Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iyO5mkUC17QpSBEsmPLXnSNMNcE.roa
File: iyO5mkUC17QpSBEsmPLXnSNMNcE.roa (raw, json)
Hash identifier: 0Y2+Dez19ToZUBIP4yERfZ1cY0mn2N0zCs4x65vRgi8=
Subject key identifier: 8B:23:B9:9A:45:02:D7:B4:29:48:11:2C:98:F2:D7:9D:23:4C:35:C1
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0190409EEA0C80FED50E5D737BB698AAAE61
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iyO5mkUC17QpSBEsmPLXnSNMNcE.roa
Signing time: Sat 22 Jun 2024 15:44:34 +0000
ROA not before: Sat 22 Jun 2024 15:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136526
IP address blocks: 45.91.227.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 03:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:40:9e:ea:0c:80:fe:d5:0e:5d:73:7b:b6:98:aa:ae:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jun 22 15:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b23b99a4502d7b42948112c98f2d79d234c35c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d0:ee:d4:ff:7e:1a:9e:31:b9:66:67:7c:82:
ca:5c:61:27:bf:df:92:8a:a7:64:1c:0d:6e:fd:87:
6e:35:f4:0e:f7:8f:1a:f0:bd:84:38:cd:98:90:71:
f5:ed:f0:81:3a:38:a1:90:3e:a1:93:56:ae:74:48:
c6:51:c7:0c:99:c1:77:7b:8b:c7:d8:6d:6a:4a:8f:
36:e7:28:c4:d7:e9:44:a8:8a:fc:f8:05:ff:64:3a:
88:c2:12:f4:19:b6:14:ff:e5:69:af:f0:cd:30:50:
40:a7:b3:25:46:af:53:8d:b7:83:d2:43:39:cd:8d:
e6:8e:68:5a:ef:ce:8e:a6:c9:6a:4f:26:7d:f8:ed:
07:ea:b1:c0:6a:65:06:16:3e:1b:29:64:39:a4:d7:
4e:d8:94:d8:1c:b4:47:03:a6:09:e2:9b:6b:4f:62:
03:12:ec:be:44:bb:e8:b5:28:6e:ee:2e:6c:82:5c:
86:d6:04:d9:68:b9:72:e0:8a:ad:ea:8a:d9:40:68:
ad:d4:3d:24:3d:b2:9e:41:7a:b8:f6:be:80:28:da:
b9:ff:1e:64:fd:16:e1:6a:25:2f:5a:2d:cb:58:0f:
55:7c:86:bc:04:40:8a:45:3c:2c:6f:7b:16:31:33:
a4:22:ba:0c:3d:54:d4:1c:0e:5b:f6:71:81:3d:a9:
2a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:23:B9:9A:45:02:D7:B4:29:48:11:2C:98:F2:D7:9D:23:4C:35:C1
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/iyO5mkUC17QpSBEsmPLXnSNMNcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.227.0/24
45.142.155.0/24
185.202.103.0/24
193.239.154.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:99:c9:f3:66:6b:51:20:fb:c0:b0:df:a6:7e:58:eb:dc:6d:
99:8e:fd:da:de:be:08:a0:a8:94:71:dc:20:22:8e:41:92:d3:
0b:f4:d8:01:a8:d8:22:fa:2c:a6:6b:29:ef:38:5c:39:ed:ea:
80:70:5a:b3:67:c2:3c:6a:b4:85:d2:7b:f5:6d:ed:76:5c:92:
82:2d:d9:54:da:28:31:25:00:73:12:ff:04:ca:e8:e8:1e:3f:
9e:f8:4d:05:c1:e0:c1:b6:14:3d:16:ad:82:a1:ed:3e:48:37:
d4:8e:ba:6d:27:ef:a3:ff:26:fe:0e:59:d9:b2:d8:24:e1:77:
ba:ff:66:81:37:e9:ad:8b:5f:84:5e:d7:84:c8:db:f6:99:c4:
48:e2:16:28:ea:ce:16:60:9a:6a:7e:1d:06:b7:ad:a0:dd:ce:
d0:27:d1:8b:6a:c0:e4:aa:83:92:7f:14:85:a5:5e:44:b1:56:
e9:ce:ba:80:eb:14:f7:7b:4f:f7:63:76:4b:6d:6d:b1:33:03:
49:89:2e:03:29:ec:0e:c9:2c:96:0e:a2:aa:85:c3:c3:65:d5:
6a:19:95:aa:4d:be:50:31:4d:04:cf:cd:c6:43:b3:55:aa:27:
d7:fd:6d:ec:0b:b9:49:61:64:d5:e1:5f:8f:b6:c8:81:6c:56:
79:f0:10:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBAnuoMgP7VDl1ze7aYqq5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNjIyMTU0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjIzYjk5YTQ1MDJkN2I0Mjk0ODExMmM5OGYyZDc5ZDIzNGMzNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdDu1P9+Gp4xuWZnfILKXGEnv9+S
iqdkHA1u/YduNfQO948a8L2EOM2YkHH17fCBOjihkD6hk1audEjGUccMmcF3e4vH
2G1qSo825yjE1+lEqIr8+AX/ZDqIwhL0GbYU/+Vpr/DNMFBAp7MlRq9TjbeD0kM5
zY3mjmha786OpslqTyZ9+O0H6rHAamUGFj4bKWQ5pNdO2JTYHLRHA6YJ4ptrT2ID
Euy+RLvotShu7i5sglyG1gTZaLly4Iqt6orZQGit1D0kPbKeQXq49r6AKNq5/x5k
/RbhaiUvWi3LWA9VfIa8BECKRTwsb3sWMTOkIroMPVTUHA5b9nGBPakqnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIsjuZpFAte0KUgRLJjy150jTDXBMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvaXlPNW1rVUMxN1FwU0JFc21QTFhuU05NTmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVvjAwQA
LY6bAwQAucpnAwQAwe+aMA0GCSqGSIb3DQEBCwUAA4IBAQA9mcnzZmtRIPvAsN+m
fljr3G2Zjv3a3r4IoKiUcdwgIo5BktML9NgBqNgi+iymaynvOFw57eqAcFqzZ8I8
arSF0nv1be12XJKCLdlU2igxJQBzEv8EyujoHj+e+E0FweDBthQ9Fq2Coe0+SDfU
jrptJ++j/yb+DlnZstgk4Xe6/2aBN+mti1+EXteEyNv2mcRI4hYo6s4WYJpqfh0G
t62g3c7QJ9GLasDkqoOSfxSFpV5EsVbpzrqA6xT3e0/3Y3ZLbW2xMwNJiS4DKewO
ySyWDqKqhcPDZdVqGZWqTb5QMU0Ez83GQ7NVqifX/W3sC7lJYWTV4V+PtsiBbFZ5
8BCP
-----END CERTIFICATE-----
Generated at Thu Jul 4 05:04:50 2024 by rpki-client on console-ams.rpki-client.org