Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RU5Mpx3eFqZ66Z2cTasE6B4R-zs.roa
File: RU5Mpx3eFqZ66Z2cTasE6B4R-zs.roa (raw, json)
Hash identifier: XjdO0UrBTexP/8SeAHZWmZtXWpcW+0EYDQzGXLA9O+w=
Subject key identifier: 45:4E:4C:A7:1D:DE:16:A6:7A:E9:9D:9C:4D:AB:04:E8:1E:11:FB:3B
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018B2EB1A4281DCCC027ED6E8FDE92E5E402
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RU5Mpx3eFqZ66Z2cTasE6B4R-zs.roa
Signing time: Sat 14 Oct 2023 14:57:55 +0000
ROA not before: Sat 14 Oct 2023 14:57:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211415
IP address blocks: 45.147.152.0/22 maxlen: 22
85.8.168.0/22 maxlen: 22
2.56.184.0/22 maxlen: 22
194.124.144.0/24 maxlen: 24
185.60.144.0/22 maxlen: 22
194.121.59.0/24 maxlen: 24
45.90.248.0/22 maxlen: 22
31.40.232.0/22 maxlen: 24
194.31.180.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:b1:a4:28:1d:cc:c0:27:ed:6e:8f:de:92:e5:e4:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 14 14:57:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=454e4ca71dde16a67ae99d9c4dab04e81e11fb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:90:61:3e:63:97:db:31:14:25:53:a6:40:
94:df:89:23:6c:39:7e:fe:48:f1:8c:d6:3a:6d:f3:
ca:2f:8d:e8:e0:5c:0f:f2:62:98:71:c1:9e:7b:53:
2b:4f:c3:5e:75:a4:9f:b9:77:59:d1:3e:90:3c:26:
75:b8:43:97:e9:a0:14:2b:d0:eb:13:fd:e3:a4:fb:
2f:10:f7:58:7e:51:c6:50:6a:13:a0:fb:8a:2a:e0:
d9:72:08:3b:08:1b:28:62:d7:01:5e:5b:94:99:7e:
63:1b:13:b3:74:5a:e7:0c:ff:31:55:78:71:9e:3d:
91:70:91:96:25:7b:8d:3d:64:c2:72:91:7e:8d:e3:
41:6c:03:a2:98:07:67:75:41:42:99:6d:6e:0b:ab:
fa:3b:86:10:da:30:a0:54:87:ff:da:1d:57:d2:52:
a6:94:8b:fc:d3:eb:31:14:89:d0:e4:56:8e:18:54:
29:37:05:8c:b7:b0:48:0b:cf:87:13:b4:26:df:0f:
29:9e:9b:b7:53:65:64:2b:86:a0:63:86:bc:24:1e:
2e:cd:7b:a4:82:78:1a:13:00:76:21:3d:10:2b:6c:
b9:86:6d:63:18:d5:7e:99:2f:71:5f:4f:c2:86:50:
ec:76:ae:66:2e:3a:68:0a:43:f7:45:98:3d:b0:3e:
56:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4E:4C:A7:1D:DE:16:A6:7A:E9:9D:9C:4D:AB:04:E8:1E:11:FB:3B
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RU5Mpx3eFqZ66Z2cTasE6B4R-zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
31.40.232.0/22
45.90.248.0/22
45.147.152.0/22
85.8.168.0/22
185.60.144.0/22
194.31.180.0/22
194.121.59.0/24
194.124.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:f6:13:12:48:2e:97:24:4b:3e:d5:ef:68:7b:cc:cc:82:95:
52:7d:cd:32:b7:48:8c:08:8b:70:26:9e:9c:21:7b:ff:58:cd:
27:e9:41:0b:f2:7f:72:7a:5f:13:00:30:44:50:94:86:d6:14:
9b:a5:64:3f:13:cf:b2:8f:d8:e1:ea:e3:b2:1f:03:08:af:32:
6f:6a:90:a7:91:a5:9e:38:8b:61:9c:63:6a:26:93:5e:91:39:
16:4e:50:d2:1d:08:61:a0:b0:39:0e:77:02:c1:6b:d8:2e:ed:
6b:95:36:20:cf:6d:c4:5f:07:36:06:b2:59:49:11:28:4c:91:
89:00:cd:58:68:03:78:5a:2c:9e:05:2e:fb:eb:3d:60:3a:4d:
95:ff:ac:e1:df:23:46:b0:a8:69:55:a3:8e:39:a7:29:60:7a:
36:4e:ad:47:48:a8:b3:b6:fb:2c:b3:eb:92:29:3f:d7:fa:b1:
9d:93:4e:d4:a8:71:5c:11:77:88:4f:b8:31:89:71:a2:a7:ec:
57:5a:21:f0:ff:8a:83:ab:62:ac:d5:ff:84:14:12:1e:fd:76:
37:be:17:48:ba:8f:6b:51:ce:64:24:f2:45:ac:32:44:83:d8:
15:56:01:68:b8:0a:0a:ed:95:88:c8:d2:af:18:6c:66:8a:c6:
d8:da:c5:9f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYsusaQoHczAJ+1uj96S5eQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDE0MTQ1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRlNGNhNzFkZGUxNmE2N2FlOTlkOWM0ZGFiMDRlODFlMTFmYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzGQYT5jl9sxFCVTpkCU34kjbDl+
/kjxjNY6bfPKL43o4FwP8mKYccGee1MrT8NedaSfuXdZ0T6QPCZ1uEOX6aAUK9Dr
E/3jpPsvEPdYflHGUGoToPuKKuDZcgg7CBsoYtcBXluUmX5jGxOzdFrnDP8xVXhx
nj2RcJGWJXuNPWTCcpF+jeNBbAOimAdndUFCmW1uC6v6O4YQ2jCgVIf/2h1X0lKm
lIv80+sxFInQ5FaOGFQpNwWMt7BIC8+HE7Qm3w8pnpu3U2VkK4agY4a8JB4uzXuk
gngaEwB2IT0QK2y5hm1jGNV+mS9xX0/ChlDsdq5mLjpoCkP3RZg9sD5WrwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEVOTKcd3hameumdnE2rBOgeEfs7MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvUlU1TXB4M2VGcVo2NloyY1Rhc0U2QjRSLXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCAji4AwQC
HyjoAwQCLVr4AwQCLZOYAwQCVQioAwQCuTyQAwQCwh+0AwQAwnk7AwQAwnyQMA0G
CSqGSIb3DQEBCwUAA4IBAQA79hMSSC6XJEs+1e9oe8zMgpVSfc0yt0iMCItwJp6c
IXv/WM0n6UEL8n9yel8TADBEUJSG1hSbpWQ/E8+yj9jh6uOyHwMIrzJvapCnkaWe
OIthnGNqJpNekTkWTlDSHQhhoLA5DncCwWvYLu1rlTYgz23EXwc2BrJZSREoTJGJ
AM1YaAN4WiyeBS776z1gOk2V/6zh3yNGsKhpVaOOOacpYHo2Tq1HSKiztvsss+uS
KT/X+rGdk07UqHFcEXeIT7gxiXGip+xXWiHw/4qDq2Ks1f+EFBIe/XY3vhdIuo9r
Uc5kJPJFrDJEg9gVVgFouAoK7ZWIyNKvGGxmisbY2sWf
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:58 2024 by rpki-client on console-fra.rpki-client.org