Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UvtodjqGaVZ2mDSeDlo0rFMGPek.roa
File: UvtodjqGaVZ2mDSeDlo0rFMGPek.roa (raw, json)
Hash identifier: k37pU+txiYQIM6Y5yItq6iRmIsoWXG9g04XLY9vzPRQ=
Subject key identifier: 52:FB:68:76:3A:86:69:56:76:98:34:9E:0E:5A:34:AC:53:06:3D:E9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E228E3BED440CAA617454D77D07B648FD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UvtodjqGaVZ2mDSeDlo0rFMGPek.roa
Signing time: Sat 09 Mar 2024 09:32:10 +0000
ROA not before: Sat 09 Mar 2024 09:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/23 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 08:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:8e:3b:ed:44:0c:aa:61:74:54:d7:7d:07:b6:48:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 9 09:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52fb68763a8669567698349e0e5a34ac53063de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e0:1e:55:6e:5a:72:77:8d:9b:64:88:a3:a7:
b6:78:8d:a9:e2:ef:3d:85:11:44:a5:fd:c0:ae:44:
24:93:45:1d:af:fc:0f:ed:02:fa:3c:ee:dd:8f:a7:
cd:25:3b:3c:2f:f4:f2:3b:85:30:1e:4b:65:9f:e5:
a7:51:e0:38:8b:18:7e:df:91:12:a5:d8:6d:bc:de:
5d:a0:dd:3b:b6:26:53:0a:c1:32:d2:00:00:da:cb:
74:15:2c:cd:be:a1:8b:03:a3:9b:55:48:34:93:41:
17:81:bb:af:bf:fb:a1:f7:3d:c4:6a:c8:4a:53:be:
82:0d:c9:95:4e:49:ac:6a:14:97:ee:47:8c:88:81:
b7:3e:c7:35:de:ff:c0:74:70:f1:e1:55:5d:03:58:
ee:d6:92:be:01:7f:0f:9e:65:7d:67:7a:31:3a:47:
5f:b3:b4:47:13:1a:ef:ee:1c:80:01:5a:aa:8b:4f:
11:11:c0:0c:8c:69:49:6e:dc:8c:24:a6:ba:f0:52:
ba:9d:dd:82:cc:8a:c0:15:0e:73:06:68:34:a5:81:
af:53:57:89:57:a8:11:9d:c5:b3:17:13:7c:35:1d:
af:9e:4f:09:21:87:62:53:86:27:b7:0d:53:9f:31:
95:bd:99:4c:b1:d6:7f:16:f3:eb:6b:d6:7d:88:fd:
bc:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:FB:68:76:3A:86:69:56:76:98:34:9E:0E:5A:34:AC:53:06:3D:E9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UvtodjqGaVZ2mDSeDlo0rFMGPek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.189.0-45.13.190.255
45.88.136.0/23
45.132.182.0/23
45.144.212.0/24
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
61:21:67:70:6a:48:e1:08:e3:aa:d8:20:5c:c9:d5:f5:77:db:
a6:5c:c1:d5:3a:22:b5:0f:96:ff:b2:40:bf:f6:97:a7:3f:26:
15:a9:a9:ce:70:93:39:69:f7:1b:17:72:ba:57:82:89:52:17:
ec:16:c3:43:de:27:ff:ed:8d:41:f0:22:8b:a1:06:29:a9:21:
a0:fe:63:0f:e0:2b:92:74:44:f5:fd:42:14:26:9c:42:6e:c5:
08:22:6e:35:e3:94:a9:9c:db:65:3c:f6:52:35:27:fd:0c:b3:
c6:48:a7:83:c8:db:e7:f6:20:9a:45:6a:e0:5e:75:5d:45:69:
80:3b:06:9d:ae:1a:ea:d2:70:73:c3:8e:c4:5b:28:89:06:21:
2d:d1:fe:86:2f:71:d3:28:fa:b8:5a:5f:ed:00:1e:cf:af:d1:
80:6d:13:3d:d6:20:eb:cc:51:7e:6d:47:75:43:e8:00:16:77:
51:0f:a0:88:05:80:69:d7:27:b0:d0:c5:07:ee:27:69:cc:05:
fe:58:3c:78:6c:ef:43:5b:af:11:5e:76:6b:9a:44:3c:50:4f:
69:3a:be:1b:93:ba:c2:29:ce:ba:eb:99:4d:c0:42:59:a6:45:
58:b4:2d:9e:ca:52:13:65:9d:33:5a:ef:29:33:fe:46:cd:b8:
3b:99:0d:71
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY4ijjvtRAyqYXRU130Htkj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzA5MDkzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmZiNjg3NjNhODY2OTU2NzY5ODM0OWUwZTVhMzRhYzUzMDYzZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeAeVW5acneNm2SIo6e2eI2p4u89
hRFEpf3ArkQkk0Udr/wP7QL6PO7dj6fNJTs8L/TyO4UwHktln+WnUeA4ixh+35ES
pdhtvN5doN07tiZTCsEy0gAA2st0FSzNvqGLA6ObVUg0k0EXgbuvv/uh9z3EashK
U76CDcmVTkmsahSX7keMiIG3Psc13v/AdHDx4VVdA1ju1pK+AX8PnmV9Z3oxOkdf
s7RHExrv7hyAAVqqi08REcAMjGlJbtyMJKa68FK6nd2CzIrAFQ5zBmg0pYGvU1eJ
V6gRncWzFxN8NR2vnk8JIYdiU4Yntw1TnzGVvZlMsdZ/FvPra9Z9iP28+wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFL7aHY6hmlWdpg0ng5aNKxTBj3pMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVXZ0b2RqcUdhVloybURTZURsbzByRk1HUGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtDb0D
BAAtDb4DBAEtWIgDBAEthLYDBAAtkNQDBALD07wwDQYJKoZIhvcNAQELBQADggEB
AGEhZ3BqSOEI46rYIFzJ1fV326ZcwdU6IrUPlv+yQL/2l6c/JhWpqc5wkzlp9xsX
crpXgolSF+wWw0PeJ//tjUHwIouhBimpIaD+Yw/gK5J0RPX9QhQmnEJuxQgibjXj
lKmc22U89lI1J/0Ms8ZIp4PI2+f2IJpFauBedV1FaYA7Bp2uGurScHPDjsRbKIkG
IS3R/oYvcdMo+rhaX+0AHs+v0YBtEz3WIOvMUX5tR3VD6AAWd1EPoIgFgGnXJ7DQ
xQfuJ2nMBf5YPHhs70NbrxFedmuaRDxQT2k6vhuTusIpzrrrmU3AQlmmRVi0LZ7K
UhNlnTNa7ykz/kbNuDuZDXE=
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:26:05 2024 by rpki-client on console-fra.rpki-client.org