Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/qyvnbcD_-nSDbd4qBpcjx9brtdU.roa
File: qyvnbcD_-nSDbd4qBpcjx9brtdU.roa (raw, json)
Hash identifier: Cj4nNc11xl9XvCk4nntca+3Xv23+03o20Kqwi68Q7X8=
Subject key identifier: AB:2B:E7:6D:C0:FF:FA:74:83:6D:DE:2A:06:97:23:C7:D6:EB:B5:D5
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185A07FF805A58BCE01EACF34974F8D0847
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/qyvnbcD_-nSDbd4qBpcjx9brtdU.roa
Signing time: Wed 11 Jan 2023 11:03:39 +0000
ROA not before: Wed 11 Jan 2023 11:03:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 45.140.10.0/23 maxlen: 23
45.138.2.0/23 maxlen: 23
45.148.50.0/24 maxlen: 24
45.141.124.0/22 maxlen: 23
194.156.176.0/22 maxlen: 23
213.185.88.0/21 maxlen: 23
45.130.54.0/23 maxlen: 23
195.62.22.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 12:13:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a0:7f:f8:05:a5:8b:ce:01:ea:cf:34:97:4f:8d:08:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 11 11:03:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab2be76dc0fffa74836dde2a069723c7d6ebb5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:42:09:82:7e:a3:44:54:f5:32:4d:27:ae:dd:
b3:82:9f:81:3f:08:57:e5:15:ac:f9:95:b8:67:a8:
7d:d9:2a:13:b7:23:51:e2:83:54:03:8b:6d:be:a2:
c8:d4:16:27:86:fd:f6:26:63:a3:67:4c:b0:03:1c:
e4:06:62:a7:6e:51:a6:8f:a7:bd:cb:a8:97:f6:55:
46:83:c0:38:56:d0:a5:59:57:c6:b1:e0:d1:8e:a7:
c4:20:61:82:51:d8:9b:cf:b1:28:01:78:da:44:ee:
f6:a4:fc:0a:5d:4f:00:1c:a6:ed:d9:30:1d:b2:b6:
85:78:fa:e6:41:fa:2b:9b:af:83:0b:03:af:78:50:
08:0d:2c:81:82:08:be:4f:12:f4:a1:6e:c7:55:1c:
24:a0:1f:0d:58:0c:b2:b9:a7:27:13:36:20:13:07:
5f:2e:23:27:2d:42:1a:4c:d9:9a:66:90:52:a3:c5:
f2:0a:89:38:ed:21:cb:4b:a6:35:16:af:9c:ec:bc:
08:39:04:92:58:32:aa:5e:b6:9d:ac:08:c0:cc:71:
d4:2f:a5:ad:b1:01:2f:f2:8a:c8:43:f2:36:15:f4:
d3:d1:b2:49:d1:69:cf:d0:63:2f:92:01:4c:a3:5f:
91:1b:04:4e:95:4d:5a:97:d8:1d:82:46:7e:c7:b2:
75:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2B:E7:6D:C0:FF:FA:74:83:6D:DE:2A:06:97:23:C7:D6:EB:B5:D5
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/qyvnbcD_-nSDbd4qBpcjx9brtdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.54.0/23
45.138.2.0/23
45.140.10.0/23
45.141.124.0/22
45.148.50.0/24
194.156.176.0/22
195.62.22.0/23
213.185.88.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:42:19:0b:23:23:54:cb:a9:b2:b0:bb:73:26:86:59:7c:5a:
25:72:c6:b1:d1:49:55:45:dd:20:26:a8:e9:74:ae:20:92:7d:
ec:f7:3c:b5:a3:44:44:95:3e:a4:6b:c5:60:02:21:89:e1:10:
15:51:a9:10:84:73:af:f8:8d:c9:8e:e5:5f:db:26:b6:11:32:
ca:f4:e6:f7:e2:ea:5a:aa:63:a3:f2:c9:ea:b3:ab:a9:97:2c:
e7:04:b3:99:ce:c9:2b:67:21:6f:95:50:8b:14:df:1f:39:91:
0b:d6:79:a1:fe:06:b7:34:86:01:83:57:a9:4c:a5:d9:39:f0:
79:b1:2a:d9:a6:80:b6:b1:35:85:d5:26:b2:00:32:5c:2a:3b:
46:48:63:97:95:71:37:15:7b:ca:44:e3:97:ce:44:46:bf:63:
eb:70:21:ff:96:53:4b:83:52:12:93:f9:dd:d2:24:38:84:ea:
12:86:9c:44:67:fd:41:3f:85:20:0a:8a:2b:66:8b:c8:c6:ea:
a7:57:e2:47:53:7d:83:8a:fd:62:42:15:23:f1:c8:28:41:e0:
14:ac:6e:fd:4e:af:6f:d2:64:b1:35:10:8e:03:ac:9a:4e:48:
1b:00:9c:a7:51:c8:0f:29:b9:35:66:72:5d:b6:fb:d6:a7:e5:
ee:61:95:54
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYWgf/gFpYvOAerPNJdPjQhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTExMTEwMzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjJiZTc2ZGMwZmZmYTc0ODM2ZGRlMmEwNjk3MjNjN2Q2ZWJiNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkIJgn6jRFT1Mk0nrt2zgp+BPwhX
5RWs+ZW4Z6h92SoTtyNR4oNUA4ttvqLI1BYnhv32JmOjZ0ywAxzkBmKnblGmj6e9
y6iX9lVGg8A4VtClWVfGseDRjqfEIGGCUdibz7EoAXjaRO72pPwKXU8AHKbt2TAd
sraFePrmQform6+DCwOveFAIDSyBggi+TxL0oW7HVRwkoB8NWAyyuacnEzYgEwdf
LiMnLUIaTNmaZpBSo8XyCok47SHLS6Y1Fq+c7LwIOQSSWDKqXradrAjAzHHUL6Wt
sQEv8orIQ/I2FfTT0bJJ0WnP0GMvkgFMo1+RGwROlU1al9gdgkZ+x7J15wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKsr523A//p0g23eKgaXI8fW67XVMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvcXl2bmJjRF8tblNEYmQ0cUJwY2p4OWJydGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYI2AwQB
LYoCAwQBLYwKAwQCLY18AwQALZQyAwQCwpywAwQBwz4WAwQD1blYMA0GCSqGSIb3
DQEBCwUAA4IBAQALQhkLIyNUy6mysLtzJoZZfFolcsax0UlVRd0gJqjpdK4gkn3s
9zy1o0RElT6ka8VgAiGJ4RAVUakQhHOv+I3JjuVf2ya2ETLK9Ob34upaqmOj8snq
s6uplyznBLOZzskrZyFvlVCLFN8fOZEL1nmh/ga3NIYBg1epTKXZOfB5sSrZpoC2
sTWF1SayADJcKjtGSGOXlXE3FXvKROOXzkRGv2PrcCH/llNLg1ISk/nd0iQ4hOoS
hpxEZ/1BP4UgCoorZovIxuqnV+JHU32Div1iQhUj8cgoQeAUrG79Tq9v0mSxNRCO
A6yaTkgbAJynUcgPKbk1ZnJdtvvWp+XuYZVU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org