Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cpTtHc0AZVk7Su9QZvLeMFQ6fGU.roa
File: cpTtHc0AZVk7Su9QZvLeMFQ6fGU.roa (raw, json)
Hash identifier: K7x8I7RybleZ5C/RP+U7ylEglZBPns56gy3UdnpRtyg=
Subject key identifier: 72:94:ED:1D:CD:00:65:59:3B:4A:EF:50:66:F2:DE:30:54:3A:7C:65
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA33C37FC6AF91E4F8D3A21162EDE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cpTtHc0AZVk7Su9QZvLeMFQ6fGU.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14178
IP address blocks: 45.86.248.0/22 maxlen: 22
45.145.251.0/24 maxlen: 24
45.144.188.0/22 maxlen: 24
45.85.224.0/22 maxlen: 22
45.130.138.0/24 maxlen: 24
136.144.41.0/24 maxlen: 24
185.227.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 06:29:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a3:3c:37:fc:6a:f9:1e:4f:8d:3a:21:16:2e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7294ed1dcd0065593b4aef5066f2de30543a7c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c7:85:58:e0:eb:38:7e:a2:a2:ca:0a:83:d8:
83:03:7f:e4:63:84:b4:a1:83:df:f8:4f:bb:38:b7:
40:d3:dc:87:bd:da:ec:f0:fa:a2:99:89:64:b3:49:
f2:f3:0b:6a:68:92:31:a1:d3:43:1e:80:64:b2:68:
97:62:f7:4f:ef:65:fc:56:d9:55:57:ae:5f:88:2e:
65:2f:4b:52:0e:98:fe:e6:90:e6:cd:fc:53:2d:77:
80:ac:f1:40:8c:96:1c:a9:5e:3d:ac:8b:d6:cb:9e:
b8:65:da:18:d9:4e:a2:e9:3a:b3:63:9b:4c:98:31:
23:3b:1d:04:90:8f:67:e2:6d:c0:c0:c8:b9:de:d4:
bd:11:05:d8:d9:ce:1d:01:5c:a8:b5:e1:7c:8e:af:
95:d3:fe:f7:a8:85:e4:ef:88:a4:d7:1d:79:12:e1:
69:5c:51:85:d1:be:c8:c9:20:53:c0:e1:10:3a:ce:
7f:81:76:58:b1:06:86:25:55:19:55:96:65:12:f4:
5e:2d:20:63:64:f3:c5:df:ca:c1:9c:d1:02:dc:cd:
f6:aa:c9:c6:fe:33:3e:42:18:2d:b1:69:57:1d:4f:
53:7a:c0:02:ee:63:3f:8f:6e:24:84:b8:ad:2c:be:
2b:50:21:5f:13:9f:67:fb:e1:46:10:2b:3b:72:7c:
35:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:ED:1D:CD:00:65:59:3B:4A:EF:50:66:F2:DE:30:54:3A:7C:65
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cpTtHc0AZVk7Su9QZvLeMFQ6fGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.224.0/22
45.86.248.0/22
45.130.138.0/24
45.144.188.0/22
45.145.251.0/24
136.144.41.0/24
185.227.35.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:a2:38:ab:38:b6:1a:3a:25:0d:05:63:ce:8c:e7:a6:19:79:
a0:8b:64:8d:8e:44:d3:66:92:79:d1:3e:ef:11:9c:b2:7d:57:
3f:1f:70:aa:c1:aa:17:d1:0e:94:07:70:00:a4:31:00:0f:78:
f6:f0:2b:d1:9d:ec:69:e3:e4:3b:c2:98:01:05:de:40:1c:4a:
f2:96:ab:69:e9:67:33:4d:d9:88:bc:25:f9:9a:4a:50:61:88:
cf:5d:b7:ec:44:e1:b8:20:50:54:e5:b0:8a:8e:bd:a7:41:8a:
63:27:f3:c9:ff:03:7e:77:14:e1:b3:70:e7:c9:6c:5a:62:67:
34:91:78:20:4e:05:39:ba:78:59:9a:dd:df:30:88:31:6e:ad:
31:b5:fa:a0:0c:5a:72:5a:bb:ca:06:47:00:16:b0:45:98:35:
89:49:df:f2:a2:21:85:d6:58:b7:c3:22:2d:0e:d4:c5:d4:9b:
5a:d5:1e:f3:bd:d0:31:b2:e0:8f:a7:7e:60:50:18:a6:7f:a3:
a8:1a:61:7c:f6:3d:b0:4b:12:3c:8f:8b:d8:89:5b:3d:bd:6f:
c6:76:8f:47:ec:f4:a8:12:a3:e5:03:23:f3:ff:8f:06:14:30:
4a:19:86:40:c1:18:4e:d6:3b:aa:14:84:8b:7a:c9:13:1a:6b:
38:de:0f:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIb6M8N/xq+R5PjTohFi7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk0ZWQxZGNkMDA2NTU5M2I0YWVmNTA2NmYyZGUzMDU0M2E3YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8eFWODrOH6iosoKg9iDA3/kY4S0
oYPf+E+7OLdA09yHvdrs8PqimYlks0ny8wtqaJIxodNDHoBksmiXYvdP72X8VtlV
V65fiC5lL0tSDpj+5pDmzfxTLXeArPFAjJYcqV49rIvWy564ZdoY2U6i6TqzY5tM
mDEjOx0EkI9n4m3AwMi53tS9EQXY2c4dAVyoteF8jq+V0/73qIXk74ik1x15EuFp
XFGF0b7IySBTwOEQOs5/gXZYsQaGJVUZVZZlEvReLSBjZPPF38rBnNEC3M32qsnG
/jM+QhgtsWlXHU9TesAC7mM/j24khLitLL4rUCFfE59n++FGECs7cnw1QQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHKU7R3NAGVZO0rvUGby3jBUOnxlMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvY3BUdEhjMEFaVms3U3U5UVp2TGVNRlE2ZkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLVXgAwQC
LVb4AwQALYKKAwQCLZC8AwQALZH7AwQAiJApAwQAueMjMA0GCSqGSIb3DQEBCwUA
A4IBAQC0ojirOLYaOiUNBWPOjOemGXmgi2SNjkTTZpJ50T7vEZyyfVc/H3CqwaoX
0Q6UB3AApDEAD3j28CvRnexp4+Q7wpgBBd5AHErylqtp6WczTdmIvCX5mkpQYYjP
XbfsROG4IFBU5bCKjr2nQYpjJ/PJ/wN+dxThs3DnyWxaYmc0kXggTgU5unhZmt3f
MIgxbq0xtfqgDFpyWrvKBkcAFrBFmDWJSd/yoiGF1li3wyItDtTF1Jta1R7zvdAx
suCPp35gUBimf6OoGmF89j2wSxI8j4vYiVs9vW/Gdo9H7PSoEqPlAyPz/48GFDBK
GYZAwRhO1juqFISLeskTGms43g9O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org