Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_2mBXB-j6MEu7iCDGnyq12kezZ4.roa
File: _2mBXB-j6MEu7iCDGnyq12kezZ4.roa (raw, json)
Hash identifier: tVLbL2zlK8/fFxe1i/yNHK/F4S5o2/vOSQKobpuwHn4=
Subject key identifier: FF:69:81:5C:1F:A3:E8:C1:2E:EE:20:83:1A:7C:AA:D7:69:1E:CD:9E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F796E81EB77B0C5A9E0886D8DD06918
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_2mBXB-j6MEu7iCDGnyq12kezZ4.roa
Signing time: Sun 01 Jan 2023 22:35:07 +0000
ROA not before: Sun 01 Jan 2023 22:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3215
IP address blocks: 45.140.214.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jan 2023 11:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:6e:81:eb:77:b0:c5:a9:e0:88:6d:8d:d0:69:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff69815c1fa3e8c12eee20831a7caad7691ecd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:70:84:4a:68:63:be:b5:4b:b8:e1:0d:51:3e:
84:5a:76:21:a7:6d:42:51:41:84:22:f9:c0:48:c9:
dd:e2:83:fa:1a:c0:98:3f:ca:10:44:9a:6c:c1:ad:
8f:19:e0:27:5b:d8:fa:17:67:74:a7:dc:76:77:d3:
71:02:20:d8:20:10:5b:a3:c2:19:fc:d8:bf:08:4c:
df:d9:3b:07:d8:1b:a2:d0:68:ed:e6:9c:da:99:5e:
9b:bc:41:1b:bd:50:c2:2c:85:a2:66:38:53:4a:9b:
0a:20:a8:53:d0:40:b9:2d:4c:bc:1c:3e:c3:84:b7:
4c:81:0f:c6:d5:8b:36:ca:19:2d:15:c3:8f:2e:6e:
18:26:b4:88:97:7f:8d:b6:62:81:8d:6f:00:32:16:
ad:c9:07:23:5e:15:39:de:34:86:00:4f:15:a7:7c:
7b:48:8e:4f:d5:66:4d:f6:dc:4f:50:2a:46:c1:a9:
27:75:b5:13:e6:ec:5e:ac:ef:d4:a1:43:46:ef:90:
5d:ba:ce:a7:36:2a:7c:98:cc:9d:22:97:18:ae:be:
11:97:32:cb:3b:e7:fd:83:45:cc:c5:16:6d:47:5d:
54:96:2b:a0:24:d6:1f:a5:02:72:e4:91:ca:50:47:
e2:1f:aa:82:a2:54:83:24:1c:31:ca:98:da:5e:83:
f9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:69:81:5C:1F:A3:E8:C1:2E:EE:20:83:1A:7C:AA:D7:69:1E:CD:9E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_2mBXB-j6MEu7iCDGnyq12kezZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
Signature Algorithm: sha256WithRSAEncryption
76:7b:00:4f:1d:5b:f1:34:e0:3b:86:2f:4e:09:49:62:1e:d5:
b6:f5:85:e9:b0:3f:d2:77:a2:3f:a9:b6:8b:4f:09:39:0f:c8:
c6:50:7f:c4:3c:d5:d7:26:78:d9:f9:70:74:4e:fb:af:11:6e:
aa:68:8e:bf:23:cc:5e:49:ef:34:09:e3:b2:ab:20:d7:6c:bf:
b4:3a:55:02:44:7c:d6:10:72:3a:bb:e6:b2:54:9b:1f:09:4b:
d9:5b:02:e5:8a:e2:2e:4e:21:65:a4:7a:c0:8c:e7:75:20:03:
6a:dd:05:10:b2:b7:cd:96:96:b7:13:19:59:a1:27:f4:dd:19:
6e:89:63:6b:3c:05:b7:81:3a:57:68:8f:25:96:7f:e0:c4:ea:
05:12:2f:43:da:1d:54:fb:2d:ea:8b:66:3b:06:d7:e7:be:b5:
1a:84:6b:02:ee:9a:c4:71:bf:8a:36:38:9e:dd:12:92:fb:78:
9b:21:85:cc:9a:17:2a:44:e9:03:3f:2f:3b:2f:4c:c4:ba:f0:
f3:66:57:fa:64:0d:46:42:e9:d7:00:03:40:6d:19:31:cd:d1:
f3:a4:20:32:c4:85:fd:2d:c6:de:53:88:ae:3e:f9:38:b3:53:
5b:69:7f:bb:05:9a:5d:ea:2e:d4:91:a2:b4:ae:37:24:4a:28:
26:2f:a5:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVveW6B63ewxangiG2N0GkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY5ODE1YzFmYTNlOGMxMmVlZTIwODMxYTdjYWFkNzY5MWVjZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnCESmhjvrVLuOENUT6EWnYhp21C
UUGEIvnASMnd4oP6GsCYP8oQRJpswa2PGeAnW9j6F2d0p9x2d9NxAiDYIBBbo8IZ
/Ni/CEzf2TsH2Bui0Gjt5pzamV6bvEEbvVDCLIWiZjhTSpsKIKhT0EC5LUy8HD7D
hLdMgQ/G1Ys2yhktFcOPLm4YJrSIl3+NtmKBjW8AMhatyQcjXhU53jSGAE8Vp3x7
SI5P1WZN9txPUCpGwakndbUT5uxerO/UoUNG75Bdus6nNip8mMydIpcYrr4RlzLL
O+f9g0XMxRZtR11UliugJNYfpQJy5JHKUEfiH6qColSDJBwxypjaXoP57wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP9pgVwfo+jBLu4ggxp8qtdpHs2eMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvXzJtQlhCLWo2TUV1N2lDREdueXExMmtlelo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYzWAwQA
LY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5MA0GCSqGSIb3DQEBCwUAA4IBAQB2
ewBPHVvxNOA7hi9OCUliHtW29YXpsD/Sd6I/qbaLTwk5D8jGUH/EPNXXJnjZ+XB0
TvuvEW6qaI6/I8xeSe80CeOyqyDXbL+0OlUCRHzWEHI6u+ayVJsfCUvZWwLliuIu
TiFlpHrAjOd1IANq3QUQsrfNlpa3ExlZoSf03RluiWNrPAW3gTpXaI8lln/gxOoF
Ei9D2h1U+y3qi2Y7BtfnvrUahGsC7prEcb+KNjie3RKS+3ibIYXMmhcqROkDPy87
L0zEuvDzZlf6ZA1GQunXAANAbRkxzdHzpCAyxIX9LcbeU4iuPvk4s1NbaX+7BZpd
6i7UkaK0rjckSigmL6VY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org