Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/ywXkqNdh5JqAulCTFlHWzGnmkyY.roa
File: ywXkqNdh5JqAulCTFlHWzGnmkyY.roa (raw, json)
Hash identifier: eXOSHCXNB/lzNMJWFEpsZC8/j5iWe5pi4C8a532VWNE=
Subject key identifier: CB:05:E4:A8:D7:61:E4:9A:80:BA:50:93:16:51:D6:CC:69:E6:93:26
Certificate issuer: /CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Certificate serial: 0185735615A610289AB997323032F2740621
Authority key identifier: A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/ywXkqNdh5JqAulCTFlHWzGnmkyY.roa
Signing time: Mon 02 Jan 2023 16:34:59 +0000
ROA not before: Mon 02 Jan 2023 16:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 45.135.200.0/22 maxlen: 22
45.88.111.0/24 maxlen: 24
45.88.110.0/24 maxlen: 24
45.88.109.0/24 maxlen: 24
45.88.108.0/22 maxlen: 22
45.88.108.0/24 maxlen: 24
91.218.64.0/22 maxlen: 24
2a04:e8c0::/29 maxlen: 29
2a0c:75c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:15:a6:10:28:9a:b9:97:32:30:32:f2:74:06:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Validity
Not Before: Jan 2 16:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb05e4a8d761e49a80ba50931651d6cc69e69326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dc:2b:8d:ed:ee:eb:21:b4:d6:2e:27:cf:46:
91:c3:a9:1c:cb:9b:c3:bf:46:15:c4:61:e5:50:33:
21:65:ff:45:14:93:5f:6c:07:fa:82:1a:46:e1:38:
4c:d2:f4:8f:89:21:55:b3:25:84:16:b5:f3:2a:4f:
c4:1e:d1:0a:da:04:1f:a0:8e:aa:08:44:0e:e1:22:
81:1e:e2:62:89:b6:62:3b:b7:82:27:cc:74:8b:a2:
c0:1d:a3:e2:a6:be:6d:7a:fb:69:5a:09:36:b1:9b:
56:d5:1a:6c:b0:fa:b8:62:ed:f7:f2:74:4f:c9:11:
0c:7d:36:4f:ff:d6:46:9a:c7:f6:50:a7:12:33:43:
1b:1d:36:d0:18:e0:58:c5:d7:4f:51:1e:35:26:0a:
9e:2d:1d:05:3d:78:0a:a6:41:be:21:9f:fb:fe:5f:
ec:bb:71:aa:53:11:a8:9c:48:b7:9d:61:d9:33:49:
d4:ac:4d:2b:30:d4:36:1e:d0:42:b6:22:81:9b:87:
ee:3e:c1:40:1f:03:9c:54:e3:43:d9:86:21:91:0d:
0b:8a:d0:2d:7e:ec:25:9e:f9:3e:47:85:05:d3:24:
7f:86:ec:53:85:99:70:8c:cb:f6:9b:ad:e6:b5:d2:
f8:e1:29:aa:84:8e:53:37:cf:02:d6:7a:31:81:c0:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:05:E4:A8:D7:61:E4:9A:80:BA:50:93:16:51:D6:CC:69:E6:93:26
X509v3 Authority Key Identifier:
keyid:A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/ywXkqNdh5JqAulCTFlHWzGnmkyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/oRlmxatOoGc8xBx4bgd4OUuL2s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.108.0/22
45.135.200.0/22
91.218.64.0/22
IPv6:
2a04:e8c0::/29
2a0c:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:9a:fd:36:36:f8:e4:14:55:d2:da:cd:a3:59:cf:3f:ac:b5:
f0:28:65:fc:c2:ec:6c:77:2c:42:3c:8a:8e:e3:ba:26:02:2b:
b3:5b:b9:db:db:82:83:aa:f6:52:bb:ac:9e:9c:d2:55:84:c1:
71:70:f2:5a:6b:e4:e8:07:4d:9b:49:ea:53:42:3d:95:6c:8c:
26:c1:c6:71:43:7d:78:f1:5b:be:d0:83:31:21:bd:9d:63:b8:
7a:58:c4:99:27:91:e6:39:28:17:31:d9:ae:22:1a:24:e7:85:
e7:cc:62:73:a3:9a:e8:92:52:06:62:1e:1b:69:25:d8:32:07:
f5:77:b5:48:63:de:8d:59:f5:13:b0:2c:23:3f:aa:38:28:25:
5c:4e:e2:08:b1:83:b6:e6:97:cf:36:f6:09:d8:96:00:be:57:
a9:cf:d5:01:dc:ac:3f:e8:e9:c2:72:ab:c4:ef:94:cd:63:5b:
c1:b3:7a:8f:7e:26:c5:19:da:79:82:49:a7:4a:86:33:10:1c:
4e:6b:d1:db:19:bb:60:00:37:3b:f1:76:3f:9e:39:8e:d2:48:
bc:86:e8:ce:86:98:a7:08:31:c3:9d:a0:49:2b:9e:d3:83:85:
5e:2f:f5:7e:fc:cd:2b:e7:30:3f:ce:89:4e:0f:92:2e:e8:f4:
f1:58:9b:9f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVzVhWmECiauZcyMDLydAYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMTk2NmM1YWI0ZWEwNjczY2M0MWM3ODZlMDc3ODM5NGI4
YmRhY2YwHhcNMjMwMTAyMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA1ZTRhOGQ3NjFlNDlhODBiYTUwOTMxNjUxZDZjYzY5ZTY5MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNwrje3u6yG01i4nz0aRw6kcy5vD
v0YVxGHlUDMhZf9FFJNfbAf6ghpG4ThM0vSPiSFVsyWEFrXzKk/EHtEK2gQfoI6q
CEQO4SKBHuJiibZiO7eCJ8x0i6LAHaPipr5tevtpWgk2sZtW1RpssPq4Yu338nRP
yREMfTZP/9ZGmsf2UKcSM0MbHTbQGOBYxddPUR41JgqeLR0FPXgKpkG+IZ/7/l/s
u3GqUxGonEi3nWHZM0nUrE0rMNQ2HtBCtiKBm4fuPsFAHwOcVOND2YYhkQ0LitAt
fuwlnvk+R4UF0yR/huxThZlwjMv2m63mtdL44SmqhI5TN88C1noxgcA8kwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMsF5KjXYeSagLpQkxZR1sxp5pMmMB8GA1UdIwQY
MBaAFKEZZsWrTqBnPMQceG4HeDlLi9rPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JsbXhhdE9vR2M4eEJ4NGJnZDRPVXVMMnM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xMjBlMzItNzkzYy00ZTIzLTlkZDgt
NGE3NWExNDEyMWJmLzEveXdYa3FOZGg1SnFBdWxDVEZsSFd6R25ta3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xMjBlMzItNzkzYy00ZTIzLTlkZDgtNGE3NWExNDEyMWJm
LzEvb1JsbXhhdE9vR2M4eEJ4NGJnZDRPVXVMMnM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLVhsAwQC
LYfIAwQCW9pAMBQEAgACMA4DBQMqBOjAAwUDKgx1wDANBgkqhkiG9w0BAQsFAAOC
AQEAbpr9Njb45BRV0trNo1nPP6y18Chl/MLsbHcsQjyKjuO6JgIrs1u529uCg6r2
UrusnpzSVYTBcXDyWmvk6AdNm0nqU0I9lWyMJsHGcUN9ePFbvtCDMSG9nWO4eljE
mSeR5jkoFzHZriIaJOeF58xic6Oa6JJSBmIeG2kl2DIH9Xe1SGPejVn1E7AsIz+q
OCglXE7iCLGDtuaXzzb2CdiWAL5Xqc/VAdysP+jpwnKrxO+UzWNbwbN6j34mxRna
eYJJp0qGMxAcTmvR2xm7YAA3O/F2P545jtJIvIbozoaYpwgxw52gSSue04OFXi/1
fvzNK+cwP86JTg+SLuj08Vibnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:33 2024 by rpki-client on console-ams.rpki-client.org