Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/Cz0555J3P3eGZxkG5qZzrUGAqe8.roa
File: Cz0555J3P3eGZxkG5qZzrUGAqe8.roa (raw, json)
Hash identifier: jOOWqZaNxQf1ayn5fVcsXH5BoyjEOHEU154MwXcvdVE=
Subject key identifier: 0B:3D:39:E7:92:77:3F:77:86:67:19:06:E6:A6:73:AD:41:80:A9:EF
Certificate issuer: /CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Certificate serial: 0187285FA46B82B0032B28844F44EF7C8E43
Authority key identifier: F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/Cz0555J3P3eGZxkG5qZzrUGAqe8.roa
Signing time: Tue 28 Mar 2023 13:19:29 +0000
ROA not before: Tue 28 Mar 2023 13:19:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63473
IP address blocks: 45.132.74.0/24 maxlen: 24
45.132.75.0/24 maxlen: 24
45.91.95.0/24 maxlen: 24
45.91.92.0/24 maxlen: 24
45.91.93.0/24 maxlen: 24
45.91.94.0/24 maxlen: 24
109.205.61.0/24 maxlen: 24
2a0e:dc0:4::/48 maxlen: 48
2a0e:dc0:5::/48 maxlen: 48
2a0e:dc0:8::/48 maxlen: 48
2a0e:dc0:3::/48 maxlen: 48
2a0e:dc0:9::/48 maxlen: 48
2a0e:dc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:5f:a4:6b:82:b0:03:2b:28:84:4f:44:ef:7c:8e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Validity
Not Before: Mar 28 13:19:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3d39e792773f7786671906e6a673ad4180a9ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b7:56:b8:71:3a:65:5d:52:6f:74:09:62:be:
ec:f2:b5:f1:a0:f9:df:ea:a3:a6:8f:09:38:50:34:
02:b8:3e:72:43:b8:bf:fb:41:dd:9d:af:9b:8a:3a:
63:d0:f0:f4:50:4a:dc:49:68:ea:a1:b9:f2:c8:3d:
7d:d0:d7:cf:bc:b9:b3:8d:65:d0:78:e1:75:51:cd:
7b:a1:59:ef:bf:ea:9e:ee:69:35:c8:1c:94:cf:3b:
1a:4e:d4:45:ef:6f:7a:ec:03:b9:42:d5:a4:0c:07:
22:89:61:d3:d7:df:7f:33:50:27:60:e0:53:6b:0e:
df:cb:1d:cb:67:ae:1d:5f:9b:4d:0a:84:e6:86:ab:
27:4f:bb:cc:e8:8b:bb:a6:b7:ef:06:77:5b:44:e5:
57:b1:85:32:a9:6c:01:9f:54:25:5b:98:f5:45:88:
18:57:a5:0b:25:31:d7:6d:e2:03:b3:ab:39:98:a2:
f5:40:34:ce:35:52:72:50:83:7a:88:50:fa:53:f1:
5f:1d:9f:a2:d1:dc:08:1e:43:73:09:0e:5c:6e:5f:
c9:46:2f:61:2f:cc:99:c1:73:59:7e:58:28:be:b1:
ac:6f:2b:3b:01:c9:2c:a1:cf:8e:e5:82:1d:c0:cb:
8d:0b:bd:ca:ab:af:11:70:59:9f:b9:0b:50:94:ce:
6c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3D:39:E7:92:77:3F:77:86:67:19:06:E6:A6:73:AD:41:80:A9:EF
X509v3 Authority Key Identifier:
keyid:F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/Cz0555J3P3eGZxkG5qZzrUGAqe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.92.0/22
45.132.74.0/23
109.205.61.0/24
IPv6:
2a0e:dc0:3::-2a0e:dc0:6:ffff:ffff:ffff:ffff:ffff
2a0e:dc0:8::/47
Signature Algorithm: sha256WithRSAEncryption
79:19:cf:8e:03:22:76:0a:1d:dc:d7:6c:6e:69:22:a0:0e:db:
6e:ee:aa:f5:43:41:9a:7e:d2:38:18:ee:44:1b:31:00:2e:c5:
de:85:b2:55:33:8f:bc:00:9c:1c:8c:d8:d6:ba:f8:e0:75:53:
75:03:ff:a1:f8:a6:8d:c3:56:13:90:7b:79:7a:11:65:9d:12:
a1:6b:54:ab:bc:c9:98:43:9f:cf:fa:43:f5:c8:d9:a1:60:79:
9e:b0:07:81:dd:1e:e5:05:27:e7:62:f3:f3:5f:53:05:39:d1:
ce:36:5e:59:b7:71:c5:2c:7f:25:e3:4e:73:4f:c0:a9:cd:f5:
9a:2b:b9:3e:52:f9:93:9b:c9:f4:41:4a:1e:cf:37:49:9c:89:
d8:bd:1b:31:9a:3d:8f:ca:21:a9:d2:64:8c:8d:42:cc:f8:e9:
c0:0e:cf:9d:0b:42:04:71:ed:1c:0d:9a:46:2b:e4:d3:bd:71:
5e:b0:ae:a5:a7:8a:17:80:65:f3:f7:9e:cf:9f:b0:8f:66:f8:
f8:da:0d:4c:c1:d3:8a:0c:27:c6:85:39:b2:0c:02:94:2f:95:
b8:ab:3a:ee:ef:0f:43:3b:2e:a3:26:99:94:00:7d:38:e9:53:
68:90:79:56:75:58:7d:ff:5c:a5:7a:c8:22:84:84:32:67:14:
bb:32:75:31
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYcoX6RrgrADKyiET0TvfI5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjUwYzdlODFkOGNmMjY0ZDEyMDliNmFkNWEzY2NiODJj
MTZmZGQwHhcNMjMwMzI4MTMxOTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNkMzllNzkyNzczZjc3ODY2NzE5MDZlNmE2NzNhZDQxODBhOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLdWuHE6ZV1Sb3QJYr7s8rXxoPnf
6qOmjwk4UDQCuD5yQ7i/+0Hdna+bijpj0PD0UErcSWjqobnyyD190NfPvLmzjWXQ
eOF1Uc17oVnvv+qe7mk1yByUzzsaTtRF72967AO5QtWkDAciiWHT199/M1AnYOBT
aw7fyx3LZ64dX5tNCoTmhqsnT7vM6Iu7prfvBndbROVXsYUyqWwBn1QlW5j1RYgY
V6ULJTHXbeIDs6s5mKL1QDTONVJyUIN6iFD6U/FfHZ+i0dwIHkNzCQ5cbl/JRi9h
L8yZwXNZflgovrGsbys7Acksoc+O5YIdwMuNC73Kq68RcFmfuQtQlM5sfQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAs9OeeSdz93hmcZBuamc61BgKnvMB8GA1UdIwQY
MBaAFPe1DH6B2M8mTRIJtq1aPMuCwW/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmIt
YWM0MDE2MTIwY2I5LzEvQ3owNTU1SjNQM2VHWnhrRzVxWnpyVUdBcWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmItYWM0MDE2MTIwY2I5
LzEvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAYBAIAATASAwQCLVtcAwQB
LYRKAwQAbc09MCMEAgACMB0wEgMHACoODcAAAwMHACoODcAABgMHASoODcAACDAN
BgkqhkiG9w0BAQsFAAOCAQEAeRnPjgMidgod3NdsbmkioA7bbu6q9UNBmn7SOBju
RBsxAC7F3oWyVTOPvACcHIzY1rr44HVTdQP/ofimjcNWE5B7eXoRZZ0SoWtUq7zJ
mEOfz/pD9cjZoWB5nrAHgd0e5QUn52Lz819TBTnRzjZeWbdxxSx/JeNOc0/Aqc31
miu5PlL5k5vJ9EFKHs83SZyJ2L0bMZo9j8ohqdJkjI1CzPjpwA7PnQtCBHHtHA2a
Rivk071xXrCupaeKF4Bl8/eez5+wj2b4+NoNTMHTigwnxoU5sgwClC+VuKs67u8P
QzsuoyaZlAB9OOlTaJB5VnVYff9cpXrIIoSEMmcUuzJ1MQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:07 2023 by rpki-client on console-fra.rpki-client.org