Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/UsyIxTZMFvFQhR-zvJ_PToH6kSY.roa
File: UsyIxTZMFvFQhR-zvJ_PToH6kSY.roa (raw, json)
Hash identifier: 81MWZG4hhb5fdxOrKBdmggSAQSHsomlMQ6MchDPgKfs=
Subject key identifier: 52:CC:88:C5:36:4C:16:F1:50:85:1F:B3:BC:9F:CF:4E:81:FA:91:26
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA20479B4EDBFF2664E554674040DA
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/UsyIxTZMFvFQhR-zvJ_PToH6kSY.roa
Signing time: Sun 01 Jan 2023 05:24:46 +0000
ROA not before: Sun 01 Jan 2023 05:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210636
IP address blocks: 45.152.149.0/24 maxlen: 24
45.134.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:20:47:9b:4e:db:ff:26:64:e5:54:67:40:40:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52cc88c5364c16f150851fb3bc9fcf4e81fa9126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ae:10:9a:8e:6d:b9:c6:04:6c:ac:2b:03:7a:
2b:44:fd:ac:86:ee:c9:02:ec:a2:da:2d:cf:c9:b4:
40:e8:34:c7:fa:97:f9:e7:06:39:10:cf:eb:44:c7:
0d:26:18:12:94:8d:70:4d:ae:f3:86:55:71:6a:35:
e2:df:ea:03:b8:53:d0:dc:3f:1c:9d:b6:0e:44:d8:
fb:b5:65:01:fc:02:74:f2:1e:d3:b0:04:9c:aa:31:
33:03:f7:b5:0d:5f:57:0f:23:5e:b5:62:fd:9e:4a:
2c:65:bd:75:4f:d8:7b:ee:44:89:2d:e0:4e:79:84:
bd:10:70:91:22:6a:8c:a9:07:f0:ac:02:63:5c:62:
d5:5e:dd:ea:50:94:1b:51:47:b4:c4:55:cc:87:8a:
2d:ce:50:1a:35:6a:d1:47:e2:b9:07:ba:db:32:8a:
2d:71:e4:f1:2c:7e:4d:ac:96:da:bd:ea:e9:8c:b9:
46:a4:27:89:7e:bf:35:b5:64:0f:29:d3:33:90:68:
07:4e:2a:9f:5b:c0:de:85:77:96:86:9e:c3:4f:b5:
c0:80:c9:28:da:07:7a:ad:f2:13:b0:e6:e1:08:bc:
32:32:92:5b:4e:06:cf:23:0a:8f:58:3e:74:79:af:
78:fe:0a:77:af:80:6f:43:bd:94:9c:17:e8:6a:b3:
4c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CC:88:C5:36:4C:16:F1:50:85:1F:B3:BC:9F:CF:4E:81:FA:91:26
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/UsyIxTZMFvFQhR-zvJ_PToH6kSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.21.0/24
45.152.149.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a5:77:f9:8d:f2:58:f3:10:39:2a:07:b1:2d:f2:84:f3:68:
c4:8a:34:aa:30:60:67:05:4c:99:20:de:d3:c2:02:70:93:d0:
0b:10:b4:8d:e7:65:a2:52:f2:83:10:10:09:14:52:55:51:94:
ee:70:08:1e:0f:d2:6c:4f:5b:66:4d:e0:04:34:33:59:3f:fb:
ae:50:94:20:56:22:08:a3:70:d7:4c:40:fb:96:c8:4a:f0:29:
31:e7:ec:e7:29:04:24:cb:b6:67:5f:06:34:af:b9:b0:c6:67:
97:d1:53:7f:d9:79:d3:c1:5d:8b:8b:87:6a:df:9f:7d:4a:58:
84:f0:73:9c:cd:18:ac:a5:d3:50:00:2f:b4:12:7e:68:51:26:
f1:24:6b:b0:e4:87:3e:29:80:d5:20:31:79:96:37:c5:59:1c:
fd:e3:71:37:b1:26:9f:35:1a:2c:6f:8e:73:8b:17:98:d5:d7:
fe:b2:ea:7f:2f:16:94:0d:4b:ca:c0:92:f9:49:c2:d3:ba:84:
4b:3f:d2:02:62:5c:16:ce:d4:f2:ee:f1:53:1f:ff:4b:71:bd:
1c:4b:0f:32:a8:7a:f1:35:8e:1d:7e:e6:21:25:18:3a:3a:c7:
57:c3:9d:c1:b9:2b:fc:07:72:af:4b:7b:87:66:d2:9d:a6:e2:
b3:41:58:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVryiBHm07b/yZk5VRnQEDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmNjODhjNTM2NGMxNmYxNTA4NTFmYjNiYzlmY2Y0ZTgxZmE5MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK4Qmo5tucYEbKwrA3orRP2shu7J
Auyi2i3PybRA6DTH+pf55wY5EM/rRMcNJhgSlI1wTa7zhlVxajXi3+oDuFPQ3D8c
nbYORNj7tWUB/AJ08h7TsAScqjEzA/e1DV9XDyNetWL9nkosZb11T9h77kSJLeBO
eYS9EHCRImqMqQfwrAJjXGLVXt3qUJQbUUe0xFXMh4otzlAaNWrRR+K5B7rbMoot
ceTxLH5NrJbaverpjLlGpCeJfr81tWQPKdMzkGgHTiqfW8DehXeWhp7DT7XAgMko
2gd6rfITsObhCLwyMpJbTgbPIwqPWD50ea94/gp3r4BvQ72UnBfoarNMswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLMiMU2TBbxUIUfs7yfz06B+pEmMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvVXN5SXhUWk1GdkZRaFItenZKX1BUb0g2a1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYYVAwQA
LZiVMA0GCSqGSIb3DQEBCwUAA4IBAQCDpXf5jfJY8xA5KgexLfKE82jEijSqMGBn
BUyZIN7TwgJwk9ALELSN52WiUvKDEBAJFFJVUZTucAgeD9JsT1tmTeAENDNZP/uu
UJQgViIIo3DXTED7lshK8Ckx5+znKQQky7ZnXwY0r7mwxmeX0VN/2XnTwV2Li4dq
3599SliE8HOczRispdNQAC+0En5oUSbxJGuw5Ic+KYDVIDF5ljfFWRz943E3sSaf
NRosb45zixeY1df+sup/LxaUDUvKwJL5ScLTuoRLP9ICYlwWztTy7vFTH/9Lcb0c
Sw8yqHrxNY4dfuYhJRg6OsdXw53BuSv8B3KvS3uHZtKdpuKzQVh7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org