Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/RTRFMqztA4ZzLY64mIxibmcA_oc.roa
File: RTRFMqztA4ZzLY64mIxibmcA_oc.roa (raw, json)
Hash identifier: NZywTq6x1ME1k05GkPP6QdnjcSinBPb+kMY6UL27t94=
Subject key identifier: 45:34:45:32:AC:ED:03:86:73:2D:8E:B8:98:8C:62:6E:67:00:FE:87
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA90D7C18004CE4E3AEF82F713FE6
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/RTRFMqztA4ZzLY64mIxibmcA_oc.roa
Signing time: Tue 02 Jan 2024 04:30:10 +0000
ROA not before: Tue 02 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 45.148.25.0/24 maxlen: 24
45.149.1.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
89.251.0.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
185.227.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a9:0d:7c:18:00:4c:e4:e3:ae:f8:2f:71:3f:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45344532aced0386732d8eb8988c626e6700fe87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ea:66:ec:92:0e:6f:4d:1a:92:fe:a9:15:48:
d6:61:06:57:c7:3a:79:4a:c1:a2:a6:9c:9d:dc:f6:
6e:c7:9e:d4:39:c2:34:75:44:b0:f1:b4:74:23:88:
e9:1d:9f:44:62:90:d2:45:1e:fd:18:0d:0c:1a:e7:
2e:69:be:9e:b1:09:3a:a2:74:e8:1e:f6:b5:74:29:
ed:78:c2:ec:28:ff:9f:a2:f0:ea:89:88:9b:29:0c:
f9:13:81:b1:04:c3:9b:36:e7:32:b4:28:8a:bf:d9:
7e:18:6b:08:a7:2c:c6:53:a5:95:69:03:4b:f1:96:
49:5c:b2:b5:40:b9:33:5b:9e:1c:28:56:57:50:0b:
80:d3:86:68:8a:44:28:5f:62:27:2c:7a:4c:78:0f:
93:7e:a6:96:96:b9:df:e4:3e:d1:e1:9a:4a:09:16:
3d:9b:d1:30:72:25:e4:b2:b5:55:e0:ee:d9:ba:70:
92:1b:49:71:5a:b2:c6:68:e2:9c:4f:af:d1:08:d8:
7d:99:5f:5c:ca:cd:7f:e8:13:c8:54:6c:af:cd:0c:
d9:03:9c:e5:c8:05:e3:ae:0f:f2:d3:7d:86:33:47:
aa:34:02:81:e7:d1:da:ec:a8:21:f7:90:09:8f:b7:
ce:15:e9:1e:eb:ed:ed:3f:8b:0f:45:91:ac:87:72:
0f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:34:45:32:AC:ED:03:86:73:2D:8E:B8:98:8C:62:6E:67:00:FE:87
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/RTRFMqztA4ZzLY64mIxibmcA_oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.53.0/24
45.148.25.0/24
45.149.1.0/24
45.150.93.0/24
45.154.137.0/24
45.157.112.0/24
89.251.0.0/24
89.251.2.0/24
185.227.33.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f6:0c:a3:8d:42:41:d5:78:7a:f8:04:ab:7d:d3:ed:7e:80:
3a:5b:05:80:40:97:e1:59:53:89:bf:ea:e5:d1:54:f3:26:71:
43:53:1f:1c:29:fb:8b:bd:44:55:71:aa:54:cc:c5:1a:c4:d0:
18:7b:c0:17:4f:e8:a4:9c:c9:4b:c3:44:5b:45:9f:72:01:07:
e7:41:dd:d0:d9:88:2d:5d:fe:51:8a:02:9c:fc:4c:65:f2:aa:
21:ff:7e:80:cd:b1:dd:e4:9a:7f:d6:c8:32:2f:43:d8:a9:06:
df:f4:42:36:f5:9a:31:87:0c:32:db:7e:1c:ec:19:13:12:21:
be:ca:9e:25:5e:86:1d:8f:12:fc:29:1e:78:80:b6:92:f0:1c:
8f:62:8c:2e:62:60:d4:37:00:53:6a:c4:bb:68:c0:df:c4:b6:
e0:5a:0b:02:3a:a5:0b:fd:aa:43:68:c4:7b:f3:c5:52:17:d2:
82:86:1b:bd:df:60:6a:d2:78:b1:31:9b:4e:72:bb:ae:7b:90:
3d:3c:4d:20:f8:6f:f8:f6:ae:22:cd:15:1e:59:f5:d8:28:71:
ec:04:7f:11:73:45:e9:21:e3:68:27:e5:b4:b8:16:87:0d:00:
ba:ce:c7:4f:f2:a3:a6:9f:84:d7:ce:8e:53:2b:b1:d7:57:7c:
c2:1a:8f:0b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzIb6kNfBgATOTjrvgvcT/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTM0NDUzMmFjZWQwMzg2NzMyZDhlYjg5ODhjNjI2ZTY3MDBmZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOpm7JIOb00akv6pFUjWYQZXxzp5
SsGippyd3PZux57UOcI0dUSw8bR0I4jpHZ9EYpDSRR79GA0MGucuab6esQk6onTo
Hva1dCnteMLsKP+fovDqiYibKQz5E4GxBMObNucytCiKv9l+GGsIpyzGU6WVaQNL
8ZZJXLK1QLkzW54cKFZXUAuA04ZoikQoX2InLHpMeA+TfqaWlrnf5D7R4ZpKCRY9
m9EwciXksrVV4O7ZunCSG0lxWrLGaOKcT6/RCNh9mV9cys1/6BPIVGyvzQzZA5zl
yAXjrg/y032GM0eqNAKB59Ha7Kgh95AJj7fOFeke6+3tP4sPRZGsh3IP8wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEU0RTKs7QOGcy2OuJiMYm5nAP6HMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUlRSRk1xenRBNFp6TFk2NG1JeGlibWNBX29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZI1AwQA
LZQZAwQALZUBAwQALZZdAwQALZqJAwQALZ1wAwQAWfsAAwQAWfsCAwQAueMhMA0G
CSqGSIb3DQEBCwUAA4IBAQAx9gyjjUJB1Xh6+ASrfdPtfoA6WwWAQJfhWVOJv+rl
0VTzJnFDUx8cKfuLvURVcapUzMUaxNAYe8AXT+iknMlLw0RbRZ9yAQfnQd3Q2Ygt
Xf5RigKc/Exl8qoh/36AzbHd5Jp/1sgyL0PYqQbf9EI29Zoxhwwy234c7BkTEiG+
yp4lXoYdjxL8KR54gLaS8ByPYowuYmDUNwBTasS7aMDfxLbgWgsCOqUL/apDaMR7
88VSF9KChhu932Bq0nixMZtOcruue5A9PE0g+G/49q4izRUeWfXYKHHsBH8Rc0Xp
IeNoJ+W0uBaHDQC6zsdP8qOmn4TXzo5TK7HXV3zCGo8L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org