Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa
File: 0U229wzVGTSpD86gIP-qHTy7OA4.roa (raw, json)
Hash identifier: W87A95U5ZmMDbhRAPNSNsr3AlXwKLm8cy7QkJb9E42k=
Subject key identifier: D1:4D:B6:F7:0C:D5:19:34:A9:0F:CE:A0:20:FF:AA:1D:3C:BB:38:0E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01891A24F83E2E6903E03C4B040774D5B571
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa
Signing time: Mon 03 Jul 2023 05:06:17 +0000
ROA not before: Mon 03 Jul 2023 05:06:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 91.206.168.0/24 maxlen: 24
45.149.3.0/24 maxlen: 24
45.95.242.0/24 maxlen: 24
93.185.162.0/24 maxlen: 24
45.130.139.0/24 maxlen: 24
45.130.137.0/24 maxlen: 24
45.139.253.0/24 maxlen: 24
45.139.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:24:f8:3e:2e:69:03:e0:3c:4b:04:07:74:d5:b5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jul 3 05:06:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d14db6f70cd51934a90fcea020ffaa1d3cbb380e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ae:f5:a5:50:b4:85:61:c7:ea:d0:66:83:b4:
4a:d2:e8:fa:16:1d:eb:47:7c:60:ed:b5:db:f8:d7:
d2:69:de:ce:57:65:f4:4d:2c:44:40:f5:43:ab:fe:
1c:8e:27:f6:42:f0:14:5d:59:e9:f4:fd:da:af:a2:
2b:08:4f:55:72:18:fa:75:86:63:39:f7:94:06:52:
78:e7:6f:5f:a4:f3:15:e2:d6:49:a7:72:1f:ce:50:
7e:37:01:4c:04:91:25:ee:3f:17:1e:a2:64:e7:c6:
52:79:15:07:b9:25:47:7c:a1:09:8c:2a:83:d8:96:
f1:b8:12:83:fc:c5:a0:27:88:1f:00:3d:ce:58:a7:
af:5f:b8:7d:f6:28:f1:69:20:63:17:09:64:eb:55:
c4:8d:28:8a:34:51:ae:f7:6f:ae:f1:a7:ce:19:be:
58:c9:b1:e9:57:81:61:0c:d7:be:0d:02:10:65:c2:
3e:27:26:55:a2:30:61:1e:9e:1a:94:6d:92:10:c0:
fd:fd:63:ca:47:94:82:cf:68:2a:40:9f:22:a8:6e:
cf:8b:e9:01:ee:1d:c1:b3:c3:51:54:2c:90:30:fe:
6a:ec:70:74:3f:48:00:b6:65:47:39:92:3a:4d:0a:
8e:04:ed:6a:25:f4:91:37:e3:26:64:45:03:b7:0a:
32:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4D:B6:F7:0C:D5:19:34:A9:0F:CE:A0:20:FF:AA:1D:3C:BB:38:0E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0U229wzVGTSpD86gIP-qHTy7OA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.242.0/24
45.130.137.0/24
45.130.139.0/24
45.139.252.0/23
45.149.3.0/24
91.206.168.0/24
93.185.162.0/24
Signature Algorithm: sha256WithRSAEncryption
29:fe:7a:9f:7e:72:2f:12:e0:94:99:e8:86:a6:c6:26:c9:e4:
be:0b:7c:48:71:1c:3a:54:67:b0:f3:29:4d:a5:26:36:73:48:
18:8e:83:e0:6c:00:22:c0:17:d2:90:fb:56:3e:7d:de:ca:8f:
83:02:3c:92:95:9d:18:3a:6e:da:10:ec:21:d3:5f:54:54:7f:
c6:32:e9:91:a4:b2:ce:fb:98:24:f6:e6:99:b5:c4:f1:dd:1e:
06:f2:a2:66:cd:fb:a4:9d:3f:d6:30:81:b0:fb:96:91:cf:17:
96:1f:05:59:34:79:fa:98:ad:73:5c:84:56:77:35:65:74:b8:
e1:b1:7f:95:90:85:88:f5:85:93:7d:48:b3:84:75:ff:8e:fc:
34:f4:67:20:5f:ee:e6:bb:1f:1f:c6:37:ee:e4:6d:d9:2f:af:
ac:fa:e4:af:bf:8f:56:2c:4d:1f:98:b2:08:c6:be:6a:04:5f:
0d:8b:6c:e7:64:49:12:8b:10:66:57:64:6a:43:4a:27:7b:11:
18:5a:a1:01:b1:b0:5b:03:2d:53:13:f4:8a:df:44:4e:b2:dc:
9f:2e:2a:97:64:45:23:40:c0:6a:81:c6:69:ac:13:ba:9b:bc:
84:c0:cb:11:af:3b:0e:10:2b:76:82:ca:6d:d0:ff:3f:90:48:
f1:44:c8:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYkaJPg+LmkD4DxLBAd01bVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzAzMDUwNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRkYjZmNzBjZDUxOTM0YTkwZmNlYTAyMGZmYWExZDNjYmIzODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q71pVC0hWHH6tBmg7RK0uj6Fh3r
R3xg7bXb+NfSad7OV2X0TSxEQPVDq/4cjif2QvAUXVnp9P3ar6IrCE9Vchj6dYZj
OfeUBlJ4529fpPMV4tZJp3IfzlB+NwFMBJEl7j8XHqJk58ZSeRUHuSVHfKEJjCqD
2JbxuBKD/MWgJ4gfAD3OWKevX7h99ijxaSBjFwlk61XEjSiKNFGu92+u8afOGb5Y
ybHpV4FhDNe+DQIQZcI+JyZVojBhHp4alG2SEMD9/WPKR5SCz2gqQJ8iqG7Pi+kB
7h3Bs8NRVCyQMP5q7HB0P0gAtmVHOZI6TQqOBO1qJfSRN+MmZEUDtwoyOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNFNtvcM1Rk0qQ/OoCD/qh08uzgOMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMFUyMjl3elZHVFNwRDg2Z0lQLXFIVHk3T0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oAwQAXbmiMA0GCSqGSIb3DQEBCwUA
A4IBAQAp/nqffnIvEuCUmeiGpsYmyeS+C3xIcRw6VGew8ylNpSY2c0gYjoPgbAAi
wBfSkPtWPn3eyo+DAjySlZ0YOm7aEOwh019UVH/GMumRpLLO+5gk9uaZtcTx3R4G
8qJmzfuknT/WMIGw+5aRzxeWHwVZNHn6mK1zXIRWdzVldLjhsX+VkIWI9YWTfUiz
hHX/jvw09GcgX+7mux8fxjfu5G3ZL6+s+uSvv49WLE0fmLIIxr5qBF8Ni2znZEkS
ixBmV2RqQ0onexEYWqEBsbBbAy1TE/SK30ROstyfLiqXZEUjQMBqgcZprBO6m7yE
wMsRrzsOECt2gspt0P8/kEjxRMgE
-----END CERTIFICATE-----
Generated at Sat Jul 22 03:36:08 2023 by rpki-client on console-fra.rpki-client.org