Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/tyjO2EzMO41gQ_-dFx6FDNgkjMk.roa
File: tyjO2EzMO41gQ_-dFx6FDNgkjMk.roa (raw, json)
Hash identifier: 4mhRDr5h3IY4Zlq+WXYHdVImX51YPHB/8El76lnev7c=
Subject key identifier: B7:28:CE:D8:4C:CC:3B:8D:60:43:FF:9D:17:1E:85:0C:D8:24:8C:C9
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 0188778F2E103DABBC2FF2D8EC0551161C75
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/tyjO2EzMO41gQ_-dFx6FDNgkjMk.roa
Signing time: Thu 01 Jun 2023 15:24:12 +0000
ROA not before: Thu 01 Jun 2023 15:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44592
IP address blocks: 45.153.34.0/24 maxlen: 24
195.62.46.0/24 maxlen: 24
45.153.35.0/24 maxlen: 24
45.142.182.0/24 maxlen: 24
45.142.181.0/24 maxlen: 24
45.142.180.0/24 maxlen: 24
92.246.85.0/24 maxlen: 24
92.246.84.0/24 maxlen: 24
92.246.86.0/24 maxlen: 24
2a0d:c2c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:8f:2e:10:3d:ab:bc:2f:f2:d8:ec:05:51:16:1c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Jun 1 15:24:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b728ced84ccc3b8d6043ff9d171e850cd8248cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:eb:ac:2c:25:27:92:40:b7:3e:55:dc:87:
c6:e8:6a:dd:70:8f:34:53:67:6c:b6:fb:23:51:28:
e0:c9:8c:31:68:84:f4:d8:b3:e1:a1:7b:79:2c:de:
0c:3d:46:fa:9a:e5:94:4d:38:f1:9c:e6:46:e5:07:
dc:cc:2d:bc:19:bb:97:3b:30:f7:5f:27:74:96:9c:
c1:8c:0f:2c:ab:1c:fb:fa:72:f8:45:29:57:c7:0b:
4c:d7:bf:65:e6:b2:9e:cc:33:4e:a5:63:58:44:6e:
cc:fd:0a:66:65:ce:95:33:8e:ff:3d:88:96:8a:e6:
db:ab:12:c3:6a:c5:98:44:43:56:47:c9:27:fc:4c:
8c:71:fc:4b:bb:68:f0:d3:57:3b:b7:48:00:b4:11:
23:d7:09:76:3c:4d:61:b2:05:05:40:30:83:12:9c:
93:fb:8c:31:31:1b:41:a9:a6:ee:2c:ba:37:6f:62:
b4:32:69:27:5f:35:f7:e9:1e:98:bf:9c:57:22:2d:
63:43:17:76:73:b8:07:80:14:8f:a6:59:95:5d:c2:
95:de:02:63:26:26:6f:60:09:36:70:5e:87:6e:3d:
38:49:3f:f2:a1:03:3b:b0:1f:64:41:af:c9:f8:b6:
53:db:c4:87:39:f3:1e:3e:73:ed:f6:ef:8c:c8:9d:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:28:CE:D8:4C:CC:3B:8D:60:43:FF:9D:17:1E:85:0C:D8:24:8C:C9
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/tyjO2EzMO41gQ_-dFx6FDNgkjMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.180.0-45.142.182.255
45.153.34.0/23
92.246.84.0-92.246.86.255
195.62.46.0/24
IPv6:
2a0d:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:4a:eb:0b:37:61:cf:d5:ce:f7:2a:44:e3:56:9c:59:cb:1e:
0d:d5:99:d8:c8:b9:a4:fb:fe:9c:29:d1:ae:fc:13:30:ab:64:
9d:4c:90:bc:ef:fe:ff:fd:81:bb:2e:31:ec:e9:95:bb:48:17:
d1:81:fe:19:f1:a5:74:e4:9c:26:92:4e:11:e3:ca:33:ea:64:
b3:98:6c:1f:58:f0:9f:f1:10:5f:2c:1e:c5:a4:03:5b:c1:3d:
19:b3:d7:a3:f6:b3:ab:ff:7b:96:a3:65:49:0f:3d:47:cb:a7:
a4:85:7c:04:6d:54:f8:87:a9:ff:df:46:e3:08:38:5d:74:57:
cd:a2:da:6f:4b:d7:51:1a:44:2d:3a:92:b8:a4:61:d1:ae:5b:
d8:7a:ab:49:f7:52:b2:7a:78:0e:cd:bd:22:87:f0:33:33:1f:
42:6f:eb:04:74:aa:fa:35:85:02:e5:e0:d9:fb:c3:1c:f6:2f:
66:43:fa:e4:87:87:b1:71:cd:40:58:c5:43:1b:05:b7:fe:35:
40:3e:1f:2d:95:6b:da:eb:d2:4e:a1:fe:e0:2a:21:6c:d3:15:
d0:8a:16:a8:ea:38:94:d2:eb:f0:cb:3d:6d:f1:42:fd:7b:f4:
cd:0f:7c:ff:1b:34:78:9d:09:fe:66:4e:6f:cb:69:9d:ee:b2:
7e:ab:7d:0a
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYh3jy4QPau8L/LY7AVRFhx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjMwNjAxMTUyNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI4Y2VkODRjY2MzYjhkNjA0M2ZmOWQxNzFlODUwY2Q4MjQ4Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXLrrCwlJ5JAtz5V3IfG6GrdcI80
U2dstvsjUSjgyYwxaIT02LPhoXt5LN4MPUb6muWUTTjxnOZG5QfczC28GbuXOzD3
Xyd0lpzBjA8sqxz7+nL4RSlXxwtM179l5rKezDNOpWNYRG7M/QpmZc6VM47/PYiW
iubbqxLDasWYRENWR8kn/EyMcfxLu2jw01c7t0gAtBEj1wl2PE1hsgUFQDCDEpyT
+4wxMRtBqabuLLo3b2K0MmknXzX36R6Yv5xXIi1jQxd2c7gHgBSPplmVXcKV3gJj
JiZvYAk2cF6Hbj04ST/yoQM7sB9kQa/J+LZT28SHOfMePnPt9u+MyJ1RwwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLcozthMzDuNYEP/nRcehQzYJIzJMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvdHlqTzJFek1PNDFnUV8tZEZ4NkZETmdrak1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoMAwDBAItjrQD
BAAtjrYDBAEtmSIwDAMEAlz2VAMEAFz2VgMEAMM+LjANBAIAAjAHAwUDKg3CwDAN
BgkqhkiG9w0BAQsFAAOCAQEAwErrCzdhz9XO9ypE41acWcseDdWZ2Mi5pPv+nCnR
rvwTMKtknUyQvO/+//2Buy4x7OmVu0gX0YH+GfGldOScJpJOEePKM+pks5hsH1jw
n/EQXywexaQDW8E9GbPXo/azq/97lqNlSQ89R8unpIV8BG1U+Iep/99G4wg4XXRX
zaLab0vXURpELTqSuKRh0a5b2HqrSfdSsnp4Ds29IofwMzMfQm/rBHSq+jWFAuXg
2fvDHPYvZkP65IeHsXHNQFjFQxsFt/41QD4fLZVr2uvSTqH+4CohbNMV0IoWqOo4
lNLr8Ms9bfFC/Xv0zQ98/xs0eJ0J/mZOb8tpne6yfqt9Cg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:41 2024 by rpki-client on console-ams.rpki-client.org