Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/C-uZa2YLKp4ukRyqAtAZvQXMShA.roa
File: C-uZa2YLKp4ukRyqAtAZvQXMShA.roa (raw, json)
Hash identifier: MdmEjDToCilXNrp7SirsBgiVVIKSczMle4JgCYU+tJc=
Subject key identifier: 0B:EB:99:6B:66:0B:2A:9E:2E:91:1C:AA:02:D0:19:BD:05:CC:4A:10
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018940C7EC11C2D31E4E5AB578F2EF80283B
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/C-uZa2YLKp4ukRyqAtAZvQXMShA.roa
Signing time: Mon 10 Jul 2023 17:09:51 +0000
ROA not before: Mon 10 Jul 2023 17:09:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.148.241.0/24 maxlen: 24
185.169.180.0/24 maxlen: 24
45.133.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jul 2023 11:47:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:c7:ec:11:c2:d3:1e:4e:5a:b5:78:f2:ef:80:28:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jul 10 17:09:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0beb996b660b2a9e2e911caa02d019bd05cc4a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c8:4f:ec:bf:a2:1c:62:b5:a6:ad:d4:52:65:
66:a0:50:fa:34:6b:78:33:63:45:bc:63:e5:3b:b6:
06:5c:b6:fc:32:be:6d:66:a4:96:6d:ad:55:7c:cf:
40:33:cb:0b:e9:2e:8c:2b:63:1b:86:f8:df:88:b6:
7e:a4:0a:b1:d4:25:4a:6c:78:d6:26:4a:af:7b:b3:
30:5b:9e:85:9d:f8:d9:ad:39:41:a4:3c:09:8e:ad:
c4:08:7e:e6:8a:95:2e:21:93:db:9e:bc:06:94:d3:
a4:be:26:10:81:21:39:5d:d9:cb:89:80:c3:bc:55:
38:36:ef:78:82:c7:5d:ca:82:bc:14:a3:6c:61:52:
f7:6c:10:ff:66:af:7a:54:56:ba:bd:7e:85:26:67:
70:c3:77:99:54:32:f5:33:13:8a:1c:cb:0a:49:19:
7d:96:2f:32:f8:63:07:5a:f3:de:da:68:b7:ee:76:
ee:f8:99:72:d3:cf:43:50:cc:a9:e9:e3:21:06:37:
c4:07:e3:98:3d:39:7f:91:7d:1c:60:e2:82:40:61:
19:e7:6a:8b:54:c2:4d:3d:91:98:72:ec:81:36:bb:
42:91:16:ac:d3:1b:e9:fb:9a:5d:4c:48:a6:ce:10:
80:7c:fc:49:bd:a6:d8:d6:47:42:9d:8e:8f:3a:26:
46:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:EB:99:6B:66:0B:2A:9E:2E:91:1C:AA:02:D0:19:BD:05:CC:4A:10
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/C-uZa2YLKp4ukRyqAtAZvQXMShA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.36.0/24
185.148.241.0/24
185.148.243.0/24
185.169.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:50:81:61:ba:87:1d:40:ae:7b:af:76:f4:dc:b5:89:96:48:
65:1f:bb:1c:dc:70:74:d7:52:5c:27:bf:86:ef:24:90:42:b3:
e3:bc:5f:c9:5d:7f:17:cb:8b:8a:99:30:38:84:6b:6a:76:ea:
3d:ca:81:5a:b7:81:d6:25:d7:48:d8:af:80:14:dd:e3:38:df:
a4:cf:7e:36:f3:06:b2:c1:75:4b:d4:15:1f:12:4c:ae:b3:ac:
5b:02:65:77:51:e7:9b:58:39:7d:7b:56:a0:61:4a:5c:36:bd:
bd:d6:80:68:6d:a5:08:9d:8c:f8:3c:15:b0:82:23:cb:af:4d:
f6:36:44:a1:14:b6:4c:8b:e9:51:20:34:73:69:08:2c:22:f4:
1c:ec:ad:a6:22:b5:3a:3c:ab:1b:34:df:7d:dd:ac:50:38:1e:
4a:b1:ab:da:3f:61:56:81:9d:54:8d:42:87:9e:9f:cb:39:f2:
e5:a0:b7:61:3a:04:f5:ac:92:38:8f:33:f2:d8:b3:b4:ff:e9:
9e:6a:bc:a8:48:39:6f:0a:43:28:55:4a:a0:2e:65:4a:a6:37:
8b:af:14:51:4e:57:d5:9b:f7:a2:2f:bd:1c:59:d7:99:bc:47:
c0:35:a1:6f:db:be:9a:86:cc:a9:aa:4e:58:d8:71:03:ac:87:
24:7b:dd:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlAx+wRwtMeTlq1ePLvgCg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwNzEwMTcwOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmViOTk2YjY2MGIyYTllMmU5MTFjYWEwMmQwMTliZDA1Y2M0YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoshP7L+iHGK1pq3UUmVmoFD6NGt4
M2NFvGPlO7YGXLb8Mr5tZqSWba1VfM9AM8sL6S6MK2MbhvjfiLZ+pAqx1CVKbHjW
Jkqve7MwW56FnfjZrTlBpDwJjq3ECH7mipUuIZPbnrwGlNOkviYQgSE5XdnLiYDD
vFU4Nu94gsddyoK8FKNsYVL3bBD/Zq96VFa6vX6FJmdww3eZVDL1MxOKHMsKSRl9
li8y+GMHWvPe2mi37nbu+Jly089DUMyp6eMhBjfEB+OYPTl/kX0cYOKCQGEZ52qL
VMJNPZGYcuyBNrtCkRas0xvp+5pdTEimzhCAfPxJvabY1kdCnY6POiZGrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAvrmWtmCyqeLpEcqgLQGb0FzEoQMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvQy11WmEyWUxLcDR1a1J5cUF0QVp2UVhNU2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYUkAwQA
uZTxAwQAuZTzAwQAuam0MA0GCSqGSIb3DQEBCwUAA4IBAQCmUIFhuocdQK57r3b0
3LWJlkhlH7sc3HB011JcJ7+G7ySQQrPjvF/JXX8Xy4uKmTA4hGtqduo9yoFat4HW
JddI2K+AFN3jON+kz3428waywXVL1BUfEkyus6xbAmV3UeebWDl9e1agYUpcNr29
1oBobaUInYz4PBWwgiPLr032NkShFLZMi+lRIDRzaQgsIvQc7K2mIrU6PKsbNN99
3axQOB5KsavaP2FWgZ1UjUKHnp/LOfLloLdhOgT1rJI4jzPy2LO0/+mearyoSDlv
CkMoVUqgLmVKpjeLrxRRTlfVm/eiL70cWdeZvEfANaFv276ahsypqk5Y2HEDrIck
e92k
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org