Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3EXzxwxX2PQa4ORuM3YH8k-P81Y.roa
File: 3EXzxwxX2PQa4ORuM3YH8k-P81Y.roa (raw, json)
Hash identifier: dHy0ffb1FDtejHaYMHvv1/moIzBLZyoDGWQdHeV4QYA=
Subject key identifier: DC:45:F3:C7:0C:57:D8:F4:1A:E0:E4:6E:33:76:07:F2:4F:8F:F3:56
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01882AC1F439AA34B278F29B6E6FCD2CA73B
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3EXzxwxX2PQa4ORuM3YH8k-P81Y.roa
Signing time: Wed 17 May 2023 17:28:54 +0000
ROA not before: Wed 17 May 2023 17:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.133.0/24 maxlen: 24
185.159.68.0/24 maxlen: 24
185.159.69.0/24 maxlen: 24
185.159.70.0/24 maxlen: 24
185.187.237.0/24 maxlen: 24
185.187.238.0/24 maxlen: 24
185.187.239.0/24 maxlen: 24
45.12.204.0/24 maxlen: 24
45.12.205.0/24 maxlen: 24
45.134.19.0/24 maxlen: 24
81.90.191.0/24 maxlen: 24
188.119.100.0/24 maxlen: 24
188.119.101.0/24 maxlen: 24
185.126.69.0/24 maxlen: 24
185.126.70.0/24 maxlen: 24
185.126.71.0/24 maxlen: 24
185.105.189.0/24 maxlen: 24
185.105.190.0/24 maxlen: 24
185.168.21.0/24 maxlen: 24
185.168.22.0/24 maxlen: 24
185.168.23.0/24 maxlen: 24
185.171.121.0/24 maxlen: 24
91.217.120.0/24 maxlen: 24
91.217.121.0/24 maxlen: 24
185.126.138.0/24 maxlen: 24
185.126.139.0/24 maxlen: 24
194.156.228.0/24 maxlen: 24
185.175.140.0/24 maxlen: 24
185.175.141.0/24 maxlen: 24
45.144.241.0/24 maxlen: 24
185.160.25.0/24 maxlen: 24
185.160.27.0/24 maxlen: 24
5.183.178.0/24 maxlen: 24
45.82.166.0/24 maxlen: 24
185.126.118.0/24 maxlen: 24
185.126.119.0/24 maxlen: 24
5.181.6.0/24 maxlen: 24
5.181.7.0/24 maxlen: 24
45.66.132.0/24 maxlen: 24
185.120.18.0/24 maxlen: 24
185.120.19.0/24 maxlen: 24
152.89.209.0/24 maxlen: 24
147.78.15.0/24 maxlen: 24
217.197.163.0/24 maxlen: 24
45.128.154.0/24 maxlen: 24
2a0c:8a40:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 May 2023 11:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2a:c1:f4:39:aa:34:b2:78:f2:9b:6e:6f:cd:2c:a7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 17 17:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc45f3c70c57d8f41ae0e46e337607f24f8ff356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:67:0e:67:83:64:6f:da:9c:b3:23:f0:2e:
b6:19:20:e4:9a:b8:d6:8a:28:0d:1a:2b:de:ec:f9:
69:07:cc:69:c6:2a:ec:88:63:fc:f6:35:d5:30:72:
b3:47:8a:f6:64:3b:f1:05:c9:ad:32:22:51:b9:a8:
fb:ba:5c:d6:76:68:ff:9d:f2:f1:aa:b9:d5:e3:4d:
bc:96:58:3c:c6:ab:c5:9c:af:a0:32:75:3c:2b:f9:
4c:b6:e0:db:bc:dc:f6:17:13:d2:5b:53:65:8e:71:
8a:cb:96:75:2f:5f:89:f9:b5:56:bd:0c:39:a2:56:
3f:2c:15:17:dd:1a:a6:3c:17:8b:7e:e9:ce:e2:e4:
07:ba:c5:a8:5c:30:ae:4d:4e:09:90:d0:75:74:7e:
70:4d:4c:91:e7:0b:8f:bb:f5:f7:03:bc:df:53:18:
a8:92:a5:b2:c1:c4:03:39:5d:99:3b:4b:f7:94:e4:
fe:81:40:58:a7:2b:e2:8a:04:cf:fb:da:63:40:f0:
91:0a:9b:38:8a:d0:3c:51:42:a5:3b:59:90:0f:82:
56:70:be:7e:72:ab:e6:ac:6f:2d:26:43:10:05:77:
bb:0d:e2:48:92:75:0f:27:65:76:97:a8:ea:f1:1f:
38:6a:37:a9:dc:60:fd:68:bd:73:66:ec:fe:67:3e:
a6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:45:F3:C7:0C:57:D8:F4:1A:E0:E4:6E:33:76:07:F2:4F:8F:F3:56
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3EXzxwxX2PQa4ORuM3YH8k-P81Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.6.0/23
5.183.178.0/24
45.12.204.0/23
45.66.132.0/23
45.82.166.0/24
45.128.154.0/24
45.134.19.0/24
45.144.241.0/24
81.90.191.0/24
91.217.120.0/23
147.78.15.0/24
152.89.209.0/24
185.105.189.0-185.105.190.255
185.120.18.0/23
185.126.69.0-185.126.71.255
185.126.118.0/23
185.126.138.0/23
185.159.68.0-185.159.70.255
185.160.25.0/24
185.160.27.0/24
185.168.21.0-185.168.23.255
185.171.121.0/24
185.175.140.0/23
185.187.237.0-185.187.239.255
188.119.100.0/23
194.156.228.0/24
217.197.163.0/24
IPv6:
2a0c:8a40:1::/48
Signature Algorithm: sha256WithRSAEncryption
8d:9c:e9:4f:2a:53:61:b4:ff:82:1c:f1:46:f7:f2:d9:e6:a7:
07:99:a1:d2:4e:25:6a:11:2b:53:6f:c0:85:b5:49:21:81:f5:
4a:17:a8:10:69:c5:b0:72:a8:6f:26:2c:30:0a:3d:67:ef:a4:
c0:25:28:26:bb:43:40:97:6a:11:fc:c3:2d:fd:9f:0d:e5:df:
7d:fa:f1:c6:c4:c5:c4:fd:58:b4:52:57:bf:ca:21:68:00:5c:
9c:8f:36:5f:20:c7:71:aa:ac:6e:d5:31:05:04:99:49:e7:eb:
78:60:ed:02:bb:7b:ff:e8:7b:53:ce:a8:97:f0:d0:83:45:db:
7f:95:1a:da:78:c6:00:c3:d1:db:66:9e:88:14:6f:b7:2e:81:
4d:af:df:cf:74:09:f9:1f:b9:52:e4:62:e9:e7:96:50:0b:3d:
8b:2c:35:04:65:60:2d:eb:4d:51:f2:86:e1:70:d6:16:8a:66:
e6:4f:17:d2:bc:95:47:ff:63:01:be:a9:7b:73:ca:1a:cd:f9:
42:0d:45:42:9d:76:57:fd:93:2a:e6:8e:c4:c6:93:0e:6f:49:
e2:22:52:32:8d:96:10:50:b8:95:4d:18:75:3a:37:88:6b:b7:
18:c6:64:f9:31:51:3d:29:8a:0f:4c:14:89:76:9a:78:bb:fe:
f5:92:97:d7
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAYgqwfQ5qjSyePKbbm/NLKc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNTE3MTcyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ1ZjNjNzBjNTdkOGY0MWFlMGU0NmUzMzc2MDdmMjRmOGZmMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlRnDmeDZG/anLMj8C62GSDkmrjW
iigNGive7PlpB8xpxirsiGP89jXVMHKzR4r2ZDvxBcmtMiJRuaj7ulzWdmj/nfLx
qrnV4028llg8xqvFnK+gMnU8K/lMtuDbvNz2FxPSW1NljnGKy5Z1L1+J+bVWvQw5
olY/LBUX3RqmPBeLfunO4uQHusWoXDCuTU4JkNB1dH5wTUyR5wuPu/X3A7zfUxio
kqWywcQDOV2ZO0v3lOT+gUBYpyviigTP+9pjQPCRCps4itA8UUKlO1mQD4JWcL5+
cqvmrG8tJkMQBXe7DeJIknUPJ2V2l6jq8R84ajep3GD9aL1zZuz+Zz6m4wIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFNxF88cMV9j0GuDkbjN2B/JPj/NWMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvM0VYenh3eFgyUFFhNE9SdU0zWUg4ay1QODFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB0QQCAAEwgcoDBAEF
tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBAAtkPEDBABR
Wr8DBAFb2XgDBACTTg8DBACYWdEwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5F
AwQDuX5AAwQBuX52AwQBuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBkDBAC5oBswDAME
ALmoFQMEA7moEAMEALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzk
AwQA2cWjMA8EAgACMAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAI2c6U8q
U2G0/4Ic8Ub38tnmpweZodJOJWoRK1NvwIW1SSGB9UoXqBBpxbByqG8mLDAKPWfv
pMAlKCa7Q0CXahH8wy39nw3l33368cbExcT9WLRSV7/KIWgAXJyPNl8gx3GqrG7V
MQUEmUnn63hg7QK7e//oe1POqJfw0INF23+VGtp4xgDD0dtmnogUb7cugU2v3890
CfkfuVLkYunnllALPYssNQRlYC3rTVHyhuFw1haKZuZPF9K8lUf/YwG+qXtzyhrN
+UINRUKddlf9kyrmjsTGkw5vSeIiUjKNlhBQuJVNGHU6N4hrtxjGZPkxUT0pig9M
FIl2mni7/vWSl9c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:49 2024 by rpki-client on console-ams.rpki-client.org