Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/H3paa9QIzNw8cR1xotxXZO0Wpr4.roa
File: H3paa9QIzNw8cR1xotxXZO0Wpr4.roa (raw, json)
Hash identifier: q28ZlQHCnZiCg9tvRc3MOrn/H20NhQTfo3U08kELr0E=
Subject key identifier: 1F:7A:5A:6B:D4:08:CC:DC:3C:71:1D:71:A2:DC:57:64:ED:16:A6:BE
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018DF928ACB9BAB9F1B167ABCED51260EF0A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/H3paa9QIzNw8cR1xotxXZO0Wpr4.roa
Signing time: Fri 01 Mar 2024 08:36:48 +0000
ROA not before: Fri 01 Mar 2024 08:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.149.1.0/24 maxlen: 24
185.227.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:35:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:28:ac:b9:ba:b9:f1:b1:67:ab:ce:d5:12:60:ef:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 1 08:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f7a5a6bd408ccdc3c711d71a2dc5764ed16a6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:93:5e:ab:7c:5f:49:89:a0:a0:77:ba:6a:c7:
66:13:2c:c7:43:fc:f0:37:cf:6b:ed:78:21:8c:1b:
87:99:93:7d:61:58:46:70:1b:c2:7a:3d:71:f8:1a:
30:e9:a7:9d:37:41:cb:6b:7d:77:ce:96:bc:6c:53:
61:a8:76:df:3b:05:e7:3a:2d:cc:e3:0b:72:de:6e:
1b:81:fb:d7:19:5c:8a:ab:f2:60:10:0f:83:24:ca:
f7:e1:0b:1b:dd:f0:d5:ba:bc:9f:99:63:4e:60:78:
c6:c2:11:1c:55:5a:f2:81:a1:a3:b7:50:4e:b3:84:
60:04:b2:be:b7:fe:a8:94:7e:64:fd:29:dc:f4:31:
24:25:30:a6:7a:2c:bc:00:89:76:b9:44:6c:a5:d0:
f3:c5:98:ed:f7:1f:c6:e0:f0:7d:10:b7:b7:c3:73:
0d:d9:91:b5:68:0e:43:0d:96:e2:80:dd:57:19:49:
92:73:55:3c:08:20:d9:64:f1:d2:d5:08:5c:8e:fb:
83:78:73:30:d1:d0:4f:5c:84:7e:4e:69:c2:88:9c:
c1:68:eb:b8:92:53:81:e7:ba:7b:5e:0f:d6:78:70:
3b:2b:26:e9:24:61:83:62:a3:45:a5:f4:3a:62:36:
30:57:6f:98:84:4f:c2:27:b5:d9:3c:de:be:4e:5d:
f0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:7A:5A:6B:D4:08:CC:DC:3C:71:1D:71:A2:DC:57:64:ED:16:A6:BE
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/H3paa9QIzNw8cR1xotxXZO0Wpr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.53.0/24
45.148.25.0/24
45.149.1.0/24
185.227.33.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:e1:dd:de:95:7d:21:8e:d3:fc:e0:54:9e:08:2c:c1:df:2e:
cb:82:92:f0:f0:54:3c:5d:fa:00:01:2d:c1:55:75:4a:2d:45:
24:89:05:4b:91:a0:f2:53:c5:b9:83:36:4d:00:e7:60:92:a3:
a5:d0:42:1a:ce:0f:f8:62:63:56:ab:30:c3:77:a6:ca:5f:cc:
88:76:bf:67:bd:b2:c3:66:a4:d4:39:41:2e:cb:72:36:3f:9b:
f0:51:f0:9a:64:aa:23:16:55:77:84:2e:2b:df:7a:a6:c4:87:
65:e9:9a:73:7d:c6:76:07:ec:4d:bb:89:dc:f5:c7:f4:b9:6b:
83:23:78:10:3f:6c:ab:b9:2b:16:1a:59:5a:d7:ae:be:a2:7d:
61:4f:8d:39:3e:62:9d:83:1a:b7:dc:7f:20:5e:81:f8:d2:9b:
7d:01:b5:2f:14:31:1f:b8:b7:8a:e7:84:25:da:6f:92:59:be:
e4:57:78:1a:71:3d:00:34:76:92:66:ff:05:38:e8:b1:68:94:
9c:dd:8d:a5:a5:46:bd:52:a7:71:f0:65:97:92:5f:3b:2d:b3:
9e:4d:a6:22:b4:a3:4c:cb:84:47:0a:40:57:a0:ab:64:13:3a:
9e:00:98:89:ab:1d:2d:80:34:3a:27:37:3f:8b:84:0f:3f:9f:
33:21:1d:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY35KKy5urnxsWerztUSYO8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzAxMDgzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjdhNWE2YmQ0MDhjY2RjM2M3MTFkNzFhMmRjNTc2NGVkMTZhNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJNeq3xfSYmgoHe6asdmEyzHQ/zw
N89r7XghjBuHmZN9YVhGcBvCej1x+Bow6aedN0HLa313zpa8bFNhqHbfOwXnOi3M
4wty3m4bgfvXGVyKq/JgEA+DJMr34Qsb3fDVuryfmWNOYHjGwhEcVVrygaGjt1BO
s4RgBLK+t/6olH5k/Snc9DEkJTCmeiy8AIl2uURspdDzxZjt9x/G4PB9ELe3w3MN
2ZG1aA5DDZbigN1XGUmSc1U8CCDZZPHS1QhcjvuDeHMw0dBPXIR+TmnCiJzBaOu4
klOB57p7Xg/WeHA7KybpJGGDYqNFpfQ6YjYwV2+YhE/CJ7XZPN6+Tl3wrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB96WmvUCMzcPHEdcaLcV2TtFqa+MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSDNwYWE5UUl6Tnc4Y1IxeG90eFhaTzBXcHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZI1AwQA
LZQZAwQALZUBAwQAueMhMA0GCSqGSIb3DQEBCwUAA4IBAQAq4d3elX0hjtP84FSe
CCzB3y7LgpLw8FQ8XfoAAS3BVXVKLUUkiQVLkaDyU8W5gzZNAOdgkqOl0EIazg/4
YmNWqzDDd6bKX8yIdr9nvbLDZqTUOUEuy3I2P5vwUfCaZKojFlV3hC4r33qmxIdl
6ZpzfcZ2B+xNu4nc9cf0uWuDI3gQP2yruSsWGlla166+on1hT405PmKdgxq33H8g
XoH40pt9AbUvFDEfuLeK54Ql2m+SWb7kV3gacT0ANHaSZv8FOOixaJSc3Y2lpUa9
Uqdx8GWXkl87LbOeTaYitKNMy4RHCkBXoKtkEzqeAJiJqx0tgDQ6Jzc/i4QPP58z
IR1q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org