Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/taRVLK7URTCDA47-_BXbLa6aCtI.roa
File: taRVLK7URTCDA47-_BXbLa6aCtI.roa (raw, json)
Hash identifier: SMHVoBxKh7VdipiwRADmsE8sqhnDR4O2aIAZD1o1YSU=
Subject key identifier: B5:A4:55:2C:AE:D4:45:30:83:03:8E:FE:FC:15:DB:2D:AE:9A:0A:D2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B4E417BAA20C91AA77784B34BD3C4B248
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/taRVLK7URTCDA47-_BXbLa6aCtI.roa
Signing time: Fri 20 Oct 2023 18:03:16 +0000
ROA not before: Fri 20 Oct 2023 18:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 45.95.240.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
45.130.142.0/24 maxlen: 24
45.148.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 14:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:41:7b:aa:20:c9:1a:a7:77:84:b3:4b:d3:c4:b2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 20 18:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a4552caed4453083038efefc15db2dae9a0ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ac:c4:4f:6e:64:8f:79:e8:6c:72:05:d7:2b:
34:c1:65:72:64:01:a8:1b:0b:17:65:c9:84:8d:07:
d4:a3:80:f7:0f:0f:74:28:68:7d:0e:24:bc:bb:ad:
6f:18:ea:6e:55:02:da:c2:63:de:c4:53:eb:c7:f9:
71:2f:94:55:cf:4f:15:54:a9:6f:02:e7:9d:aa:f4:
3f:fa:5e:80:c1:b5:b2:98:20:3c:52:ba:99:43:ed:
5a:f8:b4:1e:38:81:ca:9c:5a:52:d0:89:a7:bb:00:
ee:87:d2:c7:f3:d2:0f:7c:eb:22:65:db:fb:7d:cd:
c9:6c:0d:a9:88:c0:1a:58:b4:63:16:74:f8:a7:d9:
50:e0:e4:21:7d:11:60:11:d7:90:18:1b:49:e6:5d:
63:c0:11:14:17:aa:d3:2f:55:c0:73:ad:db:5d:22:
2d:bb:47:ad:1d:56:1a:a9:df:c8:19:cf:39:43:ce:
75:02:44:a1:cb:ee:89:28:19:09:8a:26:8b:14:f2:
8a:f2:8a:de:27:9d:cf:16:0a:38:a7:2e:8c:b3:e2:
02:c3:60:8d:23:17:fd:9b:5b:67:00:eb:d9:5c:23:
3c:66:a9:57:cb:f7:d6:3c:25:f2:6e:d9:36:e7:8b:
a9:89:e5:11:01:74:55:4b:78:90:62:09:6f:81:c1:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A4:55:2C:AE:D4:45:30:83:03:8E:FE:FC:15:DB:2D:AE:9A:0A:D2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/taRVLK7URTCDA47-_BXbLa6aCtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.240.0/24
45.130.142.0/24
45.148.96.0/24
45.149.104.0/24
Signature Algorithm: sha256WithRSAEncryption
66:3e:7c:4e:e2:8b:f2:02:aa:8d:3b:9b:32:56:53:c3:cc:bc:
2f:99:02:bb:48:f0:d5:a3:29:4c:84:e4:4f:00:b8:92:6d:5d:
6f:90:b0:69:82:30:2c:6e:71:d6:5d:9e:7e:fd:3d:e1:ee:b8:
63:d4:1f:fc:09:56:2f:91:cb:54:5f:50:e4:5c:de:a1:3e:7a:
a4:c2:11:64:c6:72:c8:7a:0b:fb:88:10:11:1f:9e:01:a4:a8:
b8:0c:7f:88:85:0f:3a:2c:a9:1c:12:e8:83:95:72:22:93:6e:
06:f8:67:ff:df:51:9d:a7:b6:5f:64:7d:7d:5b:44:79:6f:77:
1d:26:c7:86:19:6d:d8:8d:30:23:ff:62:45:2b:e9:71:56:08:
bf:0f:d1:7b:5c:82:06:b3:d3:ab:9d:c8:6f:67:13:d3:7a:0e:
94:96:3d:76:90:f5:2b:d2:d4:1b:58:b8:ed:27:fd:b9:bc:8e:
25:f7:37:7b:19:e6:a6:fa:5b:5d:37:16:4c:a1:6b:c3:9c:d5:
d6:5d:24:18:dc:15:ac:38:c6:a7:93:3f:eb:d7:9f:c4:27:3f:
e0:d9:22:b0:15:4f:0c:60:85:b2:60:f0:4b:be:23:22:e7:18:
4a:6c:3d:9d:de:82:b7:b3:1b:ab:79:57:7b:42:7e:b2:0f:19:
0e:17:dc:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtOQXuqIMkap3eEs0vTxLJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMDIwMTgwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE0NTUyY2FlZDQ0NTMwODMwMzhlZmVmYzE1ZGIyZGFlOWEwYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6zET25kj3nobHIF1ys0wWVyZAGo
GwsXZcmEjQfUo4D3Dw90KGh9DiS8u61vGOpuVQLawmPexFPrx/lxL5RVz08VVKlv
AuedqvQ/+l6AwbWymCA8UrqZQ+1a+LQeOIHKnFpS0ImnuwDuh9LH89IPfOsiZdv7
fc3JbA2piMAaWLRjFnT4p9lQ4OQhfRFgEdeQGBtJ5l1jwBEUF6rTL1XAc63bXSIt
u0etHVYaqd/IGc85Q851AkShy+6JKBkJiiaLFPKK8oreJ53PFgo4py6Ms+ICw2CN
Ixf9m1tnAOvZXCM8ZqlXy/fWPCXybtk254upieURAXRVS3iQYglvgcGLFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLWkVSyu1EUwgwOO/vwV2y2umgrSMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdGFSVkxLN1VSVENEQTQ3LV9CWGJMYTZhQ3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALV/wAwQA
LYKOAwQALZRgAwQALZVoMA0GCSqGSIb3DQEBCwUAA4IBAQBmPnxO4ovyAqqNO5sy
VlPDzLwvmQK7SPDVoylMhORPALiSbV1vkLBpgjAsbnHWXZ5+/T3h7rhj1B/8CVYv
kctUX1DkXN6hPnqkwhFkxnLIegv7iBARH54BpKi4DH+IhQ86LKkcEuiDlXIik24G
+Gf/31Gdp7ZfZH19W0R5b3cdJseGGW3YjTAj/2JFK+lxVgi/D9F7XIIGs9Ornchv
ZxPTeg6Ulj12kPUr0tQbWLjtJ/25vI4l9zd7Geam+ltdNxZMoWvDnNXWXSQY3BWs
OMankz/r15/EJz/g2SKwFU8MYIWyYPBLviMi5xhKbD2d3oK3sxureVd7Qn6yDxkO
F9yz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org