Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/goEfYZvhiBktPOTvskw-ia99Coc.roa
File: goEfYZvhiBktPOTvskw-ia99Coc.roa (raw, json)
Hash identifier: FDwdP6TvE7rviUteTktLAZ8iBnaKramu0TXR+RklaWg=
Subject key identifier: 82:81:1F:61:9B:E1:88:19:2D:3C:E4:EF:B2:4C:3E:89:AF:7D:0A:87
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018727831F0DBFC0B719E8C7243617D996F2
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/goEfYZvhiBktPOTvskw-ia99Coc.roa
Signing time: Tue 28 Mar 2023 09:18:37 +0000
ROA not before: Tue 28 Mar 2023 09:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 45.140.8.0/23 maxlen: 23
109.206.250.0/23 maxlen: 23
45.157.202.0/23 maxlen: 23
2a0c:9e02::/32 maxlen: 40
2a0b:3c41:2::/48 maxlen: 48
2a0e:eb40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Aug 2023 13:53:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:83:1f:0d:bf:c0:b7:19:e8:c7:24:36:17:d9:96:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 28 09:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82811f619be188192d3ce4efb24c3e89af7d0a87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:73:2e:6f:d5:5a:fa:5e:d6:40:29:e5:85:f3:
f8:b1:c0:cc:00:59:af:81:03:3a:f6:bb:57:81:bb:
90:93:d5:57:03:f2:a1:db:f9:c5:5c:3d:9f:48:3c:
09:d1:8d:41:03:aa:0d:48:29:de:06:9d:48:40:04:
7d:2b:3d:d3:fe:42:9f:bc:1e:56:bc:12:66:57:61:
05:4e:aa:23:65:17:88:37:9c:a4:5b:25:1b:49:1d:
19:9e:d6:01:b0:51:d6:a8:00:a7:14:44:0a:48:1a:
0e:10:d7:80:0d:b8:74:9d:e2:86:8a:74:fa:b6:03:
6f:bc:6e:b1:53:fa:f4:fd:5d:f2:99:e8:2d:ca:0c:
d4:25:3b:82:cf:0a:b4:0d:74:8a:86:11:41:f3:1b:
4f:26:11:02:b0:7a:8d:62:2c:af:f8:88:24:4d:84:
3d:d5:ce:1b:42:50:b3:4d:70:f2:de:f5:72:de:4e:
e2:5b:b0:1b:a5:d6:a0:70:62:ac:51:a2:bd:4f:65:
c7:98:2c:b9:a3:f6:a5:cb:8d:e4:58:7e:cd:d0:e6:
c6:54:a7:dc:81:70:95:f7:30:68:97:66:25:51:bb:
6c:d2:c7:fd:24:0b:6f:b7:0f:23:19:f9:48:52:d5:
07:20:32:6f:a7:11:c9:0f:2d:f1:99:ff:9a:5b:b1:
fd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:81:1F:61:9B:E1:88:19:2D:3C:E4:EF:B2:4C:3E:89:AF:7D:0A:87
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/goEfYZvhiBktPOTvskw-ia99Coc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.8.0/23
45.157.202.0/23
109.206.250.0/23
IPv6:
2a0b:3c41:2::/48
2a0c:9e02::/32
2a0e:eb40::/32
Signature Algorithm: sha256WithRSAEncryption
33:6f:a3:28:b0:ba:dc:3b:8a:64:21:f6:14:0f:0c:51:14:63:
34:3c:1d:a4:71:6c:4f:91:ab:1e:f8:d9:c0:71:1f:83:0c:22:
38:d2:cf:7d:65:a9:88:54:d9:02:98:c2:ef:f6:9f:e1:f1:86:
6a:b8:a7:97:c9:73:9d:15:14:a1:f5:9b:19:da:15:4a:4c:bd:
38:40:52:27:2e:45:84:1c:2c:60:c0:89:05:bb:ff:a8:f1:d4:
b2:df:f1:8a:24:4f:f8:bd:5e:92:e7:38:0f:e6:e0:f1:62:97:
1f:d0:58:20:f2:1c:5c:4f:19:d3:8d:91:fe:10:c4:dc:cf:ae:
b8:80:cd:9d:52:06:04:bc:21:b7:7d:79:44:9e:bc:d0:33:6a:
ed:3d:15:9b:d7:9b:b0:a4:ac:2c:5c:d3:04:60:2a:06:ec:6b:
00:96:9c:d6:e3:d4:20:70:21:1a:74:16:67:bf:fe:e2:24:09:
c4:60:1e:c6:65:3d:71:e7:2f:26:f1:47:eb:d9:ba:49:aa:6d:
fd:d1:c0:a1:fb:39:7e:f9:a4:7b:59:d6:fb:5d:da:9c:b8:94:
f7:ce:0b:5f:43:17:e5:1d:fb:f0:76:1d:af:8c:04:ca:0f:c9:
37:fa:20:6c:31:52:2c:6e:9c:24:42:29:c7:75:ab:4b:9b:f6:
c0:76:cc:8e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYcngx8Nv8C3GejHJDYX2ZbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMzI4MDkxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjgxMWY2MTliZTE4ODE5MmQzY2U0ZWZiMjRjM2U4OWFmN2QwYTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHMub9Va+l7WQCnlhfP4scDMAFmv
gQM69rtXgbuQk9VXA/Kh2/nFXD2fSDwJ0Y1BA6oNSCneBp1IQAR9Kz3T/kKfvB5W
vBJmV2EFTqojZReIN5ykWyUbSR0ZntYBsFHWqACnFEQKSBoOENeADbh0neKGinT6
tgNvvG6xU/r0/V3ymegtygzUJTuCzwq0DXSKhhFB8xtPJhECsHqNYiyv+IgkTYQ9
1c4bQlCzTXDy3vVy3k7iW7AbpdagcGKsUaK9T2XHmCy5o/aly43kWH7N0ObGVKfc
gXCV9zBol2YlUbts0sf9JAtvtw8jGflIUtUHIDJvpxHJDy3xmf+aW7H9mQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIKBH2Gb4YgZLTzk77JMPomvfQqHMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZ29FZlladmhpQmt0UE9UdnNrdy1pYTk5Q29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQBLYwIAwQB
LZ3KAwQBbc76MB0EAgACMBcDBwAqCzxBAAIDBQAqDJ4CAwUAKg7rQDANBgkqhkiG
9w0BAQsFAAOCAQEAM2+jKLC63DuKZCH2FA8MURRjNDwdpHFsT5GrHvjZwHEfgwwi
ONLPfWWpiFTZApjC7/af4fGGarinl8lznRUUofWbGdoVSky9OEBSJy5FhBwsYMCJ
Bbv/qPHUst/xiiRP+L1ekuc4D+bg8WKXH9BYIPIcXE8Z042R/hDE3M+uuIDNnVIG
BLwht315RJ680DNq7T0Vm9ebsKSsLFzTBGAqBuxrAJac1uPUIHAhGnQWZ7/+4iQJ
xGAexmU9cecvJvFH69m6Sapt/dHAofs5fvmke1nW+13anLiU984LX0MX5R378HYd
r4wEyg/JN/ogbDFSLG6cJEIpx3WrS5v2wHbMjg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org