Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cvY36vcW-0V8IBg4N8svEHCMB2A.roa
File: cvY36vcW-0V8IBg4N8svEHCMB2A.roa (raw, json)
Hash identifier: 6lML0+q9/LY9WvuKN1aatYgaXS///SM3w2deGaM3rcg=
Subject key identifier: 72:F6:37:EA:F7:16:FB:45:7C:20:18:38:37:CB:2F:10:70:8C:07:60
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F797ACB0AAD3708DDF6BDE4EB663523
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cvY36vcW-0V8IBg4N8svEHCMB2A.roa
Signing time: Sun 01 Jan 2023 22:35:10 +0000
ROA not before: Sun 01 Jan 2023 22:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 45.140.215.0/24 maxlen: 24
45.142.205.0/24 maxlen: 24
45.142.207.0/24 maxlen: 24
45.144.157.0/24 maxlen: 24
45.144.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:7a:cb:0a:ad:37:08:dd:f6:bd:e4:eb:66:35:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f637eaf716fb457c20183837cb2f10708c0760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ab:4e:bb:d0:db:af:9f:72:55:84:47:8e:ae:
68:d4:60:d9:56:77:f8:1c:5e:e7:ad:46:14:a6:2f:
e4:51:63:2e:a9:f6:83:f0:9c:69:18:8e:34:a1:a6:
9c:c2:5a:c4:1a:59:13:04:0e:bd:23:8b:48:03:af:
94:ad:e7:ba:f7:eb:db:95:62:c4:3f:8a:d0:6d:0e:
e7:0e:45:cb:d5:8f:0c:c5:9c:91:5d:72:90:db:5a:
58:46:86:fe:e3:d5:23:4f:ee:94:d9:03:75:22:65:
8c:b4:28:7c:05:d6:52:a1:a0:78:2b:96:ad:53:5d:
77:ce:7c:68:51:0e:3b:83:46:2c:ac:30:fb:91:69:
e8:76:66:68:7f:3c:c8:f5:b8:5e:57:5f:e9:64:8b:
3e:96:8d:85:15:f4:4d:66:09:b8:25:12:ab:f4:58:
e9:74:96:23:66:7c:0f:c6:fc:cb:b6:6b:fc:70:2b:
ca:72:e2:cc:c7:ea:d4:59:c4:53:98:d4:c6:eb:2c:
18:17:60:ef:26:7d:df:ec:a0:84:69:91:90:1c:81:
ec:f6:ea:60:22:43:64:95:67:bc:cf:39:c9:8c:93:
be:5f:d0:c6:09:62:48:2a:ab:2a:a6:74:97:1c:40:
8e:d3:5d:fd:cb:d5:54:b1:a2:19:e6:7c:37:92:73:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F6:37:EA:F7:16:FB:45:7C:20:18:38:37:CB:2F:10:70:8C:07:60
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cvY36vcW-0V8IBg4N8svEHCMB2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.215.0/24
45.142.205.0/24
45.142.207.0/24
45.144.157.0/24
45.144.159.0/24
Signature Algorithm: sha256WithRSAEncryption
65:af:a0:ff:cd:42:58:56:7e:09:20:52:af:da:cb:fe:96:05:
5f:bb:18:24:2c:8e:76:68:ba:bc:1c:fd:9c:2a:0d:52:2a:94:
9b:9b:98:de:81:35:ad:24:2e:d3:83:89:b8:e1:b9:d2:1a:c1:
12:3a:ce:a5:c7:f5:79:e2:35:c7:0b:4e:01:a1:7a:7b:5d:dd:
ad:e2:0e:4b:e3:67:21:e0:af:0f:47:17:5d:25:d3:c2:df:85:
bf:50:93:e0:0d:5c:ce:33:73:d5:61:e5:d0:29:01:da:89:2f:
92:b2:2d:8b:01:17:79:07:5b:f8:2b:31:3f:e7:87:62:32:c0:
f9:9d:e8:93:a6:98:89:4a:68:7a:95:d7:ca:16:87:2f:83:e6:
ae:54:bf:63:a8:26:c8:d2:4b:d8:89:c7:b6:7f:df:a2:f9:7f:
57:99:03:88:34:33:0f:a2:8a:90:8a:d0:99:46:6e:53:cb:90:
f8:7c:0c:2a:23:e6:06:2e:40:23:4f:de:de:d1:ae:91:53:d4:
3a:18:32:98:f8:94:a9:7c:e3:75:f5:68:a7:1c:d4:28:d2:cb:
32:f4:11:11:f1:cf:55:42:fe:f2:a3:2c:2f:b6:28:5e:70:4c:
3f:6a:6d:5a:25:49:51:fe:8d:f0:0f:48:44:42:e2:80:88:13:
66:f5:2f:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVveXrLCq03CN32veTrZjUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY2MzdlYWY3MTZmYjQ1N2MyMDE4MzgzN2NiMmYxMDcwOGMwNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKtOu9Dbr59yVYRHjq5o1GDZVnf4
HF7nrUYUpi/kUWMuqfaD8JxpGI40oaacwlrEGlkTBA69I4tIA6+Uree69+vblWLE
P4rQbQ7nDkXL1Y8MxZyRXXKQ21pYRob+49UjT+6U2QN1ImWMtCh8BdZSoaB4K5at
U113znxoUQ47g0YsrDD7kWnodmZofzzI9bheV1/pZIs+lo2FFfRNZgm4JRKr9Fjp
dJYjZnwPxvzLtmv8cCvKcuLMx+rUWcRTmNTG6ywYF2DvJn3f7KCEaZGQHIHs9upg
IkNklWe8zznJjJO+X9DGCWJIKqsqpnSXHECO0139y9VUsaIZ5nw3knOMjQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHL2N+r3FvtFfCAYODfLLxBwjAdgMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvY3ZZMzZ2Y1ctMFY4SUJnNE44c3ZFSENNQjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYzXAwQA
LY7NAwQALY7PAwQALZCdAwQALZCfMA0GCSqGSIb3DQEBCwUAA4IBAQBlr6D/zUJY
Vn4JIFKv2sv+lgVfuxgkLI52aLq8HP2cKg1SKpSbm5jegTWtJC7Tg4m44bnSGsES
Os6lx/V54jXHC04BoXp7Xd2t4g5L42ch4K8PRxddJdPC34W/UJPgDVzOM3PVYeXQ
KQHaiS+Ssi2LARd5B1v4KzE/54diMsD5neiTppiJSmh6ldfKFocvg+auVL9jqCbI
0kvYice2f9+i+X9XmQOINDMPooqQitCZRm5Ty5D4fAwqI+YGLkAjT97e0a6RU9Q6
GDKY+JSpfON19WinHNQo0ssy9BER8c9VQv7yoywvtihecEw/am1aJUlR/o3wD0hE
QuKAiBNm9S8i
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-fra.rpki-client.org