Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A5gF5YyvaYAMITFF-Zd5j0I6FR4.roa
File: A5gF5YyvaYAMITFF-Zd5j0I6FR4.roa (raw, json)
Hash identifier: P9ALZlLdi+OP9KHY8WAZKLBXRV6I4Tm8uJ+M/6P/BNE=
Subject key identifier: 03:98:05:E5:8C:AF:69:80:0C:21:31:45:F9:97:79:8F:42:3A:15:1E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FEC10D53E757E108E3EA62409153D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A5gF5YyvaYAMITFF-Zd5j0I6FR4.roa
Signing time: Mon 02 Jan 2023 17:38:09 +0000
ROA not before: Mon 02 Jan 2023 17:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 45.140.222.0/23 maxlen: 23
45.81.21.0/24 maxlen: 24
2.56.167.0/24 maxlen: 24
45.81.22.0/23 maxlen: 23
89.190.159.0/24 maxlen: 24
89.190.156.0/24 maxlen: 24
185.242.226.0/24 maxlen: 24
194.50.16.0/23 maxlen: 24
212.107.12.0/24 maxlen: 24
77.83.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:ec:10:d5:3e:75:7e:10:8e:3e:a6:24:09:15:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=039805e58caf69800c213145f997798f423a151e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dd:28:9f:1c:65:e0:9f:da:1c:3d:b0:e2:0a:
b9:a2:4d:7b:b8:04:ca:db:f2:b1:8d:f0:a5:95:46:
d5:1f:8f:ae:a4:98:4f:27:25:ae:a1:67:71:56:7f:
68:43:f9:17:00:8b:e2:df:f5:62:4a:19:06:1d:c5:
4a:39:44:d5:2c:ca:5f:af:d5:ca:41:7a:d0:fe:5d:
74:63:08:89:a2:9c:eb:d1:b2:bb:0b:7d:15:38:a7:
8a:e1:c4:27:32:c2:bb:e4:ef:07:d3:68:df:c0:02:
3a:bc:cf:59:c4:bf:81:67:50:92:9b:2a:e7:e2:06:
50:b3:af:77:2b:b6:6e:12:fb:b9:d5:80:ac:63:04:
f7:29:5e:de:01:98:0e:6c:b7:61:f1:b2:4a:df:d9:
58:61:e6:32:33:90:ed:ae:13:02:17:d1:c0:0b:aa:
3c:15:d3:01:b0:7f:1f:54:42:29:ea:23:73:e3:f4:
37:fc:28:4b:10:b2:6b:5d:f8:ac:0e:ea:cc:65:49:
71:13:51:b4:dd:cb:f4:60:4e:46:c4:ea:6f:a6:59:
8b:08:5a:3d:fa:0b:18:83:c6:2d:06:73:1e:cc:fb:
ed:32:b6:b8:42:04:2b:06:77:3f:a4:49:65:71:68:
b1:05:be:e8:e6:76:c7:d2:df:39:33:0c:d8:df:14:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:98:05:E5:8C:AF:69:80:0C:21:31:45:F9:97:79:8F:42:3A:15:1E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/A5gF5YyvaYAMITFF-Zd5j0I6FR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.167.0/24
45.81.21.0-45.81.23.255
45.140.222.0/23
77.83.240.0/24
89.190.156.0/24
89.190.159.0/24
185.242.226.0/24
194.50.16.0/23
212.107.12.0/24
Signature Algorithm: sha256WithRSAEncryption
de:ea:2a:47:32:89:c6:a5:0f:1e:33:c4:0b:ca:2f:6f:d9:b1:
81:96:56:c1:7f:9b:35:82:78:d1:93:ff:41:bf:65:f3:85:c0:
d1:86:bd:ed:ba:4d:53:7e:ee:fa:df:b5:95:8b:3b:c2:f5:81:
1a:fc:dd:ac:27:78:70:63:c6:c3:27:8e:45:62:c5:b9:7b:91:
d5:a4:7a:f2:a4:7d:3c:45:b7:86:cf:0f:f9:ba:ff:8b:8b:ab:
16:d9:97:dd:76:8a:90:ba:d3:a6:78:32:f1:d7:bc:95:0b:cd:
d2:5e:ba:78:57:b4:cc:96:60:dd:92:90:36:99:81:ee:00:62:
34:b7:b4:a6:da:91:0c:84:64:a8:04:fa:2e:1c:d1:a8:9f:33:
5a:5e:19:c3:43:1e:f3:25:b0:10:f8:60:70:47:ef:57:f2:15:
c4:78:2d:dc:fb:b1:b3:a8:a3:c1:02:83:cc:0b:74:d1:86:55:
43:a5:d5:7b:70:ae:c3:1c:e9:b2:09:0c:cf:92:a3:6f:08:55:
a5:55:f5:17:44:73:55:8d:be:ea:bc:11:3c:de:41:76:fc:19:
f1:dd:6b:58:0e:36:62:c7:92:97:60:b3:a3:65:05:f7:64:35:
d3:99:79:fd:1e:ad:05:ac:8c:7e:93:9e:b5:ce:ce:29:ea:8a:
c5:bc:20:b7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVzj+wQ1T51fhCOPqYkCRU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk4MDVlNThjYWY2OTgwMGMyMTMxNDVmOTk3Nzk4ZjQyM2ExNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN0onxxl4J/aHD2w4gq5ok17uATK
2/KxjfCllUbVH4+upJhPJyWuoWdxVn9oQ/kXAIvi3/ViShkGHcVKOUTVLMpfr9XK
QXrQ/l10YwiJopzr0bK7C30VOKeK4cQnMsK75O8H02jfwAI6vM9ZxL+BZ1CSmyrn
4gZQs693K7ZuEvu51YCsYwT3KV7eAZgObLdh8bJK39lYYeYyM5DtrhMCF9HAC6o8
FdMBsH8fVEIp6iNz4/Q3/ChLELJrXfisDurMZUlxE1G03cv0YE5GxOpvplmLCFo9
+gsYg8YtBnMezPvtMra4QgQrBnc/pEllcWixBb7o5nbH0t85MwzY3xQbYQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAOYBeWMr2mADCExRfmXeY9COhUeMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQTVnRjVZeXZhWUFNSVRGRi1aZDVqMEk2RlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAAjinMAwD
BAAtURUDBAMtURADBAEtjN4DBABNU/ADBABZvpwDBABZvp8DBAC58uIDBAHCMhAD
BADUawwwDQYJKoZIhvcNAQELBQADggEBAN7qKkcyicalDx4zxAvKL2/ZsYGWVsF/
mzWCeNGT/0G/ZfOFwNGGve26TVN+7vrftZWLO8L1gRr83awneHBjxsMnjkVixbl7
kdWkevKkfTxFt4bPD/m6/4uLqxbZl912ipC606Z4MvHXvJULzdJeunhXtMyWYN2S
kDaZge4AYjS3tKbakQyEZKgE+i4c0aifM1peGcNDHvMlsBD4YHBH71fyFcR4Ldz7
sbOoo8ECg8wLdNGGVUOl1XtwrsMc6bIJDM+So28IVaVV9RdEc1WNvuq8ETzeQXb8
GfHda1gONmLHkpdgs6NlBfdkNdOZef0erQWsjH6TnrXOzinqisW8ILc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org