Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CA5CdHm79AVR42YsQdpYFAErpF8.roa
File: CA5CdHm79AVR42YsQdpYFAErpF8.roa (raw, json)
Hash identifier: TXq6fUv75lrN9zPcdmnlGtSUivNnSoCJa8BdDij/mCY=
Subject key identifier: 08:0E:42:74:79:BB:F4:05:51:E3:66:2C:41:DA:58:14:01:2B:A4:5F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018A0856DC96AFF14F874B516FC7F4D1A50F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CA5CdHm79AVR42YsQdpYFAErpF8.roa
Signing time: Fri 18 Aug 2023 11:10:24 +0000
ROA not before: Fri 18 Aug 2023 11:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 45.140.221.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
185.242.225.0/24 maxlen: 24
185.186.67.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
193.105.177.0/24 maxlen: 24
178.218.145.0/24 maxlen: 24
194.56.224.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
77.83.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:08:56:dc:96:af:f1:4f:87:4b:51:6f:c7:f4:d1:a5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Aug 18 11:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=080e427479bbf40551e3662c41da5814012ba45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:db:5d:89:70:45:b7:ad:04:b9:ab:80:7f:3e:
87:92:ec:69:bd:09:3b:20:6c:c3:83:12:5b:e1:c9:
da:6d:6a:e8:7d:f8:78:21:3e:61:01:b0:b3:de:0e:
eb:99:15:e8:60:b5:62:bd:4b:55:50:38:08:97:7f:
eb:01:47:3b:11:01:59:54:e3:68:a8:27:7c:d2:57:
48:de:91:ba:f6:0f:f5:dc:c6:e7:6d:f4:74:f7:c9:
07:27:06:f2:d5:dc:30:8e:eb:b5:bf:74:ae:e6:a2:
9d:e7:8f:e8:1f:a3:92:9c:ba:19:7a:e2:12:17:2d:
dc:d4:1e:01:0e:f5:85:cb:20:5b:af:10:ed:4c:8d:
3c:2e:a4:d1:98:c1:95:fa:1a:7f:9f:06:a2:ad:8d:
02:ee:63:9c:86:ae:8a:59:67:bb:47:b5:f4:f9:2f:
c3:4c:a9:ff:1c:fc:6d:fc:3b:32:37:7a:5b:5a:98:
62:82:fc:f9:15:51:8e:dc:aa:82:d9:d5:ad:21:df:
aa:96:56:0f:25:ec:15:82:41:03:ff:86:94:c5:a9:
9d:7f:e3:89:42:59:43:66:26:57:b7:ee:c3:93:74:
af:e4:44:3b:7c:8c:ac:f2:0d:c2:ee:17:cb:6a:35:
43:ec:23:81:7d:13:95:82:0e:8c:c1:74:44:da:16:
cc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0E:42:74:79:BB:F4:05:51:E3:66:2C:41:DA:58:14:01:2B:A4:5F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/CA5CdHm79AVR42YsQdpYFAErpF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.145.0-45.90.146.255
45.140.220.0/23
45.154.196.0/22
77.83.241.0/24
77.83.243.0/24
85.202.162.0/24
178.218.145.0/24
185.186.67.0/24
185.227.71.0/24
185.234.74.0/23
185.242.225.0/24
193.105.177.0/24
194.56.224.0/23
Signature Algorithm: sha256WithRSAEncryption
48:68:87:5d:8f:7d:ca:0d:b8:97:3e:2c:f1:06:29:88:65:09:
a4:b0:bd:9c:21:de:f3:e3:0c:13:d0:52:b0:d4:fe:b7:d7:c9:
17:84:f7:16:6f:fd:30:bd:01:3d:32:c9:b6:3b:e7:08:45:aa:
48:42:e4:9a:07:c4:ac:e7:ee:d2:f2:26:17:10:38:0e:56:31:
46:03:f7:bb:0f:26:54:87:ad:2f:b5:e5:8c:bb:d3:92:f0:53:
c1:8a:6a:f6:b1:d1:7c:db:af:ce:1d:89:9c:7e:32:13:40:59:
7b:88:68:80:3f:fe:90:a3:bd:81:4f:bf:09:9c:e2:e5:76:2f:
75:30:5e:31:c3:69:9e:2e:1c:aa:d9:f2:c4:33:6b:f9:1a:bf:
1a:3a:44:e1:fa:d7:62:9f:2b:b0:ef:c2:d6:49:c4:53:13:eb:
68:f8:0d:6b:82:a5:36:3c:94:ef:5d:09:5f:86:c4:8c:54:f3:
3d:0e:62:18:59:08:b7:49:59:81:c7:36:7d:58:65:b1:21:9a:
b1:03:6f:02:85:41:57:87:40:63:58:73:fc:5a:4b:e5:93:14:
10:56:ca:75:46:54:08:ae:a2:73:96:be:53:78:1d:a3:02:b9:
cc:f4:57:6a:6c:af:39:49:e7:e2:c0:b0:ee:61:06:39:63:05:
5d:6f:d7:b3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYoIVtyWr/FPh0tRb8f00aUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwODE4MTExMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBlNDI3NDc5YmJmNDA1NTFlMzY2MmM0MWRhNTgxNDAxMmJhNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodtdiXBFt60EuauAfz6HkuxpvQk7
IGzDgxJb4cnabWroffh4IT5hAbCz3g7rmRXoYLVivUtVUDgIl3/rAUc7EQFZVONo
qCd80ldI3pG69g/13MbnbfR098kHJwby1dwwjuu1v3Su5qKd54/oH6OSnLoZeuIS
Fy3c1B4BDvWFyyBbrxDtTI08LqTRmMGV+hp/nwairY0C7mOchq6KWWe7R7X0+S/D
TKn/HPxt/DsyN3pbWphigvz5FVGO3KqC2dWtId+qllYPJewVgkED/4aUxamdf+OJ
QllDZiZXt+7Dk3Sv5EQ7fIys8g3C7hfLajVD7COBfROVgg6MwXRE2hbMgwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAgOQnR5u/QFUeNmLEHaWBQBK6RfMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvQ0E1Q2RIbTc5QVZSNDJZc1FkcFlGQUVycEY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWMAwDBAAtWpED
BAAtWpIDBAEtjNwDBAItmsQDBABNU/EDBABNU/MDBABVyqIDBACy2pEDBAC5ukMD
BAC540cDBAG56koDBAC58uEDBADBabEDBAHCOOAwDQYJKoZIhvcNAQELBQADggEB
AEhoh12PfcoNuJc+LPEGKYhlCaSwvZwh3vPjDBPQUrDU/rfXyReE9xZv/TC9AT0y
ybY75whFqkhC5JoHxKzn7tLyJhcQOA5WMUYD97sPJlSHrS+15Yy705LwU8GKavax
0Xzbr84diZx+MhNAWXuIaIA//pCjvYFPvwmc4uV2L3UwXjHDaZ4uHKrZ8sQza/ka
vxo6ROH612KfK7DvwtZJxFMT62j4DWuCpTY8lO9dCV+GxIxU8z0OYhhZCLdJWYHH
Nn1YZbEhmrEDbwKFQVeHQGNYc/xaS+WTFBBWynVGVAiuonOWvlN4HaMCucz0V2ps
rzlJ5+LAsO5hBjljBV1v17M=
-----END CERTIFICATE-----
Generated at Mon Sep 4 20:50:16 2023 by rpki-client on console-fra.rpki-client.org