Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qa3rQa7NE0TzcRBFo2H5y3Smqfc.roa
File: qa3rQa7NE0TzcRBFo2H5y3Smqfc.roa (raw, json)
Hash identifier: hazdOWaESF/qiDYNAn1ab/12exc1ANL0HVfjYa4pEoc=
Subject key identifier: A9:AD:EB:41:AE:CD:13:44:F3:71:10:45:A3:61:F9:CB:74:A6:A9:F7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F7995A2D047B98E83F754E5BB97B7EA
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qa3rQa7NE0TzcRBFo2H5y3Smqfc.roa
Signing time: Sun 01 Jan 2023 22:35:17 +0000
ROA not before: Sun 01 Jan 2023 22:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 91.206.168.0/24 maxlen: 24
45.149.3.0/24 maxlen: 24
45.95.242.0/24 maxlen: 24
45.130.139.0/24 maxlen: 24
45.130.137.0/24 maxlen: 24
45.139.253.0/24 maxlen: 24
45.139.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:95:a2:d0:47:b9:8e:83:f7:54:e5:bb:97:b7:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9adeb41aecd1344f3711045a361f9cb74a6a9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:18:91:e5:15:12:7a:42:62:1d:12:29:90:
51:70:f3:89:5c:03:d7:ca:70:9a:bf:7d:c7:0e:81:
03:2a:b6:d9:16:c1:78:a0:15:18:94:1e:1d:fd:51:
16:30:29:6b:19:89:54:50:72:16:c8:7a:da:42:5f:
76:e0:1d:2a:6c:77:68:0b:61:a0:b7:b5:dc:5a:69:
17:46:8f:bc:a5:f0:dc:be:89:87:85:51:33:21:98:
4e:a0:fe:61:fb:7b:4d:10:4e:be:23:65:af:af:25:
fa:d7:3a:50:4c:f6:ae:01:f3:96:18:50:89:5a:f2:
10:bd:a9:f6:fa:ca:15:a5:8a:44:d3:2f:36:7b:9a:
38:24:8f:8a:c7:c7:46:bd:a7:ab:6c:b5:f8:24:15:
d8:45:4e:87:44:97:1c:d1:bb:ee:16:31:96:5c:43:
04:3a:b2:74:f3:34:ba:8c:9c:77:22:f7:a0:e9:b8:
5d:35:49:08:9b:74:ac:42:85:bc:0b:de:ce:69:9d:
ab:72:54:4c:11:c1:ea:de:62:75:e5:42:5b:28:ce:
d0:8c:d3:32:43:2b:ff:2d:06:dc:f2:af:90:73:ae:
b4:b0:18:b0:f1:ca:bf:c3:bd:9c:e8:c7:6b:53:4e:
9c:f0:7e:ba:43:20:e3:71:83:fa:da:c8:ba:be:74:
b7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AD:EB:41:AE:CD:13:44:F3:71:10:45:A3:61:F9:CB:74:A6:A9:F7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/qa3rQa7NE0TzcRBFo2H5y3Smqfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.242.0/24
45.130.137.0/24
45.130.139.0/24
45.139.252.0/23
45.149.3.0/24
91.206.168.0/24
Signature Algorithm: sha256WithRSAEncryption
52:50:a9:c6:a7:bd:72:60:0e:71:1a:9e:74:b1:ea:6f:c5:2b:
b4:96:e1:02:76:98:1c:f6:a5:3c:c0:44:fc:34:e5:0f:aa:e0:
c3:91:5c:58:39:a7:5a:68:43:81:ec:a4:6a:81:f5:02:39:e6:
99:5e:e5:24:61:ec:ef:48:52:d2:03:c7:6a:7a:c2:9e:7a:79:
90:4b:6f:a3:cc:24:c6:3a:65:88:b0:8a:ab:da:cf:9e:67:7f:
a0:d1:7d:d8:4a:76:31:41:b0:cc:3d:b2:79:6d:af:b2:12:bd:
b8:a8:b9:7b:ea:0d:ab:1d:b2:38:b2:a1:0f:05:e1:56:ca:20:
da:c1:35:0a:d8:76:f1:11:d5:75:85:90:6f:30:71:cf:8c:29:
0b:49:11:e2:cf:0b:1e:38:ca:8c:ee:79:75:38:d2:81:ff:57:
a5:ee:de:ae:54:ac:b5:2d:89:5e:eb:f2:ff:9f:b7:5e:68:2f:
ed:c5:36:88:d7:38:62:dc:bf:4c:f9:85:34:8b:87:d0:03:47:
e1:5b:46:77:2a:6c:0e:fb:e3:d0:54:2f:0b:07:e4:d2:f4:da:
00:2e:83:0f:62:92:70:34:45:10:11:7e:50:4c:25:bf:7c:87:
e5:cb:82:6b:1a:a3:e4:99:4a:53:2b:b0:d6:c8:0a:26:7a:a8:
3b:f4:10:6b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVveZWi0Ee5joP3VOW7l7fqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFkZWI0MWFlY2QxMzQ0ZjM3MTEwNDVhMzYxZjljYjc0YTZhOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsosYkeUVEnpCYh0SKZBRcPOJXAPX
ynCav33HDoEDKrbZFsF4oBUYlB4d/VEWMClrGYlUUHIWyHraQl924B0qbHdoC2Gg
t7XcWmkXRo+8pfDcvomHhVEzIZhOoP5h+3tNEE6+I2WvryX61zpQTPauAfOWGFCJ
WvIQvan2+soVpYpE0y82e5o4JI+Kx8dGvaerbLX4JBXYRU6HRJcc0bvuFjGWXEME
OrJ08zS6jJx3Iveg6bhdNUkIm3SsQoW8C97OaZ2rclRMEcHq3mJ15UJbKM7QjNMy
Qyv/LQbc8q+Qc660sBiw8cq/w72c6MdrU06c8H66QyDjcYP62si6vnS39QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKmt60GuzRNE83EQRaNh+ct0pqn3MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcWEzclFhN05FMFR6Y1JCRm8ySDV5M1NtcWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oMA0GCSqGSIb3DQEBCwUAA4IBAQBS
UKnGp71yYA5xGp50sepvxSu0luECdpgc9qU8wET8NOUPquDDkVxYOadaaEOB7KRq
gfUCOeaZXuUkYezvSFLSA8dqesKeenmQS2+jzCTGOmWIsIqr2s+eZ3+g0X3YSnYx
QbDMPbJ5ba+yEr24qLl76g2rHbI4sqEPBeFWyiDawTUK2HbxEdV1hZBvMHHPjCkL
SRHizwseOMqM7nl1ONKB/1el7t6uVKy1LYle6/L/n7deaC/txTaI1zhi3L9M+YU0
i4fQA0fhW0Z3KmwO++PQVC8LB+TS9NoALoMPYpJwNEUQEX5QTCW/fIfly4JrGqPk
mUpTK7DWyAomeqg79BBr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-ams.rpki-client.org