Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tTZsmwfS2Pm4lpLp5pRWeO5wIws.roa
File: tTZsmwfS2Pm4lpLp5pRWeO5wIws.roa (raw, json)
Hash identifier: pyxrp0ooBBL06roku1O3GnRU2cDN+kBYO9nh5GHLCOg=
Subject key identifier: B5:36:6C:9B:07:D2:D8:F9:B8:96:92:E9:E6:94:56:78:EE:70:23:0B
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018CC94E3F61B79A2BF28C3ED242E308DDB3
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tTZsmwfS2Pm4lpLp5pRWeO5wIws.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 45.90.97.0/24 maxlen: 24
45.90.96.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
2.56.246.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.145.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 06:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:61:b7:9a:2b:f2:8c:3e:d2:42:e3:08:dd:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5366c9b07d2d8f9b89692e9e6945678ee70230b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:45:e6:db:b2:c4:3c:96:c0:2f:a9:cd:07:
f7:bc:e7:11:d0:b8:e6:18:1c:77:7c:99:3c:76:16:
d5:68:ed:c7:98:80:33:87:b9:7d:a1:72:74:1d:be:
0b:2d:94:e5:e0:a4:a9:da:a4:00:7c:e0:ff:d3:8f:
4e:bb:0c:39:e8:74:b3:a4:69:e2:2c:00:59:95:d8:
1b:ad:1d:b7:c6:1d:2d:fd:50:21:91:b7:d7:e7:fa:
50:83:1e:b5:92:82:c7:6f:a8:1b:84:83:63:ef:f8:
47:6b:17:75:b3:25:aa:36:85:4f:79:05:72:43:e5:
c3:bc:ac:c3:94:ea:be:5a:52:0f:cf:ef:7c:9c:c0:
4e:78:4e:1b:6a:bd:b3:e5:62:53:89:39:a4:e2:b6:
11:7d:4f:ad:5d:ba:bb:d6:01:ee:a4:09:83:60:24:
83:7c:eb:a9:dd:d5:fa:13:eb:b1:54:3d:0c:ec:9b:
89:6e:a0:df:ab:50:bf:e4:81:eb:7b:9f:16:6b:04:
78:4b:2a:c1:1b:50:9c:74:4c:5e:f3:4e:2e:fc:3a:
f9:66:b6:bc:85:59:13:fe:97:29:4c:e4:56:4c:0d:
cb:5b:48:f2:78:fa:e6:78:4f:b6:59:da:6e:72:67:
7a:c7:57:95:55:c5:c3:e6:53:13:54:ff:c6:7c:56:
7c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:36:6C:9B:07:D2:D8:F9:B8:96:92:E9:E6:94:56:78:EE:70:23:0B
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tTZsmwfS2Pm4lpLp5pRWeO5wIws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.96.0/23
45.131.65.0/24
45.134.39.0/24
45.145.226.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
10:8d:79:ff:6f:4d:04:6e:b8:1c:cf:43:05:e2:98:aa:a6:ef:
28:3a:08:5c:f7:5a:e0:79:1b:c3:12:97:38:a1:33:0a:e3:df:
1f:fc:12:19:8a:fc:35:53:43:bc:c5:2f:91:60:e0:f0:08:0e:
27:99:39:2f:ce:53:9e:0d:61:dc:19:17:25:ed:6c:ba:5b:8c:
9d:e9:95:5f:dc:32:23:30:e5:4d:d4:b3:c6:fb:13:e5:cc:e5:
cc:b4:c6:29:1d:1d:be:66:d2:3a:44:fd:5f:f3:9b:96:45:cc:
cf:d5:e3:50:8d:d4:f5:f7:e6:6b:a7:ea:c2:d4:18:91:57:8e:
57:0f:3b:24:cf:fd:52:6c:7e:a0:70:ef:ad:23:0e:e8:20:06:
53:4c:75:d4:66:61:ae:8b:18:b0:bf:cf:30:6d:ae:21:12:80:
50:b9:6b:ac:f3:b1:46:77:28:53:8b:92:59:f0:61:63:46:96:
2f:33:c7:b8:1f:d5:dd:4b:18:1d:cf:73:f5:74:18:74:3c:eb:
52:8a:da:b9:69:a0:87:38:1c:83:88:3f:6a:0b:7e:c5:da:da:
08:2d:bd:3c:8a:16:ea:17:40:07:48:a2:15:22:a9:1b:07:2f:
7b:27:5e:03:7b:0d:a9:4a:9f:d8:70:21:76:7d:d3:66:9e:22:
fa:f1:36:45
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzJTj9ht5or8ow+0kLjCN2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM2NmM5YjA3ZDJkOGY5Yjg5NjkyZTllNjk0NTY3OGVlNzAyMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyFF5tuyxDyWwC+pzQf3vOcR0Ljm
GBx3fJk8dhbVaO3HmIAzh7l9oXJ0Hb4LLZTl4KSp2qQAfOD/049Ouww56HSzpGni
LABZldgbrR23xh0t/VAhkbfX5/pQgx61koLHb6gbhINj7/hHaxd1syWqNoVPeQVy
Q+XDvKzDlOq+WlIPz+98nMBOeE4bar2z5WJTiTmk4rYRfU+tXbq71gHupAmDYCSD
fOup3dX6E+uxVD0M7JuJbqDfq1C/5IHre58WawR4SyrBG1CcdExe804u/Dr5Zra8
hVkT/pcpTORWTA3LW0jyePrmeE+2Wdpucmd6x1eVVcXD5lMTVP/GfFZ8owIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLU2bJsH0tj5uJaS6eaUVnjucCMLMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvdFRac213ZlMyUG00bHBMcDVwUldlTzV3SXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjj2AwQA
LQ3iAwQALUOLAwQBLVpgAwQALYNBAwQALYYnAwQALZHiAwQAuXUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAQjXn/b00Ebrgcz0MF4piqpu8oOghc91rgeRvDEpc4oTMK498f
/BIZivw1U0O8xS+RYODwCA4nmTkvzlOeDWHcGRcl7Wy6W4yd6ZVf3DIjMOVN1LPG
+xPlzOXMtMYpHR2+ZtI6RP1f85uWRczP1eNQjdT19+Zrp+rC1BiRV45XDzskz/1S
bH6gcO+tIw7oIAZTTHXUZmGuixiwv88wba4hEoBQuWus87FGdyhTi5JZ8GFjRpYv
M8e4H9XdSxgdz3P1dBh0POtSitq5aaCHOByDiD9qC37F2toILb08ihbqF0AHSKIV
IqkbBy97J14Dew2pSp/YcCF2fdNmniL68TZF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:14 2024 by rpki-client on console-ams.rpki-client.org