Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GIvg3KP0mJmp_TnnzwSUmqWdJ2c.roa
File: GIvg3KP0mJmp_TnnzwSUmqWdJ2c.roa (raw, json)
Hash identifier: pNBMJa7XEHRw3aCU3xDq0RoigvMI4+sgdP85WHqclEg=
Subject key identifier: 18:8B:E0:DC:A3:F4:98:99:A9:FD:39:E7:CF:04:94:9A:A5:9D:27:67
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F7988DF34B6B2FB28919A0F08F25161
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GIvg3KP0mJmp_TnnzwSUmqWdJ2c.roa
Signing time: Sun 01 Jan 2023 22:35:13 +0000
ROA not before: Sun 01 Jan 2023 22:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56309
IP address blocks: 45.144.164.0/22 maxlen: 24
45.136.252.0/22 maxlen: 22
45.91.133.0/24 maxlen: 24
45.91.134.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:88:df:34:b6:b2:fb:28:91:9a:0f:08:f2:51:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=188be0dca3f49899a9fd39e7cf04949aa59d2767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3c:d2:2e:a3:17:59:d7:7a:86:01:1e:b2:a2:
34:4a:e7:e6:65:32:93:ea:c4:54:de:8f:b2:65:dc:
04:c9:1e:8c:9c:e4:88:57:58:d6:03:f3:75:d2:9c:
b1:75:03:dc:ee:13:45:ec:42:ea:ba:0a:9e:ba:03:
e6:de:7c:6b:7f:fc:86:8d:57:71:82:8d:ac:41:73:
50:bb:fa:5c:3b:91:14:25:72:d4:80:a5:4e:57:26:
ac:86:a3:0e:db:b8:34:20:a0:81:4c:93:9b:e8:bb:
0d:58:e6:18:08:ce:4d:98:ba:9d:e5:bc:13:a0:a1:
f6:84:2f:b0:5b:3c:69:ab:6b:33:70:d1:24:f9:6e:
56:44:44:be:21:71:f0:37:11:99:8e:81:81:b7:54:
d6:63:66:9e:08:7b:b6:a7:fa:35:4e:92:31:d1:f0:
ed:33:ac:62:f4:1a:58:38:45:b6:62:fe:ec:cb:b6:
6b:94:97:fc:80:7f:65:47:b7:7c:cb:c3:ad:78:f3:
dc:fd:8d:6e:75:5c:4d:88:2d:28:5f:cd:be:bd:35:
87:d8:22:39:d0:d4:54:70:10:6a:eb:e4:56:96:b9:
07:5a:4a:df:b3:8c:7f:e9:d5:12:a9:b2:ca:3d:32:
52:b2:db:6c:d6:1b:15:44:08:8d:99:c3:a1:d1:7e:
1e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8B:E0:DC:A3:F4:98:99:A9:FD:39:E7:CF:04:94:9A:A5:9D:27:67
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/GIvg3KP0mJmp_TnnzwSUmqWdJ2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.133.0-45.91.135.255
45.136.252.0/22
45.144.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:2a:55:3a:73:09:22:5a:bf:42:2c:ec:97:9f:43:25:ec:07:
0b:bd:ac:82:78:ed:35:77:bd:dd:50:e8:f4:7a:1f:d8:5e:71:
8b:02:e1:00:89:e1:e4:ca:0f:54:2d:7d:1e:28:b8:f7:ff:be:
a7:65:14:8c:85:23:41:80:22:c6:8b:c2:96:3b:36:43:11:38:
bb:0b:e9:0e:13:79:f9:33:50:4d:4c:0a:f7:e4:97:ad:b2:03:
4c:49:70:94:8b:8b:cf:35:75:ed:8f:57:df:ea:12:13:db:53:
e9:a8:60:91:a1:14:1e:be:39:68:7c:e5:26:ee:6d:04:e4:b5:
51:97:6a:5e:44:c6:0b:45:e7:d5:c9:fe:b8:42:17:43:f9:69:
9d:6c:e1:b4:7d:78:e9:24:46:39:20:86:3b:1e:f5:15:ad:2a:
fc:fc:dd:d8:bb:8d:57:24:d4:00:e8:51:53:d9:96:da:03:3e:
91:35:d9:9f:3a:59:ad:32:2e:1e:cf:9d:94:a6:65:f9:0d:06:
e1:a6:18:56:c7:82:18:dd:b1:d6:d1:9f:24:c9:53:61:2a:28:
24:9c:7f:b3:55:cc:80:65:70:a7:a3:c8:9f:47:3d:a2:ee:8c:
2a:f2:04:1c:99:7a:03:a7:d7:8a:64:5d:8b:eb:17:0d:a6:1e:
97:71:c7:cb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVveYjfNLay+yiRmg8I8lFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODhiZTBkY2EzZjQ5ODk5YTlmZDM5ZTdjZjA0OTQ5YWE1OWQyNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzzSLqMXWdd6hgEesqI0SufmZTKT
6sRU3o+yZdwEyR6MnOSIV1jWA/N10pyxdQPc7hNF7ELqugqeugPm3nxrf/yGjVdx
go2sQXNQu/pcO5EUJXLUgKVOVyashqMO27g0IKCBTJOb6LsNWOYYCM5NmLqd5bwT
oKH2hC+wWzxpq2szcNEk+W5WRES+IXHwNxGZjoGBt1TWY2aeCHu2p/o1TpIx0fDt
M6xi9BpYOEW2Yv7sy7ZrlJf8gH9lR7d8y8OtePPc/Y1udVxNiC0oX82+vTWH2CI5
0NRUcBBq6+RWlrkHWkrfs4x/6dUSqbLKPTJSstts1hsVRAiNmcOh0X4e8wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBiL4Nyj9JiZqf05588ElJqlnSdnMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvR0l2ZzNLUDBtSm1wX1Rubnp3U1VtcVdkSjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtW4UD
BAMtW4ADBAItiPwDBAItkKQwDQYJKoZIhvcNAQELBQADggEBAHsqVTpzCSJav0Is
7JefQyXsBwu9rIJ47TV3vd1Q6PR6H9hecYsC4QCJ4eTKD1QtfR4ouPf/vqdlFIyF
I0GAIsaLwpY7NkMROLsL6Q4TefkzUE1MCvfkl62yA0xJcJSLi881de2PV9/qEhPb
U+moYJGhFB6+OWh85SbubQTktVGXal5ExgtF59XJ/rhCF0P5aZ1s4bR9eOkkRjkg
hjse9RWtKvz83di7jVck1ADoUVPZltoDPpE12Z86Wa0yLh7PnZSmZfkNBuGmGFbH
ghjdsdbRnyTJU2EqKCScf7NVzIBlcKejyJ9HPaLujCryBByZegOn14pkXYvrFw2m
Hpdxx8s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org