Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/A5txoW8OQ83Whw9mjcTTq-24iwg.roa
File: A5txoW8OQ83Whw9mjcTTq-24iwg.roa (raw, json)
Hash identifier: e1/K5Cmc0D0Gdvi6iXLBYVTWvWnkDvoIB2E09ywdymY=
Subject key identifier: 03:9B:71:A1:6F:0E:43:CD:D6:87:0F:66:8D:C4:D3:AB:ED:B8:8B:08
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 01869C45CC6C086E9F543AC9DE10521C1C2A
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/A5txoW8OQ83Whw9mjcTTq-24iwg.roa
Signing time: Wed 01 Mar 2023 08:24:25 +0000
ROA not before: Wed 01 Mar 2023 08:24:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 185.217.143.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
45.93.168.0/22 maxlen: 24
45.89.236.0/22 maxlen: 24
193.163.72.0/24 maxlen: 24
2a0c:6600:1::/48 maxlen: 48
2a0c:6600::/48 maxlen: 48
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:4::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 26 Jun 2023 11:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:45:cc:6c:08:6e:9f:54:3a:c9:de:10:52:1c:1c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Mar 1 08:24:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=039b71a16f0e43cdd6870f668dc4d3abedb88b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:12:4a:b9:50:58:aa:b9:ad:96:a1:3f:77:
99:0c:c0:01:c5:fd:51:c5:98:08:49:f0:8a:f6:3d:
f7:c0:7f:d2:cc:e4:9c:88:46:3d:5b:be:b7:4a:f3:
58:7c:3c:e0:2b:67:0f:9b:2a:9a:e8:83:9b:eb:03:
87:dc:1c:25:ae:c5:b6:b8:4e:7f:2c:66:bb:75:ca:
68:09:a9:d2:c1:bc:85:dd:82:bf:1c:1b:de:ca:e1:
58:35:ca:6e:6e:d1:d1:99:f7:27:ae:8d:da:70:5c:
be:8d:a0:c4:dd:8b:88:95:e6:56:18:3d:e3:0e:c7:
cb:7b:46:35:6a:ac:59:8d:4a:36:d6:5b:5c:94:43:
47:32:71:bc:23:4f:be:84:b1:d1:59:43:52:5f:61:
19:39:40:63:23:53:7a:dd:7b:b1:5f:c4:c0:1d:c3:
3b:ac:63:c4:1e:3f:91:4c:46:45:7c:09:cb:b6:44:
19:e5:dd:7e:0f:18:82:ba:99:09:7e:07:1f:01:86:
e4:10:ed:f2:7b:03:8d:b9:f3:4c:17:ac:c4:e1:0c:
cb:30:40:e1:cc:4c:cc:4a:48:46:b6:a3:4d:99:40:
1e:0a:74:ea:d3:0b:99:e4:20:28:ea:35:05:b1:5c:
a5:c0:49:4d:19:8b:49:d6:c7:55:07:29:de:bc:ac:
c7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9B:71:A1:6F:0E:43:CD:D6:87:0F:66:8D:C4:D3:AB:ED:B8:8B:08
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/A5txoW8OQ83Whw9mjcTTq-24iwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.236.0/22
45.93.168.0/22
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
80:93:1a:26:e1:64:eb:bf:37:54:60:8f:13:27:27:aa:09:e8:
44:4f:8c:0f:f4:59:cb:1b:0b:b6:36:9e:73:ae:20:92:ce:42:
67:6f:1d:1c:51:18:0e:6d:7e:ed:53:15:0f:73:4d:6b:fd:93:
de:c6:8a:aa:46:c5:3c:00:da:19:a8:01:b4:e3:74:6b:6f:3d:
02:89:4b:92:d1:91:b3:7c:02:51:d1:30:15:08:d6:00:19:6f:
66:66:8b:d3:35:4b:35:89:49:9e:b4:0c:a7:81:b2:f9:74:aa:
ae:fd:77:b9:37:9e:45:b2:31:d8:9d:6c:df:db:05:bf:af:97:
26:d8:9b:fe:16:49:08:b8:b3:f0:f2:5c:b0:02:4b:b5:fa:ad:
9e:18:d1:57:39:0d:46:5a:9b:7b:e8:ba:00:21:93:e8:dd:cc:
3b:09:b2:a3:e2:40:cb:46:90:6e:d2:62:b8:bf:77:36:73:cd:
4c:63:41:db:6e:de:24:7d:50:93:72:c1:68:6c:4c:01:8e:67:
6e:b9:e4:43:91:25:51:9a:d0:cf:c1:ec:d5:c4:dd:7a:e3:81:
5c:68:4e:54:bc:16:ee:92:0f:36:04:33:c1:d6:bf:7d:5a:d9:
ed:17:49:bd:e4:8b:4a:37:bf:bc:bc:6e:38:21:5d:86:de:c8:
3d:b1:29:b3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYacRcxsCG6fVDrJ3hBSHBwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjMwMzAxMDgyNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzliNzFhMTZmMGU0M2NkZDY4NzBmNjY4ZGM0ZDNhYmVkYjg4YjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcwSSrlQWKq5rZahP3eZDMABxf1R
xZgISfCK9j33wH/SzOSciEY9W763SvNYfDzgK2cPmyqa6IOb6wOH3BwlrsW2uE5/
LGa7dcpoCanSwbyF3YK/HBveyuFYNcpubtHRmfcnro3acFy+jaDE3YuIleZWGD3j
DsfLe0Y1aqxZjUo21ltclENHMnG8I0++hLHRWUNSX2EZOUBjI1N63XuxX8TAHcM7
rGPEHj+RTEZFfAnLtkQZ5d1+DxiCupkJfgcfAYbkEO3yewONufNMF6zE4QzLMEDh
zEzMSkhGtqNNmUAeCnTq0wuZ5CAo6jUFsVylwElNGYtJ1sdVBynevKzHBQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFAObcaFvDkPN1ocPZo3E06vtuIsIMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvQTV0eG9XOE9RODNXaHc5bWpjVFRxLTI0aXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAqBAIAATAkAwQCLVnsAwQC
LV2oAwQAudmPAwQCueOIAwQAwaNIAwQA1ejLMBcEAgACMBEwDwMEASoMZgMHACoM
ZgAABDANBgkqhkiG9w0BAQsFAAOCAQEAgJMaJuFk6783VGCPEycnqgnoRE+MD/RZ
yxsLtjaec64gks5CZ28dHFEYDm1+7VMVD3NNa/2T3saKqkbFPADaGagBtON0a289
AolLktGRs3wCUdEwFQjWABlvZmaL0zVLNYlJnrQMp4Gy+XSqrv13uTeeRbIx2J1s
39sFv6+XJtib/hZJCLiz8PJcsAJLtfqtnhjRVzkNRlqbe+i6ACGT6N3MOwmyo+JA
y0aQbtJiuL93NnPNTGNB227eJH1Qk3LBaGxMAY5nbrnkQ5ElUZrQz8Hs1cTdeuOB
XGhOVLwW7pIPNgQzwda/fVrZ7RdJveSLSje/vLxuOCFdht7IPbEpsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:16 2024 by rpki-client on console-fra.rpki-client.org