Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q9UyJ3OOudr_7T2Gw3QEXFbAHWc.roa
File: Q9UyJ3OOudr_7T2Gw3QEXFbAHWc.roa (raw, json)
Hash identifier: j3yocUKzi1u7M96cQhideGGm7BofG3UafLsv/vr1rYI=
Subject key identifier: 43:D5:32:27:73:8E:B9:DA:FF:ED:3D:86:C3:74:04:5C:56:C0:1D:67
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0187F1E6278F21A1961DA7570B94CADF6733
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q9UyJ3OOudr_7T2Gw3QEXFbAHWc.roa
Signing time: Sat 06 May 2023 16:30:05 +0000
ROA not before: Sat 06 May 2023 16:30:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 45.140.221.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
185.242.225.0/24 maxlen: 24
185.186.67.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
193.105.177.0/24 maxlen: 24
178.218.145.0/24 maxlen: 24
194.56.224.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 13:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f1:e6:27:8f:21:a1:96:1d:a7:57:0b:94:ca:df:67:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: May 6 16:30:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43d53227738eb9daffed3d86c374045c56c01d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:97:ba:3d:65:c1:0b:a7:79:f3:07:d5:77:7d:
1d:c3:ae:44:2b:3d:d3:f5:3e:63:9c:d8:a7:56:d5:
34:63:99:47:e6:b3:06:05:00:e3:c6:91:72:8f:d6:
2a:95:c6:36:d1:86:af:ae:0b:12:b6:c3:e4:f0:be:
46:d9:2b:b2:6b:09:89:29:f9:a2:2f:50:93:53:dc:
e3:7b:58:aa:91:99:b9:eb:a4:92:42:0a:3c:af:d1:
af:3e:3a:03:af:b6:07:6f:0c:7e:5b:5c:02:98:33:
91:78:f7:f5:10:90:c4:78:46:b6:67:4f:ef:e7:7a:
31:87:dd:62:1d:85:e0:f2:02:24:77:b7:20:fb:09:
e0:ba:e9:8d:0c:2f:3e:e5:98:1b:95:88:87:bd:1c:
6b:7d:28:1c:b9:d4:fa:45:b4:c1:bb:11:9d:4a:62:
e2:de:22:96:dc:fc:b8:6d:7d:17:a8:e6:fe:bd:7f:
d8:6a:59:9e:6d:c4:53:ba:94:a7:7c:95:9b:cb:2f:
2f:a6:95:dc:17:78:d3:fa:d3:00:1b:b6:63:37:45:
5e:36:a9:49:76:ea:31:70:5e:f9:07:d9:fa:10:75:
d6:ed:27:eb:c4:c2:d6:27:a8:99:cf:94:08:6f:f4:
cd:d5:34:ba:85:d6:b6:c5:c2:40:66:e5:52:3c:66:
11:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D5:32:27:73:8E:B9:DA:FF:ED:3D:86:C3:74:04:5C:56:C0:1D:67
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/Q9UyJ3OOudr_7T2Gw3QEXFbAHWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.145.0-45.90.146.255
45.140.220.0/23
77.83.241.0/24
85.202.162.0/24
178.218.145.0/24
185.186.67.0/24
185.227.71.0/24
185.234.74.0/23
185.242.225.0/24
193.105.177.0/24
194.56.224.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:59:16:c1:9d:51:e3:fe:f4:24:e8:be:dd:e9:46:f3:17:c7:
24:65:6b:af:76:fa:09:a9:4d:04:c5:07:39:51:ce:e9:ae:3d:
4a:f8:a0:a6:13:cb:46:a6:c7:cc:df:5a:38:00:12:10:1d:a3:
a9:00:c8:6b:b4:64:39:66:96:b3:5b:6b:8d:4d:15:b0:20:5a:
57:cb:55:c1:f1:95:e5:4a:78:e0:cf:00:24:e1:d8:fa:27:bf:
a5:e6:41:e7:28:58:0c:8e:8c:ae:8a:10:a8:af:96:08:a7:42:
63:b8:a5:b0:3f:80:44:7a:70:e6:7b:4d:26:be:81:71:97:99:
69:20:30:fc:1d:4a:16:15:e8:5e:b4:d5:ce:d5:b7:83:36:de:
e5:1d:c3:3c:13:e3:78:dc:dd:ab:dd:d1:7f:32:4f:74:60:d7:
83:dc:60:01:d0:cd:29:6c:cd:e3:fc:3e:ac:fb:10:ed:91:4e:
50:c6:76:9a:fd:d7:c3:34:6a:23:4f:8b:3d:b8:cb:44:2b:77:
92:14:93:12:19:c4:4c:9a:2c:28:8d:d6:ed:37:5c:1e:a3:4b:
a5:fe:77:ef:77:d8:34:12:21:9c:c6:8e:de:12:f2:f0:c7:2f:
de:03:2e:a5:cc:33:bd:a4:01:cd:af:7d:15:00:8c:07:a9:f7:
90:81:80:73
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYfx5iePIaGWHadXC5TK32czMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNTA2MTYzMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q1MzIyNzczOGViOWRhZmZlZDNkODZjMzc0MDQ1YzU2YzAxZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJe6PWXBC6d58wfVd30dw65EKz3T
9T5jnNinVtU0Y5lH5rMGBQDjxpFyj9YqlcY20YavrgsStsPk8L5G2SuyawmJKfmi
L1CTU9zje1iqkZm566SSQgo8r9GvPjoDr7YHbwx+W1wCmDORePf1EJDEeEa2Z0/v
53oxh91iHYXg8gIkd7cg+wnguumNDC8+5ZgblYiHvRxrfSgcudT6RbTBuxGdSmLi
3iKW3Py4bX0XqOb+vX/YalmebcRTupSnfJWbyy8vppXcF3jT+tMAG7ZjN0VeNqlJ
duoxcF75B9n6EHXW7SfrxMLWJ6iZz5QIb/TN1TS6hda2xcJAZuVSPGYRcwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFEPVMidzjrna/+09hsN0BFxWwB1nMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUTlVeUozT091ZHJfN1QyR3czUUVYRmJBSFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAAtWpED
BAAtWpIDBAEtjNwDBABNU/EDBABVyqIDBACy2pEDBAC5ukMDBAC540cDBAG56koD
BAC58uEDBADBabEDBAHCOOAwDQYJKoZIhvcNAQELBQADggEBAE5ZFsGdUeP+9CTo
vt3pRvMXxyRla692+gmpTQTFBzlRzumuPUr4oKYTy0amx8zfWjgAEhAdo6kAyGu0
ZDlmlrNba41NFbAgWlfLVcHxleVKeODPACTh2Ponv6XmQecoWAyOjK6KEKivlgin
QmO4pbA/gER6cOZ7TSa+gXGXmWkgMPwdShYV6F601c7Vt4M23uUdwzwT43jc3avd
0X8yT3Rg14PcYAHQzSlszeP8Pqz7EO2RTlDGdpr918M0aiNPiz24y0Qrd5IUkxIZ
xEyaLCiN1u03XB6jS6X+d+932DQSIZzGjt4S8vDHL94DLqXMM72kAc2vfRUAjAep
95CBgHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org