Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0l_FTkb6Pw8eD3yxNgaq_ZN3txk.roa
File: 0l_FTkb6Pw8eD3yxNgaq_ZN3txk.roa (raw, json)
Hash identifier: lH8Ntp+OcucJKNHLEdClyBVnZRfXC/N3qVvxx1J1Rts=
Subject key identifier: D2:5F:C5:4E:46:FA:3F:0F:1E:0F:7C:B1:36:06:AA:FD:93:77:B7:19
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F7973936BE2591C0CE40C10A1ADE444
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0l_FTkb6Pw8eD3yxNgaq_ZN3txk.roa
Signing time: Sun 01 Jan 2023 22:35:08 +0000
ROA not before: Sun 01 Jan 2023 22:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 45.95.240.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
45.87.28.0/24 maxlen: 24
45.130.142.0/24 maxlen: 24
45.134.222.0/24 maxlen: 24
45.148.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Oct 2023 09:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:73:93:6b:e2:59:1c:0c:e4:0c:10:a1:ad:e4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d25fc54e46fa3f0f1e0f7cb13606aafd9377b719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:f6:80:bd:d1:a7:16:cc:26:44:fe:70:81:
73:b9:e3:ad:92:d8:6b:cc:10:ef:92:6e:4e:5c:e3:
ba:7c:19:90:7e:f6:5c:5f:eb:2a:65:56:43:59:75:
14:b3:d8:59:04:84:1d:52:88:2b:12:6f:cf:53:a2:
ce:08:0e:50:67:bd:8e:c1:dc:48:6c:a0:4d:b3:bb:
9f:ff:99:92:b5:df:a1:3f:2b:6a:53:6e:2c:a3:5c:
6c:e2:f7:03:82:68:94:72:7a:3e:dd:69:f8:e0:bc:
59:68:e7:56:5d:b4:a3:a7:c7:66:ab:5c:ec:bb:7c:
aa:6b:18:5e:b2:a8:4b:0c:25:70:7c:6f:ac:de:ab:
b6:99:e3:2a:e2:49:a7:c8:0b:a4:52:87:0c:1d:3a:
3c:6e:75:80:f5:03:22:4e:89:bf:a2:d8:e8:fe:f9:
0f:53:c6:1b:49:39:be:d7:75:3a:00:0b:0f:e9:66:
57:7c:33:ca:71:5d:38:ca:8d:7b:87:9d:84:a5:81:
09:ab:9e:af:9b:0e:49:c1:56:62:60:d5:04:5a:b8:
1e:7f:97:7e:32:3f:7d:ff:83:d7:e9:e3:16:c1:e3:
c7:4f:67:7e:10:dd:55:eb:50:d6:3c:56:72:e8:73:
ca:e4:8a:b5:28:50:1a:8f:d8:b0:25:b4:84:e0:6c:
76:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5F:C5:4E:46:FA:3F:0F:1E:0F:7C:B1:36:06:AA:FD:93:77:B7:19
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/0l_FTkb6Pw8eD3yxNgaq_ZN3txk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.28.0/24
45.95.240.0/24
45.130.142.0/24
45.134.222.0/24
45.148.96.0/24
45.149.104.0/24
Signature Algorithm: sha256WithRSAEncryption
83:71:dd:38:cc:e6:31:52:f9:db:88:75:70:34:d5:bb:ae:30:
d6:dd:d3:e5:fa:38:c6:6a:76:2e:d9:fb:29:1c:64:91:0c:e9:
89:70:9c:57:1a:74:55:bc:94:61:59:d9:0b:d2:02:ff:a1:a9:
ff:01:18:65:41:39:04:c0:14:86:65:02:cb:d0:e1:6e:4f:a3:
27:5e:b0:bd:73:b5:31:69:13:c4:76:ce:8f:4f:bf:81:dd:b0:
8f:10:4f:57:06:fc:7c:ed:71:cb:04:c5:20:c5:b3:21:b8:60:
63:1c:05:09:de:94:2c:1e:c0:1f:1e:d5:36:96:0e:03:4e:03:
56:38:1c:8a:74:2a:6f:27:30:1f:59:18:dd:ce:67:50:4c:42:
fb:3e:51:c1:c7:1b:6c:78:94:a0:c7:a0:97:84:79:69:dc:73:
e6:90:21:ca:45:37:c3:fc:c6:38:c4:fd:1f:fb:21:52:b0:64:
ac:09:03:79:29:b6:4f:7e:5c:f1:e5:ae:63:a9:e0:7f:56:db:
45:aa:b7:f2:89:f3:d6:c4:34:48:f7:ee:a5:4c:03:86:f7:83:
72:d7:b1:22:28:d0:09:77:a7:11:14:32:fa:5d:ab:e5:00:33:
02:58:43:1b:36:d9:29:58:9f:c5:79:2f:e7:4b:d6:f5:75:ef:
8e:8c:83:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVveXOTa+JZHAzkDBChreREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjVmYzU0ZTQ2ZmEzZjBmMWUwZjdjYjEzNjA2YWFmZDkzNzdiNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsv2gL3RpxbMJkT+cIFzueOtkthr
zBDvkm5OXOO6fBmQfvZcX+sqZVZDWXUUs9hZBIQdUogrEm/PU6LOCA5QZ72OwdxI
bKBNs7uf/5mStd+hPytqU24so1xs4vcDgmiUcno+3Wn44LxZaOdWXbSjp8dmq1zs
u3yqaxhesqhLDCVwfG+s3qu2meMq4kmnyAukUocMHTo8bnWA9QMiTom/otjo/vkP
U8YbSTm+13U6AAsP6WZXfDPKcV04yo17h52EpYEJq56vmw5JwVZiYNUEWrgef5d+
Mj99/4PX6eMWwePHT2d+EN1V61DWPFZy6HPK5Iq1KFAaj9iwJbSE4Gx2zwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNJfxU5G+j8PHg98sTYGqv2Td7cZMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMGxfRlRrYjZQdzhlRDN5eE5nYXFfWk4zdHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVccAwQA
LV/wAwQALYKOAwQALYbeAwQALZRgAwQALZVoMA0GCSqGSIb3DQEBCwUAA4IBAQCD
cd04zOYxUvnbiHVwNNW7rjDW3dPl+jjGanYu2fspHGSRDOmJcJxXGnRVvJRhWdkL
0gL/oan/ARhlQTkEwBSGZQLL0OFuT6MnXrC9c7UxaRPEds6PT7+B3bCPEE9XBvx8
7XHLBMUgxbMhuGBjHAUJ3pQsHsAfHtU2lg4DTgNWOByKdCpvJzAfWRjdzmdQTEL7
PlHBxxtseJSgx6CXhHlp3HPmkCHKRTfD/MY4xP0f+yFSsGSsCQN5KbZPflzx5a5j
qeB/VttFqrfyifPWxDRI9+6lTAOG94Ny17EiKNAJd6cRFDL6XavlADMCWEMbNtkp
WJ/FeS/nS9b1de+OjIMS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org