45:5a:8c:60:8b:8d:
e2:53:ed:1f:c2:64:ae:0b:f1:04:6e:31:94:2c:c8:
ab:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3C:E4:4C:CA:5D:32:B0:C1:D4:36:D1:93:88:D3:E5:4C:F9:FD:24
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/YjzkTMpdMrDB1DbRk4jT5Uz5_SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.149.90.0/23
195.88.191.0/24
195.88.210.0/24
IPv6:
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
36:e1:5b:88:fb:d5:a1:59:e1:5a:1c:2f:9b:25:78:85:4f:be:
41:6b:b6:78:89:4d:c7:ea:68:68:75:4b:40:38:5e:bc:43:ad:
77:cb:c6:09:83:98:2c:ff:05:6d:b2:09:a1:31:65:91:e7:2c:
1c:fe:de:58:d8:39:ed:31:7e:34:49:47:76:b1:40:4a:38:a7:
04:0d:0c:51:9a:ec:04:b7:37:4c:ac:7f:57:02:00:ba:d3:2b:
f0:3b:75:5e:a3:c5:e0:a5:21:90:cc:fd:ee:c6:a8:29:16:f6:
8e:9b:0d:50:27:81:7b:00:4b:10:91:d3:3e:ba:5b:f1:d5:ea:
4b:6e:4f:21:43:63:77:42:0f:ea:e9:15:ff:13:4c:4e:8f:7a:
75:55:97:0e:4d:9d:2d:c2:36:1a:fc:12:33:6f:b3:1c:c2:ce:
85:29:fb:f6:0c:33:9b:b4:b8:bb:f4:18:7b:6d:d1:c5:27:c9:
04:b9:2d:da:52:4a:f1:9a:e1:a5:84:26:31:22:8d:08:33:31:
92:9a:b0:11:a3:9c:08:f5:e0:1e:2d:27:da:a9:43:fd:9c:62:
69:a5:22:b0:7a:5a:e7:d5:34:b2:7d:c0:49:ec:ff:47:6f:03:
75:51:c8:31:c3:08:71:8a:a2:70:35:fc:db:45:7c:e4:a6:8b:
93:d6:1d:f1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZKKgNWWgZAIzYjPwKgZevPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMDE0MTAwOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNjZTQ0Y2NhNWQzMmIwYzFkNDM2ZDE5Mzg4ZDNlNTRjZjlmZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX7o8LBWunhpFjj0P+ud3miGCQzi
4kBzVnBOGYDWADqTJNDTqCZTgNpTZVfIMa3P5BuQnl8r+TmmaYIyq9h/UP0Qxe8e
tHqTY7qez+JIGtMHWWp1RnvdXYzJPRI7XxiZhfhS90gXwdpMl6597/nee/aBswBd
yL2zh9+4FTbPfrFpH21HKf0Vm7+TGaEBV5dusVzL38hjJtnLlYcuzs0SwZ9s4aas
RSw12jC6SOiaLvxYH2dCxaPzkmq/mkEgUtMCHV4dksx6sI58lNZDvp2XLNW3E9Vh
4MLje94KYIqi6tA4Dmfczb26WqtFWoxgi43iU+0fwmSuC/EEbjGULMir+QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGI85EzKXTKwwdQ20ZOI0+VM+f0kMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWWp6a1RNcGRNckRCMURiUms0alQ1VXo1X1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBLY3MAwQA
LZQzAwQBLZVaAwQAw1i/AwQAw1jSMA0EAgACMAcDBQIqDzuAMA0GCSqGSIb3DQEB
CwUAA4IBAQA24VuI+9WhWeFaHC+bJXiFT75Ba7Z4iU3H6mhodUtAOF68Q613y8YJ
g5gs/wVtsgmhMWWR5ywc/t5Y2DntMX40SUd2sUBKOKcEDQxRmuwEtzdMrH9XAgC6
0yvwO3Veo8XgpSGQzP3uxqgpFvaOmw1QJ4F7AEsQkdM+ulvx1epLbk8hQ2N3Qg/q
6RX/E0xOj3p1VZcOTZ0twjYa/BIzb7Mcws6FKfv2DDObtLi79Bh7bdHFJ8kEuS3a
UkrxmuGlhCYxIo0IMzGSmrARo5wI9eAeLSfaqUP9nGJppSKwelrn1TSyfcBJ7P9H
bwN1UcgxwwhxiqJwNfzbRXzkpouT1h3x
-----END CERTIFICATE-----
Generated at Mon Oct 14 22:50:52 2024 by rpki-client on console-ams.rpki-client.org