Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/dsvzTrqAPtKQCeIPucu0ON45qhY.roa
File: dsvzTrqAPtKQCeIPucu0ON45qhY.roa (raw, json)
Hash identifier: CSyufnJnBuXL1eMIwTxYbVU/zXEtmS6kj2/lHa0M6bw=
Subject key identifier: 76:CB:F3:4E:BA:80:3E:D2:90:09:E2:0F:B9:CB:B4:38:DE:39:AA:16
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 01856EC22826282D5791B9ED662EBF57DB31
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/dsvzTrqAPtKQCeIPucu0ON45qhY.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 45.132.112.0/24 maxlen: 24
79.143.130.0/24 maxlen: 24
79.143.128.0/24 maxlen: 24
45.152.34.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:28:26:28:2d:57:91:b9:ed:66:2e:bf:57:db:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76cbf34eba803ed29009e20fb9cbb438de39aa16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:12:42:f2:7e:20:78:ca:c7:bf:61:b0:7d:e1:
ec:9c:8f:f9:06:17:2f:96:04:40:e6:6a:c8:0c:ef:
53:e9:16:9f:8e:9a:1e:76:53:a8:bc:e1:a4:b8:6a:
d1:91:84:b0:fd:b7:3c:33:7d:76:cd:e3:d8:bc:31:
b5:b2:f2:2f:7e:38:a2:f9:50:c4:44:4a:22:31:e1:
6e:b9:ed:8e:16:7f:74:e2:d9:7b:bb:95:85:73:49:
bc:b8:64:fb:df:15:eb:da:ce:7e:35:be:8f:99:c4:
1b:3e:76:27:67:a0:67:9e:82:b2:34:38:bc:29:4b:
26:71:90:77:a4:24:3b:49:20:85:fb:37:66:57:81:
4d:ee:f9:d1:c3:63:04:13:63:17:09:e6:0e:0e:ae:
bc:78:e8:9b:68:79:2b:d8:70:d6:cc:56:5c:83:75:
26:63:49:92:fc:2d:d2:aa:9b:6e:23:ac:84:73:fe:
2e:1e:54:38:3e:bb:26:23:3c:80:9f:c4:e0:c0:3e:
7b:8c:9d:f0:ea:ed:8b:7b:0b:a8:2f:e2:85:d2:eb:
2d:b3:92:f9:bb:53:80:e7:bd:e0:e0:9c:57:bd:90:
86:11:97:c3:dd:d3:68:59:5e:30:28:25:dc:47:4a:
71:25:8c:13:24:b8:91:24:4a:bc:9e:1e:5f:37:86:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CB:F3:4E:BA:80:3E:D2:90:09:E2:0F:B9:CB:B4:38:DE:39:AA:16
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/dsvzTrqAPtKQCeIPucu0ON45qhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.112.0/24
45.152.34.0/23
79.143.128.0/24
79.143.130.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:86:3d:ca:00:b2:4a:a5:d4:86:34:c0:1f:45:cd:e3:7f:4e:
76:af:93:7a:53:be:f9:ad:ba:96:13:3c:24:74:b4:ab:2e:18:
c6:df:b8:c1:16:ea:1c:bb:3e:f1:ea:c9:c7:67:90:b6:68:4f:
fc:f3:96:95:85:1d:f1:26:41:2f:0b:bf:e9:e3:1b:39:82:53:
bf:7b:2e:17:12:a4:9e:d0:69:c1:d2:cc:d8:2d:ca:6c:13:d1:
86:24:ae:05:76:ee:fd:99:78:65:2c:91:72:50:04:e7:2b:c4:
82:06:33:17:35:ef:69:78:e8:00:7f:13:a3:f0:0b:90:82:45:
82:ab:25:31:5c:1b:ba:f8:3f:04:0b:25:18:5d:6b:68:e5:ca:
55:d3:e5:ff:e7:70:08:37:a3:bf:bb:3a:14:9a:d8:11:cf:1c:
17:a7:f7:66:7d:0d:8e:50:6b:fb:66:74:90:3d:a6:7c:be:ff:
6f:29:63:1c:a0:67:9c:0c:0d:35:c3:5b:ee:62:ca:1d:22:2a:
57:d8:2e:51:01:0c:a1:88:38:79:97:51:b4:35:db:a2:ed:07:
b9:67:16:2c:fc:eb:82:b8:1a:53:85:7d:69:62:af:40:3a:b4:
e4:ac:26:3e:16:9d:21:3c:38:0a:84:2d:39:29:e7:31:2b:c0:
e3:0d:b7:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuwigmKC1XkbntZi6/V9sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNiZjM0ZWJhODAzZWQyOTAwOWUyMGZiOWNiYjQzOGRlMzlhYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihJC8n4geMrHv2GwfeHsnI/5Bhcv
lgRA5mrIDO9T6RafjpoedlOovOGkuGrRkYSw/bc8M312zePYvDG1svIvfjii+VDE
REoiMeFuue2OFn904tl7u5WFc0m8uGT73xXr2s5+Nb6PmcQbPnYnZ6BnnoKyNDi8
KUsmcZB3pCQ7SSCF+zdmV4FN7vnRw2MEE2MXCeYODq68eOibaHkr2HDWzFZcg3Um
Y0mS/C3SqptuI6yEc/4uHlQ4PrsmIzyAn8TgwD57jJ3w6u2LewuoL+KF0usts5L5
u1OA573g4JxXvZCGEZfD3dNoWV4wKCXcR0pxJYwTJLiRJEq8nh5fN4aBdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHbL8066gD7SkAniD7nLtDjeOaoWMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvZHN2elRycUFQdEtRQ2VJUHVjdTBPTjQ1cWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYRwAwQB
LZgiAwQAT4+AAwQAT4+CMA0GCSqGSIb3DQEBCwUAA4IBAQB7hj3KALJKpdSGNMAf
Rc3jf052r5N6U775rbqWEzwkdLSrLhjG37jBFuocuz7x6snHZ5C2aE/885aVhR3x
JkEvC7/p4xs5glO/ey4XEqSe0GnB0szYLcpsE9GGJK4Fdu79mXhlLJFyUATnK8SC
BjMXNe9peOgAfxOj8AuQgkWCqyUxXBu6+D8ECyUYXWto5cpV0+X/53AIN6O/uzoU
mtgRzxwXp/dmfQ2OUGv7ZnSQPaZ8vv9vKWMcoGecDA01w1vuYsodIipX2C5RAQyh
iDh5l1G0Ndui7Qe5ZxYs/OuCuBpThX1pYq9AOrTkrCY+Fp0hPDgKhC05KecxK8Dj
Dbfw
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:40 2024 by rpki-client on console-fra.rpki-client.org