Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xR6awoSGRsfU6L5iHpBFsaqIx8I.roa
File: xR6awoSGRsfU6L5iHpBFsaqIx8I.roa (raw, json)
Hash identifier: 231oU2BZKs/IIiZjPTY6QgQ9YHJtdZb5CN8mKgdr3Sg=
Subject key identifier: C5:1E:9A:C2:84:86:46:C7:D4:E8:BE:62:1E:90:45:B1:AA:88:C7:C2
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018940C61CD283807471EED6F5F90B7F3ACC
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xR6awoSGRsfU6L5iHpBFsaqIx8I.roa
Signing time: Mon 10 Jul 2023 17:07:52 +0000
ROA not before: Mon 10 Jul 2023 17:07:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 185.169.180.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.169.182.0/24 maxlen: 24
45.133.37.0/24 maxlen: 24
45.133.38.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jul 2023 17:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:c6:1c:d2:83:80:74:71:ee:d6:f5:f9:0b:7f:3a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jul 10 17:07:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c51e9ac2848646c7d4e8be621e9045b1aa88c7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6b:82:99:e3:f9:8c:79:2b:35:37:09:e9:2c:
63:3f:6c:0f:27:8e:72:cb:89:07:9d:fb:cc:0d:15:
45:5b:39:2f:6d:8a:d3:d3:5a:d0:b7:e9:df:57:05:
3e:88:d1:75:2c:a2:4a:fa:90:23:ca:7c:4c:ee:74:
a9:1c:31:71:8b:cb:cc:ee:78:9d:37:40:95:6b:47:
55:09:fa:67:b2:1f:06:12:6a:8c:8f:47:af:99:c0:
f0:cc:5a:9a:5f:32:3e:5e:c7:88:89:3e:29:6d:e3:
8a:eb:47:01:a1:0d:b3:f7:23:59:1c:59:98:70:c6:
e5:6a:26:84:27:c8:85:9a:84:71:b4:99:42:83:59:
ac:8e:4b:fe:07:b0:b6:44:1e:85:a9:00:a0:45:21:
8a:46:45:21:30:a7:fb:bd:c0:a5:f6:ab:c2:a5:31:
2b:bf:15:4c:15:cc:be:df:83:c9:a6:58:52:7c:7e:
17:5d:bf:fe:2f:46:ad:8d:a6:7b:ae:ae:fc:bc:f6:
6d:3c:72:03:c8:25:37:76:b1:38:98:89:d6:c5:2f:
62:e0:61:2d:72:c7:b5:33:a5:af:1d:c8:65:4f:b9:
39:87:6f:2e:6c:9b:10:0f:6f:0c:3a:93:de:fb:59:
58:07:20:fd:bd:13:e0:6d:3e:5f:8c:93:2b:ec:69:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1E:9A:C2:84:86:46:C7:D4:E8:BE:62:1E:90:45:B1:AA:88:C7:C2
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xR6awoSGRsfU6L5iHpBFsaqIx8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.37.0-45.133.38.255
185.169.180.0/24
185.169.182.0/23
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:b9:43:7c:80:3e:7c:f5:b5:b8:9a:d4:d8:79:77:89:e8:b8:
72:9a:9d:c6:4a:a2:22:42:ad:c3:c7:a6:da:62:dc:0a:c7:21:
9f:3b:dd:49:81:f2:e9:22:1e:6b:21:72:d7:5a:d1:73:e5:ef:
12:ea:5e:97:76:87:0d:9c:ec:a1:c4:64:c3:fc:f8:83:22:2f:
a2:9a:ba:c8:30:e1:0e:1a:a7:01:c8:96:33:25:ac:cd:e9:7f:
7d:b0:0c:ec:6a:dd:3f:1f:3b:fd:e5:74:d8:ee:d8:3a:db:44:
f6:14:f6:20:a4:3f:2b:00:a4:e0:94:59:99:13:25:7b:6f:94:
ce:10:3a:61:5c:61:87:e9:b4:44:04:b5:ff:68:ab:e6:12:1d:
d1:af:bc:e7:80:56:10:e2:07:ef:f9:68:a0:c4:47:c0:27:0f:
8a:61:42:18:64:ab:2a:ea:6e:06:03:71:5b:03:f0:75:b7:e4:
dd:c0:72:81:0f:db:62:d7:e7:e7:39:59:66:e5:36:44:b8:82:
41:76:55:72:49:97:1e:5c:57:8f:70:b7:83:af:78:d7:44:01:
f9:60:ae:13:c5:05:00:17:31:e0:c7:6c:4b:7f:2b:1c:57:49:
6c:be:4c:10:fd:5b:11:89:49:73:ac:97:bf:22:45:38:d1:af:
9a:35:1e:aa
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYlAxhzSg4B0ce7W9fkLfzrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMwNzEwMTcwNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFlOWFjMjg0ODY0NmM3ZDRlOGJlNjIxZTkwNDViMWFhODhjN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2uCmeP5jHkrNTcJ6SxjP2wPJ45y
y4kHnfvMDRVFWzkvbYrT01rQt+nfVwU+iNF1LKJK+pAjynxM7nSpHDFxi8vM7nid
N0CVa0dVCfpnsh8GEmqMj0evmcDwzFqaXzI+XseIiT4pbeOK60cBoQ2z9yNZHFmY
cMblaiaEJ8iFmoRxtJlCg1msjkv+B7C2RB6FqQCgRSGKRkUhMKf7vcCl9qvCpTEr
vxVMFcy+34PJplhSfH4XXb/+L0atjaZ7rq78vPZtPHIDyCU3drE4mInWxS9i4GEt
cse1M6WvHchlT7k5h28ubJsQD28MOpPe+1lYByD9vRPgbT5fjJMr7GlYrQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMUemsKEhkbH1Oi+Yh6QRbGqiMfCMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEveFI2YXdvU0dSc2ZVNkw1aUhwQkZzYXFJeDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAthSUD
BAAthSYDBAC5qbQDBAG5qbYDBAC5rhQwDQYJKoZIhvcNAQELBQADggEBAMa5Q3yA
Pnz1tbia1Nh5d4nouHKancZKoiJCrcPHptpi3ArHIZ873UmB8ukiHmshctda0XPl
7xLqXpd2hw2c7KHEZMP8+IMiL6Kausgw4Q4apwHIljMlrM3pf32wDOxq3T8fO/3l
dNju2DrbRPYU9iCkPysApOCUWZkTJXtvlM4QOmFcYYfptEQEtf9oq+YSHdGvvOeA
VhDiB+/5aKDER8AnD4phQhhkqyrqbgYDcVsD8HW35N3AcoEP22LX5+c5WWblNkS4
gkF2VXJJlx5cV49wt4OveNdEAflgrhPFBQAXMeDHbEt/KxxXSWy+TBD9WxGJSXOs
l78iRTjRr5o1Hqo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:49 2024 by rpki-client on console-fra.rpki-client.org