Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/rlJIcyE6zmAD7JRnFNhWIyF55Y0.roa
File: rlJIcyE6zmAD7JRnFNhWIyF55Y0.roa (raw, json)
Hash identifier: wWn5iMArXT9IEoTIwGYnfLOqwnh08YSp3ZXiXdW4N3A=
Subject key identifier: AE:52:48:73:21:3A:CE:60:03:EC:94:67:14:D8:56:23:21:79:E5:8D
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 018704A0E9F696793BD716A9B46184F5BB15
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/rlJIcyE6zmAD7JRnFNhWIyF55Y0.roa
Signing time: Tue 21 Mar 2023 14:44:27 +0000
ROA not before: Tue 21 Mar 2023 14:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20766
IP address blocks: 185.57.124.0/22 maxlen: 22
80.67.160.0/19 maxlen: 19
80.67.182.0/24 maxlen: 24
193.23.30.0/24 maxlen: 24
45.94.17.0/24 maxlen: 24
45.94.18.0/23 maxlen: 23
2a0f:6780::/29 maxlen: 29
2a04:9ac2::/32 maxlen: 32
2001:910::/32 maxlen: 32
2001:913:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:04:a0:e9:f6:96:79:3b:d7:16:a9:b4:61:84:f5:bb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Mar 21 14:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae524873213ace6003ec946714d856232179e58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:cc:1b:a3:71:19:45:b3:30:ae:e9:f6:ea:
a0:ea:08:04:76:a8:27:a7:48:79:5e:f0:f6:ba:54:
b2:ec:74:05:19:27:53:7c:4b:00:b5:e1:c5:fc:e6:
69:60:95:21:1b:63:31:67:6d:78:16:58:53:2a:85:
cf:a1:dd:6d:21:34:87:78:c3:14:b8:90:bb:e8:d3:
e2:c1:33:f5:87:d9:ef:b5:28:be:6a:b0:b8:7f:2a:
54:85:d3:f2:ca:c1:37:14:c0:5a:86:a1:ed:0b:15:
78:1d:4f:19:dc:ed:92:e0:f2:89:8a:ff:95:c9:c4:
a8:2c:6d:22:23:e2:07:fa:03:43:39:be:20:87:5e:
b9:5b:27:7a:06:f0:0a:03:0b:97:16:60:7b:08:85:
5c:5d:bb:e0:a8:bc:41:d4:b4:d2:10:1d:20:c0:7c:
66:cb:3a:8c:04:f9:09:da:4a:ec:ec:50:27:1d:ab:
fa:a4:5f:bd:0a:5e:75:43:a9:3f:3a:ec:d5:11:dd:
23:2d:5a:a4:4b:47:a9:9e:2d:5f:16:a3:b1:4c:48:
09:3b:9d:60:16:be:dc:2e:b2:1a:ef:b3:c6:99:af:
5a:7a:7e:b1:c6:99:39:46:c1:5f:32:1e:47:31:cb:
56:c0:d2:05:db:f6:f3:d2:c6:a1:9f:94:41:14:16:
4c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:52:48:73:21:3A:CE:60:03:EC:94:67:14:D8:56:23:21:79:E5:8D
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/rlJIcyE6zmAD7JRnFNhWIyF55Y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.17.0-45.94.19.255
80.67.160.0/19
185.57.124.0/22
193.23.30.0/24
IPv6:
2001:910::/32
2001:913:4000::/36
2a04:9ac2::/32
2a0f:6780::/29
Signature Algorithm: sha256WithRSAEncryption
95:b2:f0:50:fd:0c:16:4a:f1:71:10:0f:ed:19:3e:32:0c:d5:
db:08:35:05:77:96:23:cd:42:b0:7f:4e:1b:0e:74:de:13:c4:
99:3f:ab:78:c3:2c:0e:58:35:73:9d:7c:9c:63:c9:40:7d:0a:
5e:3d:ac:8c:74:3d:13:da:71:43:d1:5d:d7:cd:5f:0a:f8:fd:
37:f1:91:f0:b0:eb:1f:19:79:0a:f2:ed:c5:07:e6:b3:42:16:
9e:75:87:8b:b7:00:13:27:23:bc:8c:c0:c5:37:9d:a2:3e:ac:
4f:61:a6:a8:b0:13:ae:03:7a:a1:95:90:ec:40:11:bb:3d:e0:
97:e4:03:4a:f6:92:34:42:30:07:f6:23:f6:9e:9e:02:64:29:
c3:62:42:0e:8c:7d:7f:0c:5e:e6:81:b3:78:22:b3:15:12:70:
42:61:d6:12:5d:3f:42:33:2b:bc:1a:04:2b:51:1c:34:4f:9f:
7c:22:14:5d:bc:b8:63:be:2f:30:c3:ae:d5:21:d7:9a:45:e1:
7c:84:3f:08:83:3d:a1:c2:78:ae:8e:b0:26:77:87:98:0c:3e:
be:0d:b7:fd:08:58:6c:44:c5:d7:62:6b:31:88:26:6f:1d:ef:
57:cb:21:48:84:0f:7f:89:bb:70:0d:53:63:d0:7e:41:4b:08:
bf:63:d3:73
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYcEoOn2lnk71xaptGGE9bsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjMwMzIxMTQ0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTUyNDg3MzIxM2FjZTYwMDNlYzk0NjcxNGQ4NTYyMzIxNzllNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRTMG6NxGUWzMK7p9uqg6ggEdqgn
p0h5XvD2ulSy7HQFGSdTfEsAteHF/OZpYJUhG2MxZ214FlhTKoXPod1tITSHeMMU
uJC76NPiwTP1h9nvtSi+arC4fypUhdPyysE3FMBahqHtCxV4HU8Z3O2S4PKJiv+V
ycSoLG0iI+IH+gNDOb4gh165Wyd6BvAKAwuXFmB7CIVcXbvgqLxB1LTSEB0gwHxm
yzqMBPkJ2krs7FAnHav6pF+9Cl51Q6k/OuzVEd0jLVqkS0epni1fFqOxTEgJO51g
Fr7cLrIa77PGma9aen6xxpk5RsFfMh5HMctWwNIF2/bz0sahn5RBFBZMeQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFK5SSHMhOs5gA+yUZxTYViMheeWNMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvcmxKSWN5RTZ6bUFEN0pSbkZOaFdJeUY1NVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAmBAIAATAgMAwDBAAtXhED
BAItXhADBAVQQ6ADBAK5OXwDBADBFx4wIwQCAAIwHQMFACABCRADBgQgAQkTQAMF
ACoEmsIDBQMqD2eAMA0GCSqGSIb3DQEBCwUAA4IBAQCVsvBQ/QwWSvFxEA/tGT4y
DNXbCDUFd5YjzUKwf04bDnTeE8SZP6t4wywOWDVznXycY8lAfQpePayMdD0T2nFD
0V3XzV8K+P038ZHwsOsfGXkK8u3FB+azQhaedYeLtwATJyO8jMDFN52iPqxPYaao
sBOuA3qhlZDsQBG7PeCX5ANK9pI0QjAH9iP2np4CZCnDYkIOjH1/DF7mgbN4IrMV
EnBCYdYSXT9CMyu8GgQrURw0T598IhRdvLhjvi8ww67VIdeaReF8hD8Igz2hwniu
jrAmd4eYDD6+Dbf9CFhsRMXXYmsxiCZvHe9XyyFIhA9/ibtwDVNj0H5BSwi/Y9Nz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:16 2024 by rpki-client on console-ams.rpki-client.org