Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vTvcRONj-uvf3Ej604R_sqi4PwQ.roa
File: vTvcRONj-uvf3Ej604R_sqi4PwQ.roa (raw, json)
Hash identifier: 4Cl9zENPxLYFUJwoBXP3XtteP6YwE8i18vjOg7czPns=
Subject key identifier: BD:3B:DC:44:E3:63:FA:EB:DF:DC:48:FA:D3:84:7F:B2:A8:B8:3F:04
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0187E718C338F6E726D5E090004EB0D27BD9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vTvcRONj-uvf3Ej604R_sqi4PwQ.roa
Signing time: Thu 04 May 2023 14:09:32 +0000
ROA not before: Thu 04 May 2023 14:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 91.206.168.0/24 maxlen: 24
45.149.3.0/24 maxlen: 24
45.95.242.0/24 maxlen: 24
93.185.162.0/24 maxlen: 24
45.130.139.0/24 maxlen: 24
45.130.137.0/24 maxlen: 24
45.139.253.0/24 maxlen: 24
45.139.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:18:c3:38:f6:e7:26:d5:e0:90:00:4e:b0:d2:7b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: May 4 14:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd3bdc44e363faebdfdc48fad3847fb2a8b83f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:87:f0:ec:74:8f:63:8b:00:fd:bf:da:d8:
40:a8:81:68:9f:f2:bf:4f:29:af:ec:d6:64:5a:94:
60:c6:8d:da:61:89:15:a6:de:44:c9:5d:c8:52:79:
df:aa:be:57:be:b3:44:ea:03:e8:02:7a:24:14:8a:
fc:6b:52:4f:d5:b5:07:ae:00:d4:bb:6e:f8:d4:aa:
bf:61:f3:36:31:5e:54:22:14:4d:a4:82:e3:44:50:
4b:d9:c4:d3:48:c6:eb:d4:52:d8:a7:9c:13:23:d3:
d7:46:a0:b3:d0:65:53:ce:88:1c:3e:21:67:95:9d:
dc:b7:4a:48:89:6a:d9:e3:8c:14:c3:7b:09:dc:01:
5f:d3:49:b5:f6:e5:1f:39:2d:d1:49:15:39:24:7e:
be:9c:01:7e:ab:2a:b9:7d:bd:1c:7b:f8:18:58:30:
fa:9d:cf:a7:06:ae:9c:df:ae:78:ed:fb:cf:4c:50:
af:f7:f7:9c:86:58:57:fa:8a:fb:6b:49:ce:01:30:
6e:94:6d:a8:89:bc:52:80:40:c8:cd:80:a5:e4:b1:
2a:54:2d:b5:59:6e:b3:9e:a2:f5:2e:53:bd:a2:7f:
37:20:6f:3e:a2:b7:f6:01:d4:ce:c2:f4:6f:69:df:
a3:66:d2:89:44:4c:87:d7:b7:5d:47:79:11:d1:23:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3B:DC:44:E3:63:FA:EB:DF:DC:48:FA:D3:84:7F:B2:A8:B8:3F:04
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/vTvcRONj-uvf3Ej604R_sqi4PwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.242.0/24
45.130.137.0/24
45.130.139.0/24
45.139.252.0/23
45.149.3.0/24
91.206.168.0/24
93.185.162.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:b6:42:d6:95:4e:6e:82:ed:67:fe:37:90:77:8a:77:90:81:
ab:5e:83:81:41:5c:a2:c3:bb:83:2f:6e:75:a2:28:7a:2c:11:
17:67:a4:7b:4f:7b:8e:6d:4b:a8:d8:5d:bc:ab:10:04:79:45:
94:48:60:5d:50:d9:95:1b:46:09:14:dc:75:05:39:6b:72:0c:
ec:27:d1:60:96:f5:31:d6:a7:f5:b2:23:84:84:0a:3e:80:17:
fa:49:78:a4:f6:46:10:ea:14:66:5b:d1:67:a4:23:e2:9e:4d:
10:1a:a1:d5:89:cb:5a:a5:10:fb:9b:db:9b:b8:79:5c:0c:40:
58:b7:19:56:f4:ec:dd:5f:a0:de:9a:ad:6c:af:a9:d8:89:5c:
33:74:9f:e2:78:10:69:a7:ce:e5:4e:46:88:dd:19:09:e2:a6:
53:0f:ca:f8:22:bf:7c:50:3f:34:2b:b4:e2:4d:f7:3e:07:52:
cf:c1:a2:d3:87:a5:55:f3:4f:12:2b:5c:89:46:44:9f:bd:3b:
ce:73:36:bb:9c:2c:e0:b4:e2:67:f7:5c:a3:49:db:e6:34:92:
08:50:99:ad:8e:0d:8e:2d:1f:cb:e4:5c:13:23:46:a4:57:a1:
52:60:e8:f5:d6:5e:32:8d:ad:bc:ae:bc:b5:f1:f4:75:3a:5d:
ce:67:0b:01
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYfnGMM49ucm1eCQAE6w0nvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNTA0MTQwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNiZGM0NGUzNjNmYWViZGZkYzQ4ZmFkMzg0N2ZiMmE4YjgzZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa+H8Ox0j2OLAP2/2thAqIFon/K/
Tymv7NZkWpRgxo3aYYkVpt5EyV3IUnnfqr5XvrNE6gPoAnokFIr8a1JP1bUHrgDU
u2741Kq/YfM2MV5UIhRNpILjRFBL2cTTSMbr1FLYp5wTI9PXRqCz0GVTzogcPiFn
lZ3ct0pIiWrZ44wUw3sJ3AFf00m19uUfOS3RSRU5JH6+nAF+qyq5fb0ce/gYWDD6
nc+nBq6c36547fvPTFCv9/echlhX+or7a0nOATBulG2oibxSgEDIzYCl5LEqVC21
WW6znqL1LlO9on83IG8+orf2AdTOwvRvad+jZtKJREyH17ddR3kR0SMQrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL073ETjY/rr39xI+tOEf7KouD8EMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdlR2Y1JPTmotdXZmM0VqNjA0Ul9zcWk0UHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oAwQAXbmiMA0GCSqGSIb3DQEBCwUA
A4IBAQCwtkLWlU5ugu1n/jeQd4p3kIGrXoOBQVyiw7uDL251oih6LBEXZ6R7T3uO
bUuo2F28qxAEeUWUSGBdUNmVG0YJFNx1BTlrcgzsJ9FglvUx1qf1siOEhAo+gBf6
SXik9kYQ6hRmW9FnpCPink0QGqHVictapRD7m9ubuHlcDEBYtxlW9OzdX6Demq1s
r6nYiVwzdJ/ieBBpp87lTkaI3RkJ4qZTD8r4Ir98UD80K7TiTfc+B1LPwaLTh6VV
808SK1yJRkSfvTvOcza7nCzgtOJn91yjSdvmNJIIUJmtjg2OLR/L5FwTI0akV6FS
YOj11l4yja28rry18fR1Ol3OZwsB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:33 2023 by rpki-client on console-fra.rpki-client.org