Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b7FYkrn72Ev2fDK5VdQ7fFHKrRo.roa
File: b7FYkrn72Ev2fDK5VdQ7fFHKrRo.roa (raw, json)
Hash identifier: SCM6mIkjb56p6NlXbyiWuvlJwKrn1hDhM4b9JYEQ33Q=
Subject key identifier: 6F:B1:58:92:B9:FB:D8:4B:F6:7C:32:B9:55:D4:3B:7C:51:CA:AD:1A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0185F2FA549B9B65A8EDAC83EB5604EBCE8E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b7FYkrn72Ev2fDK5VdQ7fFHKrRo.roa
Signing time: Fri 27 Jan 2023 11:26:09 +0000
ROA not before: Fri 27 Jan 2023 11:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 45.140.214.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
2a0f:e381::/32 maxlen: 32
2a07:e343::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:fa:54:9b:9b:65:a8:ed:ac:83:eb:56:04:eb:ce:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 27 11:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fb15892b9fbd84bf67c32b955d43b7c51caad1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c7:53:cd:95:27:88:9f:27:66:34:45:96:c8:
38:a7:54:ed:59:72:ce:e8:2f:5f:56:fd:4a:58:70:
2a:c9:95:52:9a:85:e4:d9:ac:e1:54:c8:b2:c6:a4:
cb:29:0b:a6:29:70:f8:a4:c2:cf:fb:0f:dd:91:da:
28:41:48:37:8a:65:a9:5e:dd:42:fa:54:e3:2a:b9:
37:1d:b6:85:5b:8d:75:1a:d8:29:5b:79:c8:cd:02:
d0:e3:5e:00:f8:30:dd:8d:36:86:59:18:4d:32:b1:
7d:61:66:a7:23:f7:1e:9b:4c:49:c8:ac:69:46:9d:
fb:e6:3f:d0:cb:a8:87:6c:18:0b:1e:fc:3a:75:d8:
75:62:4e:0c:b5:32:5f:ec:b6:6d:3a:5c:5c:6c:d0:
d3:3b:20:28:d8:bf:51:29:32:00:c5:97:d4:b3:7b:
51:ec:59:2d:50:d2:44:91:c0:c3:62:73:6b:cb:dc:
28:76:22:b0:da:61:c0:f5:b5:fd:20:8e:d5:c6:53:
82:d3:a3:b8:cf:1f:44:3e:84:4e:09:95:15:1f:4e:
50:13:23:41:b7:39:e7:7d:2b:bd:f0:56:07:aa:2f:
ea:09:2d:3e:19:2b:5b:a4:5c:65:d7:b3:70:28:17:
a7:43:e3:05:83:8a:09:25:78:74:51:75:a2:29:6f:
c5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B1:58:92:B9:FB:D8:4B:F6:7C:32:B9:55:D4:3B:7C:51:CA:AD:1A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/b7FYkrn72Ev2fDK5VdQ7fFHKrRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
6e:0e:38:0f:dc:2a:92:49:a1:d9:8f:2e:09:27:01:e8:b3:90:
5f:de:3a:e2:a9:00:7f:e4:1a:27:33:99:96:09:8d:ba:67:f9:
61:1a:89:d0:c3:1e:f8:ff:98:e8:d8:0a:95:f0:e8:8e:f1:1c:
de:4a:25:51:ea:6e:22:b1:f3:47:cd:17:e7:7d:9f:4b:6b:62:
0a:b5:5d:12:33:98:ca:2f:96:a6:e6:a1:b9:81:15:20:ff:94:
46:e0:bd:47:74:72:ce:f8:e8:99:3c:d3:26:53:85:a4:48:16:
b6:84:6c:d3:4d:b8:e8:3a:d9:fb:e5:c0:29:79:43:e9:14:1c:
2c:b3:d9:e6:17:2c:72:27:8c:48:2a:fb:b1:f5:68:eb:9e:dc:
cd:56:0f:83:74:44:a6:14:28:1f:f1:46:05:0e:8b:ea:c7:b0:
66:5f:27:3c:d6:f9:d0:cc:67:81:ac:90:ef:fb:8e:0d:b6:b7:
40:fa:b2:ec:d6:90:04:e7:32:71:7d:f7:ca:ad:ee:01:8d:5c:
7c:0f:8f:bc:37:bc:10:f0:17:25:ad:e6:4d:ba:04:d2:b8:72:
c9:91:83:77:e4:08:03:5b:ad:70:e5:d0:c9:35:9d:b1:29:21:
c7:27:86:2f:76:45:fb:10:53:80:43:1a:01:a6:64:5a:ef:b6:
3e:bc:a5:b7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYXy+lSbm2Wo7ayD61YE686OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTI3MTEyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmIxNTg5MmI5ZmJkODRiZjY3YzMyYjk1NWQ0M2I3YzUxY2FhZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsdTzZUniJ8nZjRFlsg4p1TtWXLO
6C9fVv1KWHAqyZVSmoXk2azhVMiyxqTLKQumKXD4pMLP+w/dkdooQUg3imWpXt1C
+lTjKrk3HbaFW411GtgpW3nIzQLQ414A+DDdjTaGWRhNMrF9YWanI/cem0xJyKxp
Rp375j/Qy6iHbBgLHvw6ddh1Yk4MtTJf7LZtOlxcbNDTOyAo2L9RKTIAxZfUs3tR
7FktUNJEkcDDYnNry9wodiKw2mHA9bX9II7VxlOC06O4zx9EPoROCZUVH05QEyNB
tznnfSu98FYHqi/qCS0+GStbpFxl17NwKBenQ+MFg4oJJXh0UXWiKW/FFQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFG+xWJK5+9hL9nwyuVXUO3xRyq0aMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYjdGWWtybjcyRXYyZkRLNVZkUTdmRkhLclJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQALYzWAwQA
LY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5MBQEAgACMA4DBQAqB+NDAwUAKg/j
gTANBgkqhkiG9w0BAQsFAAOCAQEAbg44D9wqkkmh2Y8uCScB6LOQX9464qkAf+Qa
JzOZlgmNumf5YRqJ0MMe+P+Y6NgKlfDojvEc3kolUepuIrHzR80X532fS2tiCrVd
EjOYyi+WpuahuYEVIP+URuC9R3RyzvjomTzTJlOFpEgWtoRs00246DrZ++XAKXlD
6RQcLLPZ5hcscieMSCr7sfVo657czVYPg3REphQoH/FGBQ6L6sewZl8nPNb50Mxn
gayQ7/uODba3QPqy7NaQBOcycX33yq3uAY1cfA+PvDe8EPAXJa3mTboE0rhyyZGD
d+QIA1utcOXQyTWdsSkhxyeGL3ZF+xBTgEMaAaZkWu+2Pryltw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org