Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/rvXgMA3g1BKcID1iMfyMdyyCmIs.roa
File: rvXgMA3g1BKcID1iMfyMdyyCmIs.roa (raw, json)
Hash identifier: Dxyvu1+WETDWHiABVT7a4FULwy+OY3Kdio4GiBRZkp8=
Subject key identifier: AE:F5:E0:30:0D:E0:D4:12:9C:20:3D:62:31:FC:8C:77:2C:82:98:8B
Certificate issuer: /CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Certificate serial: 018AACD4ECF21F76B5F1FE2D6A9FEC0D2DC7
Authority key identifier: C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/rvXgMA3g1BKcID1iMfyMdyyCmIs.roa
Signing time: Tue 19 Sep 2023 09:45:50 +0000
ROA not before: Tue 19 Sep 2023 09:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32338
IP address blocks: 185.213.88.0/22 maxlen: 24
45.84.30.0/24 maxlen: 24
45.84.31.0/24 maxlen: 24
45.84.28.0/23 maxlen: 23
185.149.132.0/23 maxlen: 23
185.149.134.0/23 maxlen: 23
185.73.220.0/22 maxlen: 24
2a0b:85c0::/29 maxlen: 32
2a05:44c0::/29 maxlen: 32
2a0e:9480::/29 maxlen: 48
2a07:68c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:d4:ec:f2:1f:76:b5:f1:fe:2d:6a:9f:ec:0d:2d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Validity
Not Before: Sep 19 09:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aef5e0300de0d4129c203d6231fc8c772c82988b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:21:40:0f:6c:3e:6c:2c:a7:77:f4:02:7c:9d:
66:57:29:d7:71:2b:e1:0b:8b:87:5c:0b:09:ae:fd:
dd:bf:98:a9:71:38:0c:43:82:0d:8c:28:ac:4f:2d:
43:07:f8:96:5a:2e:e5:e7:35:48:29:48:a9:7b:cc:
88:7e:f8:3c:5c:fd:92:3a:6f:29:c4:0a:8f:fa:39:
ae:b1:f9:43:a5:ae:8a:d7:1a:2b:5d:42:38:dd:87:
3d:13:da:6d:62:18:4a:f6:36:15:80:2a:64:ba:7c:
c2:a9:b5:a7:2c:fc:a3:11:82:99:f8:e4:88:cf:a8:
2e:3c:ff:9e:5b:f9:ee:71:4a:43:f4:16:10:31:43:
18:eb:27:ef:24:13:02:eb:98:d9:77:a9:9f:c2:c0:
f2:a4:72:a8:7e:0f:ea:47:53:4f:e7:d9:46:09:a4:
93:14:a3:58:40:5f:8d:d1:82:f6:dd:d6:1f:ec:86:
0f:34:5a:07:0f:bd:74:9f:ed:d5:46:9c:9d:55:5d:
a3:fe:13:be:96:f5:3e:41:c2:ac:08:25:ee:3d:33:
b9:97:0c:55:fa:bf:9a:6e:50:7c:b7:a7:a0:fc:9d:
13:c8:3f:03:02:67:89:93:43:b5:32:6a:73:d6:92:
75:b6:6d:1b:d5:c7:94:af:25:65:36:51:f4:a3:71:
64:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F5:E0:30:0D:E0:D4:12:9C:20:3D:62:31:FC:8C:77:2C:82:98:8B
X509v3 Authority Key Identifier:
keyid:C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/rvXgMA3g1BKcID1iMfyMdyyCmIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/x-nHqlNLEwC_ck__DwwbBRnVBbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.28.0/22
185.73.220.0/22
185.149.132.0/22
185.213.88.0/22
IPv6:
2a05:44c0::/29
2a07:68c0::/29
2a0b:85c0::/29
2a0e:9480::/29
Signature Algorithm: sha256WithRSAEncryption
76:e7:3e:f3:1f:07:d2:fa:56:9e:70:30:87:b7:5f:a6:e7:d9:
57:ae:94:1a:43:79:5e:03:16:1b:fc:f7:3a:eb:99:79:20:67:
f9:23:21:21:7d:9b:0a:30:52:03:77:81:52:87:3b:ed:a4:39:
9a:c8:ba:54:73:81:56:9e:d1:2f:84:1c:d4:62:ec:28:bf:ef:
55:2a:bc:4c:3c:6f:a7:98:ed:eb:72:72:83:99:72:29:df:bb:
c2:76:da:5b:81:af:85:36:99:96:63:e1:bf:73:60:af:fc:cf:
f6:4a:14:17:e1:82:72:0d:1a:8e:d8:cc:2e:89:fb:e1:70:29:
f9:65:cd:f5:cc:ec:69:1b:71:1c:c1:2d:1c:c6:28:d9:b3:62:
5a:be:8e:bd:77:10:bd:66:29:a9:56:14:6b:2a:8b:2c:ba:2d:
d1:24:80:10:63:98:fd:fd:86:38:bc:25:34:a9:ff:db:45:84:
a3:68:eb:1c:e0:e1:3d:38:74:e0:26:00:fb:68:af:86:59:21:
49:b6:11:46:18:8d:db:38:31:3f:97:02:f6:3f:80:e5:d7:c4:
b1:8b:7a:08:4d:28:72:83:fc:5c:9a:be:b3:81:6a:7e:ca:1b:
e6:55:bc:57:17:b8:92:e5:10:3f:56:20:54:ba:d0:a4:fe:8a:
87:3e:09:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYqs1OzyH3a18f4tap/sDS3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZTljN2FhNTM0YjEzMDBiZjcyNGZmZjBmMGMxYjA1MTlk
NTA1YmIwHhcNMjMwOTE5MDk0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWY1ZTAzMDBkZTBkNDEyOWMyMDNkNjIzMWZjOGM3NzJjODI5ODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCFAD2w+bCynd/QCfJ1mVynXcSvh
C4uHXAsJrv3dv5ipcTgMQ4INjCisTy1DB/iWWi7l5zVIKUipe8yIfvg8XP2SOm8p
xAqP+jmusflDpa6K1xorXUI43Yc9E9ptYhhK9jYVgCpkunzCqbWnLPyjEYKZ+OSI
z6guPP+eW/nucUpD9BYQMUMY6yfvJBMC65jZd6mfwsDypHKofg/qR1NP59lGCaST
FKNYQF+N0YL23dYf7IYPNFoHD710n+3VRpydVV2j/hO+lvU+QcKsCCXuPTO5lwxV
+r+ablB8t6eg/J0TyD8DAmeJk0O1Mmpz1pJ1tm0b1ceUryVlNlH0o3FkPwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK714DAN4NQSnCA9YjH8jHcsgpiLMB8GA1UdIwQY
MBaAFMfpx6pTSxMAv3JP/w8MGwUZ1QW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQt
Y2U1MDA4MjdmZjdmLzEvcnZYZ01BM2cxQktjSUQxaU1meU1keXlDbUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQtY2U1MDA4MjdmZjdm
LzEveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCLVQcAwQC
uUncAwQCuZWEAwQCudVYMCIEAgACMBwDBQMqBUTAAwUDKgdowAMFAyoLhcADBQMq
DpSAMA0GCSqGSIb3DQEBCwUAA4IBAQB25z7zHwfS+laecDCHt1+m59lXrpQaQ3le
AxYb/Pc665l5IGf5IyEhfZsKMFIDd4FShzvtpDmayLpUc4FWntEvhBzUYuwov+9V
KrxMPG+nmO3rcnKDmXIp37vCdtpbga+FNpmWY+G/c2Cv/M/2ShQX4YJyDRqO2Mwu
ifvhcCn5Zc31zOxpG3EcwS0cxijZs2Javo69dxC9ZimpVhRrKossui3RJIAQY5j9
/YY4vCU0qf/bRYSjaOsc4OE9OHTgJgD7aK+GWSFJthFGGI3bODE/lwL2P4Dl18Sx
i3oITShyg/xcmr6zgWp+yhvmVbxXF7iS5RA/ViBUutCk/oqHPgn7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:04 2024 by rpki-client on console-ams.rpki-client.org