Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9DMcd7hOnJdNQEmgzUk3tyX9KB8.roa
File: 9DMcd7hOnJdNQEmgzUk3tyX9KB8.roa (raw, json)
Hash identifier: ZY6USXF6rEVxurU8NK2YS0bO+B8Gt/a2g3JSXWAIztM=
Subject key identifier: F4:33:1C:77:B8:4E:9C:97:4D:40:49:A0:CD:49:37:B7:25:FD:28:1F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018733D4764639D09A848461A2AB7B744919
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9DMcd7hOnJdNQEmgzUk3tyX9KB8.roa
Signing time: Thu 30 Mar 2023 18:42:54 +0000
ROA not before: Thu 30 Mar 2023 18:42:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.139.50.0/23 maxlen: 24
45.140.140.0/22 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
193.176.244.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jul 2023 08:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:33:d4:76:46:39:d0:9a:84:84:61:a2:ab:7b:74:49:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 30 18:42:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4331c77b84e9c974d4049a0cd4937b725fd281f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:73:f2:f7:1d:10:07:ac:ee:83:53:6c:fa:
14:65:14:43:42:67:4f:19:57:d0:f1:18:ed:bb:dd:
06:1b:79:0b:24:06:d7:ae:99:41:2e:ec:d7:7d:e0:
fc:26:b7:19:03:bc:55:4d:ab:e5:51:cd:dc:c2:a9:
b6:59:eb:a1:eb:3a:bf:97:1e:1d:f2:06:92:78:ac:
49:6d:90:4c:4a:8c:9b:63:79:99:30:bf:e7:ca:c9:
5c:6d:40:fa:91:a0:d3:fa:df:db:8f:71:07:88:c6:
5b:f9:e8:f3:e6:b9:b1:20:44:29:a4:d0:1b:3b:59:
48:6f:fb:0a:73:fd:eb:35:ae:03:55:80:8b:13:3e:
23:4a:53:86:5b:80:04:f7:12:84:42:5a:f2:cf:a7:
15:f1:07:14:cb:1d:cf:76:40:34:f8:48:96:75:36:
cd:d7:0d:20:14:4e:94:6c:66:47:db:6a:54:78:0a:
38:09:5f:a7:91:2e:7f:d0:4c:95:9a:b6:e4:cd:67:
37:78:fc:84:fc:ac:e7:d0:e3:a4:9d:a0:f2:56:ae:
92:ed:01:db:ad:de:a7:8c:85:d8:b3:ff:8e:c8:0d:
9c:6b:e0:1a:12:58:54:42:3b:21:84:04:05:78:0c:
07:41:23:2b:6e:d7:d0:c4:5e:65:a6:84:bf:3a:e2:
41:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:33:1C:77:B8:4E:9C:97:4D:40:49:A0:CD:49:37:B7:25:FD:28:1F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/9DMcd7hOnJdNQEmgzUk3tyX9KB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.198.0/23
45.137.204.0/22
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
77:15:e4:58:b8:89:1e:48:9f:fd:27:e7:ab:64:47:85:82:62:
7e:0d:f0:3a:5c:ee:13:e0:99:4a:de:fa:da:3d:5c:1e:ab:e6:
ea:d7:34:a0:f4:a8:af:21:a2:af:20:8b:3d:0c:c8:37:1b:2c:
dd:5f:2b:35:9c:ee:44:cf:80:2f:cb:db:e9:5e:9b:9b:92:d9:
ef:18:d6:1c:fb:30:81:71:de:51:70:a0:71:c1:b4:50:fa:61:
5d:0d:4c:f0:a1:6a:97:a8:22:14:bc:1c:48:73:d3:c1:3a:b7:
26:c9:54:fc:59:fc:51:61:74:b9:e9:08:a2:c3:e7:a3:61:c5:
d8:89:c9:5a:c0:61:be:fc:08:59:a2:4b:1c:d8:82:23:fc:4a:
ce:49:a5:c0:cf:ea:05:1c:a8:3b:59:de:f1:c4:39:0d:85:c0:
b2:e4:d4:8a:04:c4:96:a1:ec:e5:f4:4b:be:5d:70:bc:16:88:
f8:d7:eb:c4:8b:54:d8:78:18:11:89:25:87:fd:8f:d4:2f:b3:
83:d4:e8:c0:02:dc:a0:9b:de:7c:c5:b4:52:f3:93:17:fd:49:
cd:35:98:bc:ac:b9:bc:6f:3c:ea:a8:b1:0a:e5:1f:45:60:d5:
41:0a:49:87:f9:bf:fa:4c:3a:91:81:f7:3f:3a:60:cf:94:38:
c4:87:24:51
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcz1HZGOdCahIRhoqt7dEkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzMwMTg0MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMzMWM3N2I4NGU5Yzk3NGQ0MDQ5YTBjZDQ5MzdiNzI1ZmQyODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwNz8vcdEAes7oNTbPoUZRRDQmdP
GVfQ8Rjtu90GG3kLJAbXrplBLuzXfeD8JrcZA7xVTavlUc3cwqm2Weuh6zq/lx4d
8gaSeKxJbZBMSoybY3mZML/nyslcbUD6kaDT+t/bj3EHiMZb+ejz5rmxIEQppNAb
O1lIb/sKc/3rNa4DVYCLEz4jSlOGW4AE9xKEQlryz6cV8QcUyx3PdkA0+EiWdTbN
1w0gFE6UbGZH22pUeAo4CV+nkS5/0EyVmrbkzWc3ePyE/Kzn0OOknaDyVq6S7QHb
rd6njIXYs/+OyA2ca+AaElhUQjshhAQFeAwHQSMrbtfQxF5lpoS/OuJBFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPQzHHe4TpyXTUBJoM1JN7cl/SgfMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOURNY2Q3aE9uSmROUUVtZ3pVazN0eVg5S0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYnGAwQC
LYnMAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQBwbD0MA0GCSqGSIb3DQEBCwUA
A4IBAQB3FeRYuIkeSJ/9J+erZEeFgmJ+DfA6XO4T4JlK3vraPVweq+bq1zSg9Kiv
IaKvIIs9DMg3GyzdXys1nO5Ez4Avy9vpXpubktnvGNYc+zCBcd5RcKBxwbRQ+mFd
DUzwoWqXqCIUvBxIc9PBOrcmyVT8WfxRYXS56Qiiw+ejYcXYiclawGG+/AhZoksc
2IIj/ErOSaXAz+oFHKg7Wd7xxDkNhcCy5NSKBMSWoezl9Eu+XXC8Foj41+vEi1TY
eBgRiSWH/Y/UL7OD1OjAAtygm958xbRS85MX/UnNNZi8rLm8bzzqqLEK5R9FYNVB
CkmH+b/6TDqRgfc/OmDPlDjEhyRR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org