Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/sdiIYwq9bzsKIl0zvZvAvQ2ZS-k.roa
File: sdiIYwq9bzsKIl0zvZvAvQ2ZS-k.roa (raw, json)
Hash identifier: 5tDG7pSjLVVjVc3AOlMIyy5717Gxf9K8210tthPzToc=
Subject key identifier: B1:D8:88:63:0A:BD:6F:3B:0A:22:5D:33:BD:9B:C0:BD:0D:99:4B:E9
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018BF296F588979A2BA51E814472BF264043
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/sdiIYwq9bzsKIl0zvZvAvQ2ZS-k.roa
Signing time: Tue 21 Nov 2023 15:54:21 +0000
ROA not before: Tue 21 Nov 2023 15:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.152.56.0/23 maxlen: 23
45.149.90.0/23 maxlen: 23
45.141.204.0/23 maxlen: 23
195.88.190.0/23 maxlen: 24
195.88.210.0/23 maxlen: 24
45.148.51.0/24 maxlen: 24
45.148.66.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:96:f5:88:97:9a:2b:a5:1e:81:44:72:bf:26:40:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 21 15:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1d888630abd6f3b0a225d33bd9bc0bd0d994be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:74:89:d8:a4:c0:a2:bc:4b:d0:d9:95:af:a5:
7f:9f:e3:ea:1d:c9:25:d2:05:70:32:89:51:47:e5:
76:38:63:79:72:5c:5a:3d:75:64:b6:ff:36:0d:ea:
74:5a:bb:1e:cb:40:ef:4b:eb:e6:30:fd:21:79:e5:
47:36:df:79:60:4d:8c:53:ec:df:2b:79:eb:07:78:
49:db:93:e8:b0:9c:31:75:cf:eb:e5:ba:00:64:92:
8a:6f:27:83:64:a2:8d:51:24:8a:ac:13:aa:8c:63:
2d:8d:16:20:e4:c6:83:77:0e:ad:33:50:62:51:5c:
18:ce:83:4b:dd:cf:75:ec:b6:61:a5:85:e4:d2:70:
69:0c:e6:c8:b9:bc:a1:37:c7:e3:f3:4a:8e:01:2d:
df:f1:3f:ad:bd:10:78:43:05:7d:99:87:9f:19:94:
e8:cb:4c:4a:a7:18:6a:a8:36:87:c1:a1:c0:85:8f:
4b:30:d0:59:e5:9f:02:5f:4c:3c:50:42:62:4f:fc:
7d:a9:e3:76:0a:01:a5:61:1e:b4:56:70:fd:93:f0:
e3:94:33:0c:21:ab:8f:d7:07:fc:19:e0:75:2f:d6:
c0:ae:bf:93:3d:d1:67:a2:c0:ef:f0:3b:7d:24:0a:
f9:41:b5:60:b6:7a:93:e3:1d:00:c6:2c:05:0e:45:
6e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D8:88:63:0A:BD:6F:3B:0A:22:5D:33:BD:9B:C0:BD:0D:99:4B:E9
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/sdiIYwq9bzsKIl0zvZvAvQ2ZS-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.148.66.0/23
45.149.90.0/23
45.152.56.0/23
195.88.190.0/23
195.88.210.0/23
Signature Algorithm: sha256WithRSAEncryption
97:bf:ec:26:9c:9e:cb:d3:ba:1f:6a:90:08:90:d1:fc:58:1a:
be:2f:68:ba:35:df:bf:ea:25:9c:46:1c:9c:4d:14:5e:d9:45:
6f:1b:19:f8:ea:03:07:4b:d1:ba:2f:ae:b1:2e:39:73:53:cf:
56:67:99:cf:c5:d8:8d:13:7e:a2:6a:d2:21:e8:7a:2d:df:05:
37:70:b5:9f:92:f5:2b:e1:79:d0:83:c4:22:a4:f2:cb:b1:e8:
78:48:3b:70:d2:d0:b2:c8:e5:54:ca:13:77:7b:52:e9:f0:75:
4d:ea:b2:cd:5a:34:e9:97:de:d1:17:fc:a9:e1:5b:9c:c3:5b:
50:1a:a4:91:66:99:50:ad:c1:0e:0e:d0:49:a9:51:f6:ab:93:
23:56:e1:6e:a5:05:06:cc:4f:e6:7d:3b:d1:b3:b7:dc:36:bf:
1d:28:18:4a:d7:d5:15:84:82:1e:33:ca:35:e5:c0:24:b0:49:
c3:f7:38:48:8e:3d:86:a0:ea:4d:35:e1:e6:8a:c6:e6:98:80:
1e:ea:89:92:7b:07:4b:0a:29:2e:2a:34:78:21:ee:e4:c0:8b:
95:3d:ec:e1:4c:5c:0a:f6:64:1b:3e:85:e7:4a:0b:66:dc:6a:
46:e8:db:7d:36:7f:15:57:bf:96:57:b4:d0:40:ee:b8:60:c9:
96:72:24:91
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYvylvWIl5orpR6BRHK/JkBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMTIxMTU1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ4ODg2MzBhYmQ2ZjNiMGEyMjVkMzNiZDliYzBiZDBkOTk0YmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXSJ2KTAorxL0NmVr6V/n+PqHckl
0gVwMolRR+V2OGN5clxaPXVktv82Dep0Wrsey0DvS+vmMP0heeVHNt95YE2MU+zf
K3nrB3hJ25PosJwxdc/r5boAZJKKbyeDZKKNUSSKrBOqjGMtjRYg5MaDdw6tM1Bi
UVwYzoNL3c917LZhpYXk0nBpDObIubyhN8fj80qOAS3f8T+tvRB4QwV9mYefGZTo
y0xKpxhqqDaHwaHAhY9LMNBZ5Z8CX0w8UEJiT/x9qeN2CgGlYR60VnD9k/DjlDMM
IauP1wf8GeB1L9bArr+TPdFnosDv8Dt9JAr5QbVgtnqT4x0AxiwFDkVujQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLHYiGMKvW87CiJdM72bwL0NmUvpMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvc2RpSVl3cTlienNLSWwwenZadkF2UTJaUy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLY3MAwQA
LZQzAwQBLZRCAwQBLZVaAwQBLZg4AwQBw1i+AwQBw1jSMA0GCSqGSIb3DQEBCwUA
A4IBAQCXv+wmnJ7L07ofapAIkNH8WBq+L2i6Nd+/6iWcRhycTRRe2UVvGxn46gMH
S9G6L66xLjlzU89WZ5nPxdiNE36iatIh6Hot3wU3cLWfkvUr4XnQg8QipPLLseh4
SDtw0tCyyOVUyhN3e1Lp8HVN6rLNWjTpl97RF/yp4Vucw1tQGqSRZplQrcEODtBJ
qVH2q5MjVuFupQUGzE/mfTvRs7fcNr8dKBhK19UVhIIeM8o15cAksEnD9zhIjj2G
oOpNNeHmisbmmIAe6omSewdLCikuKjR4Ie7kwIuVPezhTFwK9mQbPoXnSgtm3GpG
6Nt9Nn8VV7+WV7TQQO64YMmWciSR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org