Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OuDyTogY9DEhuz0EOCZFOOMxTqU.roa
File: OuDyTogY9DEhuz0EOCZFOOMxTqU.roa (raw, json)
Hash identifier: Hu1tU8Y36WakqTl5/deMBMlvDj69fLAVlNEuf8Pnvjw=
Subject key identifier: 3A:E0:F2:4E:88:18:F4:31:21:BB:3D:04:38:26:45:38:E3:31:4E:A5
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0185FED753C9F30AB0A1664EAC48FAA76BFB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OuDyTogY9DEhuz0EOCZFOOMxTqU.roa
Signing time: Sun 29 Jan 2023 18:43:22 +0000
ROA not before: Sun 29 Jan 2023 18:43:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.140.140.0/22 maxlen: 24
45.137.206.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
193.176.244.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Mar 2023 13:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fe:d7:53:c9:f3:0a:b0:a1:66:4e:ac:48:fa:a7:6b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 29 18:43:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae0f24e8818f43121bb3d0438264538e3314ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:04:e3:55:6e:df:6c:c7:b7:b6:d2:08:77:c7:
4b:78:f0:91:48:28:6b:9f:00:88:72:6c:d5:07:e7:
4d:0d:d3:46:f8:2c:6b:82:71:90:59:ed:fb:2d:ea:
3d:b3:ce:82:30:16:f3:b5:a4:73:e7:96:9e:98:9b:
e5:8d:f8:97:85:6f:8e:c6:d0:37:c7:d9:33:ea:35:
d7:ea:03:06:65:12:dc:15:7c:13:f5:53:49:18:99:
fe:f7:a7:46:5c:71:f1:0e:bd:73:d1:5e:e3:4b:6a:
16:5e:91:a8:6c:d3:37:39:1e:92:27:ba:2a:3d:c6:
9a:94:f8:38:9f:72:69:3b:04:fa:0d:13:78:c7:f4:
31:1c:56:ff:7c:8c:53:92:a1:fa:d8:fd:c0:be:4f:
7a:f0:30:45:fe:cc:a3:e7:c1:1d:12:33:cf:9e:7d:
d7:d4:9e:0f:5b:d2:76:a4:d0:3d:4f:c2:64:96:21:
b1:5e:0c:ec:c9:8e:2e:7b:18:c5:ae:b3:59:6e:9e:
91:e3:7f:78:63:78:f7:e4:74:e2:bc:ca:49:e1:e6:
97:d8:50:c9:8c:50:52:68:14:cc:a9:96:04:cb:0b:
11:70:01:a0:9a:da:c1:35:6a:72:46:12:1c:78:25:
30:fd:da:89:ae:1c:48:0f:fe:82:45:4c:24:02:de:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E0:F2:4E:88:18:F4:31:21:BB:3D:04:38:26:45:38:E3:31:4E:A5
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/OuDyTogY9DEhuz0EOCZFOOMxTqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.204.0/22
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.176.244.0/23
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
0b:d9:7b:3f:55:a4:26:45:80:70:d3:60:4e:bd:ea:aa:ed:9b:
51:aa:38:35:89:c4:1d:8b:62:4d:6f:4e:51:d1:88:58:45:51:
2e:2a:ae:ba:e1:13:e3:93:21:0c:e0:8a:af:27:2a:06:6c:21:
97:db:b7:80:97:bd:8d:bf:ac:71:3c:9d:62:9c:9e:86:35:f9:
2c:dd:d2:fb:96:54:05:76:4b:cd:52:93:f5:05:52:2b:a5:d7:
44:0a:8d:4b:23:05:b4:a0:f9:1e:20:bb:29:fa:7a:f2:26:45:
45:f6:9f:18:21:cf:0f:e5:d8:4d:b9:5f:e6:d8:65:ef:8a:23:
a1:8f:f2:17:2d:ed:8d:d0:f5:61:28:7f:14:ae:3f:23:7b:e6:
70:ef:6d:33:fb:ab:4a:86:df:32:f9:b1:dc:87:e7:68:39:46:
d1:b8:c5:3e:2a:bd:e8:ee:86:1c:0d:5e:1e:31:ee:88:9f:4c:
49:59:ca:29:ce:b8:8e:c5:cd:44:40:11:c9:66:8e:81:3b:10:
c3:a8:c1:bf:72:f7:b2:dd:4e:e9:09:93:5f:81:71:ee:0b:02:
ba:73:c7:45:cf:a0:6a:58:96:df:ea:af:71:e7:25:65:91:a3:
8e:21:36:7e:b9:9a:23:54:ea:c9:ed:f7:09:69:48:f5:85:37:
d8:d4:53:63
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYX+11PJ8wqwoWZOrEj6p2v7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTI5MTg0MzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWUwZjI0ZTg4MThmNDMxMjFiYjNkMDQzODI2NDUzOGUzMzE0ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugTjVW7fbMe3ttIId8dLePCRSChr
nwCIcmzVB+dNDdNG+CxrgnGQWe37Leo9s86CMBbztaRz55aemJvljfiXhW+OxtA3
x9kz6jXX6gMGZRLcFXwT9VNJGJn+96dGXHHxDr1z0V7jS2oWXpGobNM3OR6SJ7oq
PcaalPg4n3JpOwT6DRN4x/QxHFb/fIxTkqH62P3Avk968DBF/syj58EdEjPPnn3X
1J4PW9J2pNA9T8JkliGxXgzsyY4uexjFrrNZbp6R4394Y3j35HTivMpJ4eaX2FDJ
jFBSaBTMqZYEywsRcAGgmtrBNWpyRhIceCUw/dqJrhxID/6CRUwkAt5aQwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDrg8k6IGPQxIbs9BDgmRTjjMU6lMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvT3VEeVRvZ1k5REVodXowRU9DWkZPT014VHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCLYnMAwQC
LYyMAwQCLYy8AwQBLYzUAwQBwbD0MA4EAgACMAgDBgAqB+NFATANBgkqhkiG9w0B
AQsFAAOCAQEAC9l7P1WkJkWAcNNgTr3qqu2bUao4NYnEHYtiTW9OUdGIWEVRLiqu
uuET45MhDOCKrycqBmwhl9u3gJe9jb+scTydYpyehjX5LN3S+5ZUBXZLzVKT9QVS
K6XXRAqNSyMFtKD5HiC7Kfp68iZFRfafGCHPD+XYTblf5thl74ojoY/yFy3tjdD1
YSh/FK4/I3vmcO9tM/urSobfMvmx3IfnaDlG0bjFPiq96O6GHA1eHjHuiJ9MSVnK
Kc64jsXNREARyWaOgTsQw6jBv3L3st1O6QmTX4Fx7gsCunPHRc+galiW3+qvcecl
ZZGjjiE2frmaI1Tqye33CWlI9YU32NRTYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org