Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/i04G0qDVY27UKq0xByt_oPGMb-Y.roa
File: i04G0qDVY27UKq0xByt_oPGMb-Y.roa (raw, json)
Hash identifier: io+VuHqHxowbyA2e8a47xiAcEbAJjd/Gruc+C/fTNWU=
Subject key identifier: 8B:4E:06:D2:A0:D5:63:6E:D4:2A:AD:31:07:2B:7F:A0:F1:8C:6F:E6
Certificate issuer: /CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Certificate serial: 01856F14A01747A84CEDF82E7B7088A83537
Authority key identifier: 52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/i04G0qDVY27UKq0xByt_oPGMb-Y.roa
Signing time: Sun 01 Jan 2023 20:45:00 +0000
ROA not before: Sun 01 Jan 2023 20:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209023
IP address blocks: 45.9.38.0/24 maxlen: 24
45.9.37.0/24 maxlen: 24
45.9.36.0/22 maxlen: 22
45.9.36.0/24 maxlen: 24
45.9.39.0/24 maxlen: 24
188.213.219.0/24 maxlen: 24
188.213.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a0:17:47:a8:4c:ed:f8:2e:7b:70:88:a8:35:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Validity
Not Before: Jan 1 20:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b4e06d2a0d5636ed42aad31072b7fa0f18c6fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a6:a3:36:19:5a:69:b2:84:f1:f8:3f:d5:23:
33:c4:95:8e:dd:d2:8f:38:66:33:64:cb:44:40:a8:
47:77:1d:14:05:74:aa:cc:ac:43:2d:d3:5b:49:35:
7d:8a:f7:c6:86:4f:73:ff:bd:00:4e:35:f7:ff:d7:
24:5e:ac:d0:d7:4a:7f:13:f6:8d:19:a4:04:e0:f5:
e3:5e:c0:3d:ad:dd:cd:51:54:23:5c:b9:c8:72:9b:
ca:b1:bf:f5:61:08:a8:59:83:73:37:42:fe:af:e1:
1e:da:34:92:61:72:d8:8d:86:83:77:ef:3e:c3:72:
52:ec:1f:12:21:66:ea:b4:f3:e4:18:87:1d:bb:3a:
fd:42:42:8a:a6:f5:8e:db:4c:98:16:70:47:2b:f7:
a0:d8:0f:51:f3:0f:4c:db:35:a3:9c:0d:11:62:6d:
42:4d:87:35:17:70:f6:6f:a5:cd:c7:32:29:d6:24:
65:20:b6:3b:57:99:d4:b8:66:b4:b1:b0:d4:00:c7:
43:0c:68:57:e3:21:a1:c1:70:3e:85:3b:f5:a6:98:
26:38:4c:81:97:e9:a6:74:a3:3e:48:04:66:77:54:
98:fe:94:4c:fe:1c:c8:8d:19:11:2b:3c:c0:c0:f5:
4d:27:49:4f:e4:dc:9d:1a:cc:7b:b8:18:3a:4c:5e:
da:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4E:06:D2:A0:D5:63:6E:D4:2A:AD:31:07:2B:7F:A0:F1:8C:6F:E6
X509v3 Authority Key Identifier:
keyid:52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/i04G0qDVY27UKq0xByt_oPGMb-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.36.0/22
188.213.219.0/24
188.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ae:3f:2c:0c:0f:d4:ae:1d:bd:c3:d4:a8:67:d2:5d:74:85:
06:31:4f:03:50:e2:9e:6d:5b:63:e2:26:f7:bb:47:db:3b:0f:
5c:f3:a1:97:96:f9:5d:ca:20:cb:2f:74:9d:4c:0b:b6:97:06:
32:94:55:aa:a1:54:e0:67:da:6a:c9:fe:66:f8:da:22:7a:6a:
f0:99:91:7d:04:44:d0:75:79:5c:60:81:93:52:bd:87:97:c8:
e6:67:00:0b:41:e0:4a:9d:61:66:35:17:a4:a6:99:e5:94:dc:
7b:61:8d:4d:b1:be:3c:9b:15:8c:cb:b4:c9:60:8e:a4:cf:eb:
e4:56:8d:a7:0c:98:a4:6f:2a:5a:96:93:47:8a:32:26:7c:18:
99:8d:f6:04:e6:1b:5d:9a:52:f5:db:9e:5c:e5:2c:52:5d:f5:
5a:f8:c3:8c:6d:f3:ff:d2:d7:1b:77:aa:69:b0:1b:99:5b:48:
2c:03:46:3b:84:1f:8e:b2:3f:ee:8e:d4:04:6f:dc:d6:b9:23:
d4:61:80:9d:2f:9c:9b:5f:a0:5f:d0:c0:85:65:50:0b:8c:7f:
0c:66:cc:d8:e3:db:28:59:8e:c7:de:8d:bb:56:0c:40:94:c1:
44:9d:22:2c:06:c1:f8:63:60:37:ad:db:75:4c:7a:27:e8:10:
1e:d5:41:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvFKAXR6hM7fgue3CIqDU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZTQwMGViYTM3OTBhMjQ1Y2RhYjRiNGU2N2JiNGQ2MGJi
ZTdiNDAwHhcNMjMwMTAxMjA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjRlMDZkMmEwZDU2MzZlZDQyYWFkMzEwNzJiN2ZhMGYxOGM2ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56ajNhlaabKE8fg/1SMzxJWO3dKP
OGYzZMtEQKhHdx0UBXSqzKxDLdNbSTV9ivfGhk9z/70ATjX3/9ckXqzQ10p/E/aN
GaQE4PXjXsA9rd3NUVQjXLnIcpvKsb/1YQioWYNzN0L+r+Ee2jSSYXLYjYaDd+8+
w3JS7B8SIWbqtPPkGIcduzr9QkKKpvWO20yYFnBHK/eg2A9R8w9M2zWjnA0RYm1C
TYc1F3D2b6XNxzIp1iRlILY7V5nUuGa0sbDUAMdDDGhX4yGhwXA+hTv1ppgmOEyB
l+mmdKM+SARmd1SY/pRM/hzIjRkRKzzAwPVNJ0lP5NydGsx7uBg6TF7aAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItOBtKg1WNu1CqtMQcrf6DxjG/mMB8GA1UdIwQY
MBaAFFLkAOujeQokXNq0tOZ7tNYLvntAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAt
Zjk3YWQzMDQ0ZTAyLzEvaTA0RzBxRFZZMjdVS3EweEJ5dF9vUEdNYi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lM2QxOWYtMjhmYi00NWNiLWFmZTAtZjk3YWQzMDQ0ZTAy
LzEvVXVRQTY2TjVDaVJjMnJTMDVudTAxZ3UtZTBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQkkAwQA
vNXbAwQAvNXwMA0GCSqGSIb3DQEBCwUAA4IBAQBIrj8sDA/Urh29w9SoZ9JddIUG
MU8DUOKebVtj4ib3u0fbOw9c86GXlvldyiDLL3SdTAu2lwYylFWqoVTgZ9pqyf5m
+NoiemrwmZF9BETQdXlcYIGTUr2Hl8jmZwALQeBKnWFmNRekppnllNx7YY1Nsb48
mxWMy7TJYI6kz+vkVo2nDJikbypalpNHijImfBiZjfYE5htdmlL1255c5SxSXfVa
+MOMbfP/0tcbd6ppsBuZW0gsA0Y7hB+Osj/ujtQEb9zWuSPUYYCdL5ybX6Bf0MCF
ZVALjH8MZszY49soWY7H3o27VgxAlMFEnSIsBsH4Y2A3rdt1THon6BAe1UFA
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:00 2024 by rpki-client on console-ams.rpki-client.org