Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/i3UlAAQlHX4ZeDAIfdqxpI5WjIs.roa
File: i3UlAAQlHX4ZeDAIfdqxpI5WjIs.roa (raw, json)
Hash identifier: 1jgyvI1Co/DIzgGhKXVeEtBrFEW0KAgrcl/4ys8wECY=
Subject key identifier: 8B:75:25:00:04:25:1D:7E:19:78:30:08:7D:DA:B1:A4:8E:56:8C:8B
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 01856C53D001F1C9ADB8487D288CD5DF4744
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/i3UlAAQlHX4ZeDAIfdqxpI5WjIs.roa
Signing time: Sun 01 Jan 2023 07:55:09 +0000
ROA not before: Sun 01 Jan 2023 07:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21859
IP address blocks: 45.132.236.0/24 maxlen: 24
45.132.237.0/24 maxlen: 24
45.131.176.0/24 maxlen: 24
45.131.177.0/24 maxlen: 24
45.128.144.0/24 maxlen: 24
45.128.145.0/24 maxlen: 24
45.137.8.0/24 maxlen: 24
45.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d0:01:f1:c9:ad:b8:48:7d:28:8c:d5:df:47:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 07:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b75250004251d7e197830087ddab1a48e568c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:36:c8:7b:b6:99:85:cb:18:48:e1:4f:6d:55:
80:1b:a8:14:91:50:6b:c7:c0:95:34:c3:8a:b0:ee:
8a:51:6c:0d:cc:19:26:1d:d9:25:be:62:fd:8b:68:
a3:bc:02:66:63:72:a1:e2:cf:cb:5e:57:1a:d4:c5:
01:87:8a:cd:6b:02:c4:87:95:f6:4a:e7:f0:85:2f:
07:8c:8a:81:4d:c5:68:03:42:cd:94:22:ad:fa:30:
56:53:6e:d4:e9:6a:6a:2b:04:ca:a9:a3:31:26:64:
0d:47:c1:7c:ac:4b:bf:49:34:06:54:2a:b7:f0:d2:
89:d0:7a:83:4a:17:75:3d:c7:d6:7b:c4:80:3b:1b:
a2:13:72:fc:d8:7c:32:5d:59:2a:51:b3:de:90:a5:
dc:eb:67:36:e1:bd:bc:c4:74:59:80:cc:74:8e:73:
4e:09:7b:ad:61:20:0e:bf:08:4f:6a:7d:3a:a5:af:
14:3a:32:15:05:74:f4:33:28:46:39:90:43:22:9c:
f0:db:47:9f:19:69:57:20:7e:fd:5a:ac:2c:67:a6:
fd:c3:7a:80:dd:00:93:57:35:a5:57:73:ba:14:88:
2f:80:96:aa:11:d7:42:35:45:10:d7:f0:bc:83:35:
65:8d:da:9a:38:07:ed:35:59:41:58:24:98:67:94:
3d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:75:25:00:04:25:1D:7E:19:78:30:08:7D:DA:B1:A4:8E:56:8C:8B
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/i3UlAAQlHX4ZeDAIfdqxpI5WjIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.144.0/23
45.131.176.0/23
45.132.236.0/23
45.137.8.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:f2:e6:0b:a6:12:26:8a:7f:d7:4b:25:7b:dc:bc:95:f3:32:
ff:a9:15:59:0f:ea:02:9b:d6:e0:b2:8f:74:48:87:89:b3:7a:
2a:dd:bc:c4:2b:2d:11:e7:51:6e:d9:4c:24:f7:d3:fa:1b:4a:
f4:e3:38:51:87:5a:92:a8:fb:85:30:91:2d:7c:3d:b5:59:9d:
31:ca:e1:f7:3a:3d:96:c9:df:2f:4c:25:63:39:90:24:ff:88:
6b:dd:d0:44:14:f1:7b:24:b7:da:da:9c:a6:07:a4:d6:7b:ce:
a0:69:23:a5:9d:83:e7:71:08:d6:61:a9:5b:cf:69:f3:05:c9:
20:c2:aa:ce:8b:d1:0a:b6:6e:5a:9a:90:a6:02:a1:5c:b6:46:
ff:42:28:4c:ad:84:00:e0:0e:ad:37:c2:75:f4:18:08:7a:8e:
17:0f:77:87:c1:ea:50:c7:d9:90:d4:76:9d:06:50:60:be:cc:
a3:6d:bc:90:ba:fc:59:23:e9:cf:df:81:ac:d1:8f:da:ad:53:
5f:4e:6e:40:e1:2d:08:4a:f5:26:82:80:94:27:15:d4:a7:14:
0d:77:25:e7:11:73:e6:0a:53:d9:d7:60:55:e2:f3:17:b0:a2:
04:63:ce:71:a3:3c:d0:0c:a5:8f:6f:ab:5a:4b:7f:a9:11:f8:
26:f9:3d:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsU9AB8cmtuEh9KIzV30dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjc1MjUwMDA0MjUxZDdlMTk3ODMwMDg3ZGRhYjFhNDhlNTY4YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTbIe7aZhcsYSOFPbVWAG6gUkVBr
x8CVNMOKsO6KUWwNzBkmHdklvmL9i2ijvAJmY3Kh4s/LXlca1MUBh4rNawLEh5X2
SufwhS8HjIqBTcVoA0LNlCKt+jBWU27U6WpqKwTKqaMxJmQNR8F8rEu/STQGVCq3
8NKJ0HqDShd1PcfWe8SAOxuiE3L82HwyXVkqUbPekKXc62c24b28xHRZgMx0jnNO
CXutYSAOvwhPan06pa8UOjIVBXT0MyhGOZBDIpzw20efGWlXIH79WqwsZ6b9w3qA
3QCTVzWlV3O6FIgvgJaqEddCNUUQ1/C8gzVljdqaOAftNVlBWCSYZ5Q9pwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIt1JQAEJR1+GXgwCH3asaSOVoyLMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvaTNVbEFBUWxIWDRaZURBSWZkcXhwSTVXaklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYCQAwQB
LYOwAwQBLYTsAwQBLYkIMA0GCSqGSIb3DQEBCwUAA4IBAQCd8uYLphImin/XSyV7
3LyV8zL/qRVZD+oCm9bgso90SIeJs3oq3bzEKy0R51Fu2Uwk99P6G0r04zhRh1qS
qPuFMJEtfD21WZ0xyuH3Oj2Wyd8vTCVjOZAk/4hr3dBEFPF7JLfa2pymB6TWe86g
aSOlnYPncQjWYalbz2nzBckgwqrOi9EKtm5ampCmAqFctkb/QihMrYQA4A6tN8J1
9BgIeo4XD3eHwepQx9mQ1HadBlBgvsyjbbyQuvxZI+nP34Gs0Y/arVNfTm5A4S0I
SvUmgoCUJxXUpxQNdyXnEXPmClPZ12BV4vMXsKIEY85xozzQDKWPb6taS3+pEfgm
+T2H
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:55 2024 by rpki-client on console-ams.rpki-client.org