Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2A7MZ22-tEV0P6MPBqOBC0ldoMU.roa
File: 2A7MZ22-tEV0P6MPBqOBC0ldoMU.roa (raw, json)
Hash identifier: Yh4hiKCQ2u1o62WjyxC25aDi4pmwkVs4RSycLzhWRDw=
Subject key identifier: D8:0E:CC:67:6D:BE:B4:45:74:3F:A3:0F:06:A3:81:0B:49:5D:A0:C5
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE610CB9FB854A5317AD84134B126E2
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2A7MZ22-tEV0P6MPBqOBC0ldoMU.roa
Signing time: Sun 01 Jan 2023 10:34:54 +0000
ROA not before: Sun 01 Jan 2023 10:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 45.89.124.0/23 maxlen: 23
45.89.126.0/23 maxlen: 23
185.117.1.0/24 maxlen: 24
185.117.2.0/24 maxlen: 24
45.137.68.0/24 maxlen: 24
45.91.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Apr 2023 09:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:10:cb:9f:b8:54:a5:31:7a:d8:41:34:b1:26:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d80ecc676dbeb445743fa30f06a3810b495da0c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c5:38:dc:6f:56:69:2e:14:b7:8e:f2:55:8a:
d0:52:6e:0e:de:07:fd:4b:20:8b:37:fd:f6:7a:5a:
27:bc:b7:ae:71:94:b5:0e:b3:03:b9:43:4d:da:c8:
34:be:3b:e5:45:93:a3:1e:62:12:7d:a1:04:7e:65:
b5:0b:c4:5c:02:e4:46:9d:8f:68:a0:5a:01:94:e9:
43:dd:b7:2e:20:cb:0e:7b:fd:de:1e:7f:71:db:5b:
71:c6:cc:23:e5:98:38:9c:e7:03:53:2a:00:c4:b7:
c1:fa:c2:90:a2:1b:06:19:20:02:60:25:2e:34:1a:
1a:7e:af:1b:74:ff:2d:8f:ff:3e:6f:b8:8b:f7:fa:
b1:0e:84:92:f0:19:bc:c0:20:9b:96:de:19:d5:9b:
29:b4:92:7d:24:4b:aa:ba:05:63:80:8d:a0:2f:1b:
f7:ef:5a:13:28:26:eb:e7:ad:26:74:5f:9c:b2:ba:
be:18:a7:1d:01:d9:96:9e:6c:32:ab:33:fa:8d:45:
cc:79:b9:cc:a9:96:db:bf:9e:46:35:7e:16:8a:bc:
fa:f7:78:02:0e:74:03:11:13:84:28:c1:b9:a3:f8:
2f:70:0c:fc:26:d9:ce:b8:9e:99:9c:37:5d:29:af:
b2:e4:e1:a2:e1:13:7b:7d:29:52:a0:b5:b7:c7:8b:
b8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0E:CC:67:6D:BE:B4:45:74:3F:A3:0F:06:A3:81:0B:49:5D:A0:C5
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/2A7MZ22-tEV0P6MPBqOBC0ldoMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.124.0/22
45.91.250.0/24
45.137.68.0/24
185.117.1.0-185.117.2.255
Signature Algorithm: sha256WithRSAEncryption
08:e6:d5:1f:32:d5:ae:5f:fa:c3:85:26:cf:5c:78:ab:6d:92:
f4:5e:71:c7:01:f9:08:31:5b:e1:7d:c6:03:cb:54:9a:49:50:
6e:6b:32:3f:d4:be:84:94:37:0c:15:f4:21:cd:88:d3:e9:1e:
a1:3d:7d:98:9d:09:89:a0:43:e0:29:36:ad:2c:2d:91:75:45:
1a:2d:fd:64:f9:e1:23:91:72:9b:2e:e4:53:46:42:b9:b3:70:
57:00:c9:68:7c:85:7d:fe:2a:ee:5a:74:e1:f9:9c:f3:3c:40:
4c:88:79:58:57:3e:6c:38:8f:f3:b2:85:f8:82:4c:18:43:05:
02:70:b1:10:e2:0a:e3:c0:1e:44:b6:15:cb:b0:f6:f2:64:cf:
84:cd:11:87:32:35:1a:d8:96:cc:f4:ca:4c:30:60:3d:a4:85:
3c:6f:5b:18:c8:30:98:af:c8:40:b7:11:40:47:c0:a9:b8:98:
7a:f0:d9:0d:d9:1c:12:5f:94:3c:71:2a:19:bc:20:a0:52:a1:
59:19:06:4d:39:3d:6c:ca:ee:b5:8d:ee:e9:95:e1:ee:13:7b:
ec:ab:23:4c:0a:55:76:b0:fb:4b:ac:6e:52:e2:d7:50:ca:26:
1f:ce:e9:b0:cc:6b:20:a9:59:15:71:c9:8e:5d:dc:56:b6:55:
08:96:02:0f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVs5hDLn7hUpTF62EE0sSbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBlY2M2NzZkYmViNDQ1NzQzZmEzMGYwNmEzODEwYjQ5NWRhMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMU43G9WaS4Ut47yVYrQUm4O3gf9
SyCLN/32elonvLeucZS1DrMDuUNN2sg0vjvlRZOjHmISfaEEfmW1C8RcAuRGnY9o
oFoBlOlD3bcuIMsOe/3eHn9x21txxswj5Zg4nOcDUyoAxLfB+sKQohsGGSACYCUu
NBoafq8bdP8tj/8+b7iL9/qxDoSS8Bm8wCCblt4Z1ZsptJJ9JEuqugVjgI2gLxv3
71oTKCbr560mdF+csrq+GKcdAdmWnmwyqzP6jUXMebnMqZbbv55GNX4Wirz693gC
DnQDEROEKMG5o/gvcAz8JtnOuJ6ZnDddKa+y5OGi4RN7fSlSoLW3x4u4sQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNgOzGdtvrRFdD+jDwajgQtJXaDFMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvMkE3TVoyMi10RVYwUDZNUEJxT0JDMGxkb01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVl8AwQA
LVv6AwQALYlEMAwDBAC5dQEDBAC5dQIwDQYJKoZIhvcNAQELBQADggEBAAjm1R8y
1a5f+sOFJs9ceKttkvRecccB+QgxW+F9xgPLVJpJUG5rMj/UvoSUNwwV9CHNiNPp
HqE9fZidCYmgQ+ApNq0sLZF1RRot/WT54SORcpsu5FNGQrmzcFcAyWh8hX3+Ku5a
dOH5nPM8QEyIeVhXPmw4j/OyhfiCTBhDBQJwsRDiCuPAHkS2Fcuw9vJkz4TNEYcy
NRrYlsz0ykwwYD2khTxvWxjIMJivyEC3EUBHwKm4mHrw2Q3ZHBJflDxxKhm8IKBS
oVkZBk05PWzK7rWN7umV4e4Te+yrI0wKVXaw+0usblLi11DKJh/O6bDMayCpWRVx
yY5d3Fa2VQiWAg8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:27 2024 by rpki-client on console-fra.rpki-client.org