Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XfO9HMqVJ_M7DC5rXYkmSMiFmiE.roa
File: XfO9HMqVJ_M7DC5rXYkmSMiFmiE.roa (raw, json)
Hash identifier: jbWp2Plrniz9AcSVZOtRRdP6ohxhsdbuE2pRmZLd+RM=
Subject key identifier: 5D:F3:BD:1C:CA:95:27:F3:3B:0C:2E:6B:5D:89:26:48:C8:85:9A:21
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0186E062F5C78D1944B90123C0779AC09EA8
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XfO9HMqVJ_M7DC5rXYkmSMiFmiE.roa
Signing time: Tue 14 Mar 2023 13:50:27 +0000
ROA not before: Tue 14 Mar 2023 13:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.140.140.0/22 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.140.188.0/22 maxlen: 24
45.137.204.0/23 maxlen: 24
193.176.244.0/23 maxlen: 24
45.137.207.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
45.140.212.0/24 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Mar 2023 09:42:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:62:f5:c7:8d:19:44:b9:01:23:c0:77:9a:c0:9e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 14 13:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df3bd1cca9527f33b0c2e6b5d892648c8859a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:75:73:41:58:b1:58:90:69:e3:e6:86:1e:19:
9a:26:0d:77:02:c9:4d:90:73:ec:4d:10:53:8e:7c:
e8:74:9b:ae:3f:96:85:32:cd:43:a9:9e:c9:24:b5:
cd:53:85:6b:bf:44:79:26:10:bd:68:4c:c6:ad:0a:
1e:97:88:4f:76:df:3c:48:8a:ba:f3:15:ab:c0:5a:
e2:a4:d6:95:7e:ce:94:d4:1a:22:22:77:33:4a:57:
54:5c:8c:3e:34:5d:b5:8e:f7:7b:9f:78:53:72:01:
fb:1e:d7:5c:bb:2d:ff:23:ec:98:f7:ba:0f:e5:78:
82:87:c0:3e:b1:d2:a0:68:1e:b9:99:c4:32:3c:c2:
79:41:7f:40:68:6d:b7:87:2e:21:e9:85:ed:d9:57:
f8:74:aa:a4:a8:53:2e:09:c8:e6:e5:be:85:c2:98:
36:3a:e6:46:c0:8e:21:be:9b:df:37:d4:bb:e0:3f:
49:ec:40:5d:a7:da:6f:8c:b7:99:ab:4e:17:ad:f9:
b4:32:18:b5:47:ee:6d:c5:b0:eb:90:76:cc:8a:57:
0c:37:7b:0e:86:d2:31:f9:8e:ac:db:ec:56:99:c8:
cb:0c:c3:4d:b6:ac:fc:cd:be:6e:aa:04:51:a8:2f:
6d:f9:97:01:65:6b:6b:36:b7:43:a5:7b:78:45:97:
8c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F3:BD:1C:CA:95:27:F3:3B:0C:2E:6B:5D:89:26:48:C8:85:9A:21
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XfO9HMqVJ_M7DC5rXYkmSMiFmiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.198.0/23
45.137.204.0/22
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.176.244.0/23
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
7a:a8:b4:bc:65:f5:61:f8:33:b5:ae:01:54:a3:28:fa:a4:0a:
f7:95:00:77:bf:c1:cb:47:8c:e2:07:f1:f9:c3:de:57:b0:b1:
dd:53:73:8d:c5:86:a4:22:03:3d:e7:3e:09:b4:5d:b2:01:34:
80:56:ab:b1:69:75:74:4c:e9:f5:72:04:81:c2:88:38:4f:0f:
88:c0:24:98:c6:0d:e6:b9:38:7d:4b:6a:0f:4d:86:48:2d:02:
cb:c7:4a:d2:6f:48:4d:1b:80:43:8d:34:e4:ca:a0:24:13:70:
44:32:01:8a:fe:45:da:c5:8d:8c:0b:6d:56:f4:2e:2e:f6:ad:
8c:23:ad:ae:12:40:57:91:4b:a3:7d:c3:07:52:ba:0c:48:80:
95:0c:41:06:29:3a:c5:73:d3:1b:d0:62:d4:95:05:89:8c:cc:
84:3c:55:b7:29:69:85:cf:95:20:59:72:f1:bd:64:76:82:e0:
34:28:50:13:b1:7d:fc:43:75:2c:c2:25:90:5f:ed:5c:bc:a4:
6c:f1:91:77:9e:97:c6:52:a1:f4:36:38:8d:a9:0e:eb:05:04:
84:fa:b8:b6:0e:1e:82:0d:af:12:51:51:fa:bf:0f:85:aa:a2:
d3:c5:31:27:a7:a5:e4:66:00:b9:f6:37:4a:7e:4e:8f:c5:f8:
89:62:4d:c2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYbgYvXHjRlEuQEjwHeawJ6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzE0MTM1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGYzYmQxY2NhOTUyN2YzM2IwYzJlNmI1ZDg5MjY0OGM4ODU5YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonVzQVixWJBp4+aGHhmaJg13AslN
kHPsTRBTjnzodJuuP5aFMs1DqZ7JJLXNU4Vrv0R5JhC9aEzGrQoel4hPdt88SIq6
8xWrwFripNaVfs6U1BoiInczSldUXIw+NF21jvd7n3hTcgH7Htdcuy3/I+yY97oP
5XiCh8A+sdKgaB65mcQyPMJ5QX9AaG23hy4h6YXt2Vf4dKqkqFMuCcjm5b6Fwpg2
OuZGwI4hvpvfN9S74D9J7EBdp9pvjLeZq04Xrfm0Mhi1R+5txbDrkHbMilcMN3sO
htIx+Y6s2+xWmcjLDMNNtqz8zb5uqgRRqC9t+ZcBZWtrNrdDpXt4RZeM8wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF3zvRzKlSfzOwwua12JJkjIhZohMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWGZPOUhNcVZKX003REM1clhZa21TTWlGbWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQBLYnGAwQC
LYnMAwQCLYyMAwQCLYy8AwQBLYzUAwQBwbD0MA4EAgACMAgDBgAqB+NFATANBgkq
hkiG9w0BAQsFAAOCAQEAeqi0vGX1Yfgzta4BVKMo+qQK95UAd7/By0eM4gfx+cPe
V7Cx3VNzjcWGpCIDPec+CbRdsgE0gFarsWl1dEzp9XIEgcKIOE8PiMAkmMYN5rk4
fUtqD02GSC0Cy8dK0m9ITRuAQ4005MqgJBNwRDIBiv5F2sWNjAttVvQuLvatjCOt
rhJAV5FLo33DB1K6DEiAlQxBBik6xXPTG9Bi1JUFiYzMhDxVtylphc+VIFly8b1k
doLgNChQE7F9/EN1LMIlkF/tXLykbPGRd56XxlKh9DY4jakO6wUEhPq4tg4egg2v
ElFR+r8Phaqi08UxJ6el5GYAufY3Sn5Oj8X4iWJNwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org