Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wHogMpIg9bqIU1jKxbzgDOCk69o.roa
File: wHogMpIg9bqIU1jKxbzgDOCk69o.roa (raw, json)
Hash identifier: fJRS+8YeqgSCMEEw8xSJ8R+10a+eu51wvQx0WXFDErM=
Subject key identifier: C0:7A:20:32:92:20:F5:BA:88:53:58:CA:C5:BC:E0:0C:E0:A4:EB:DA
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86F9E8C01DE5B6E922FDA33E4A23893
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wHogMpIg9bqIU1jKxbzgDOCk69o.roa
Signing time: Tue 02 Jan 2024 04:30:07 +0000
ROA not before: Tue 02 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.140.214.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
2a0f:e381::/32 maxlen: 32
2a07:e343::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:36:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9e:8c:01:de:5b:6e:92:2f:da:33:e4:a2:38:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c07a20329220f5ba885358cac5bce00ce0a4ebda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:04:a0:e9:3d:fd:43:9b:fe:29:f7:e5:c4:af:
05:46:2f:5e:9c:b5:2a:32:c2:73:95:f7:d6:b5:cc:
e5:80:f1:13:5a:74:48:7f:0c:b7:9d:13:4a:86:ee:
75:39:da:c3:69:88:0a:7e:65:54:ef:f4:4d:1b:17:
77:e6:55:15:dd:d9:a9:39:d2:6e:02:89:86:d0:db:
23:4f:f2:77:c3:6f:19:4d:ba:9e:c3:bd:2b:ac:dc:
cb:eb:96:5b:32:1e:bf:0d:68:e9:1f:1d:36:43:2c:
7f:94:5c:c2:f7:f5:37:38:bf:4b:f3:e1:2a:c8:a0:
f9:6b:25:b7:d4:95:39:f9:99:42:1e:2c:04:37:03:
c0:4a:05:7c:83:9e:9a:f7:0d:a1:5e:55:10:a7:e8:
e0:e7:05:05:e3:65:b1:43:95:1c:26:53:d0:f7:94:
d6:32:eb:70:dd:9d:a6:a2:cb:b9:a1:29:49:f2:15:
25:13:3a:f0:ed:f4:67:39:07:2c:c5:68:a6:aa:5e:
18:fd:bc:a5:e6:67:79:76:57:b4:1b:53:9e:52:23:
3c:12:5e:de:f5:c8:aa:b1:28:e4:b9:2c:48:27:ac:
13:07:4c:6d:e8:fa:36:2e:fc:84:70:88:4a:a9:8e:
61:47:e8:a4:f7:95:21:8a:a1:04:10:c2:2d:25:78:
17:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7A:20:32:92:20:F5:BA:88:53:58:CA:C5:BC:E0:0C:E0:A4:EB:DA
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wHogMpIg9bqIU1jKxbzgDOCk69o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
76:51:0a:90:c3:f3:06:f7:82:15:eb:c0:9e:9e:76:c8:67:7d:
42:08:8e:86:55:31:24:2a:cf:58:69:c3:ee:8b:4a:22:ac:6d:
2c:69:f0:0c:bd:86:66:44:ac:a8:86:be:c5:77:25:63:de:50:
6d:32:1c:a7:ad:7d:6c:82:e0:f3:34:0b:07:ec:66:bc:8f:66:
97:66:60:52:46:4c:da:92:80:5a:08:eb:3f:99:fd:c3:65:9f:
11:a6:f8:a6:27:88:f0:ad:fe:59:14:0f:1c:8a:28:d3:41:20:
f8:c4:ac:23:45:2b:09:e0:38:f9:1b:25:2d:56:60:48:03:72:
0d:0c:83:1b:66:63:6a:ff:c8:ee:79:65:6e:0b:c3:e3:48:df:
d3:26:01:a8:c9:7d:ea:fc:a3:7c:22:f5:69:81:dd:81:fc:e5:
7a:0b:d6:85:fa:25:64:be:ed:31:ba:b7:aa:f3:2e:a1:ea:65:
16:15:9c:ca:b6:84:92:04:34:cb:44:31:fa:b6:b5:0c:2e:f0:
e4:23:12:f7:1d:7d:58:50:2b:9f:90:ce:c9:3a:ba:db:b8:ef:
ca:52:7c:d7:9c:df:5b:10:f2:6c:6f:3e:7d:a6:29:ca:9d:76:
25:1b:4a:08:a5:d3:52:38:27:a8:ab:cf:44:38:5b:6f:fc:02:
d6:95:99:ff
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIb56MAd5bbpIv2jPkojiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdhMjAzMjkyMjBmNWJhODg1MzU4Y2FjNWJjZTAwY2UwYTRlYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwSg6T39Q5v+KfflxK8FRi9enLUq
MsJzlffWtczlgPETWnRIfwy3nRNKhu51OdrDaYgKfmVU7/RNGxd35lUV3dmpOdJu
AomG0NsjT/J3w28ZTbqew70rrNzL65ZbMh6/DWjpHx02Qyx/lFzC9/U3OL9L8+Eq
yKD5ayW31JU5+ZlCHiwENwPASgV8g56a9w2hXlUQp+jg5wUF42WxQ5UcJlPQ95TW
Mutw3Z2mosu5oSlJ8hUlEzrw7fRnOQcsxWimql4Y/byl5md5dle0G1OeUiM8El7e
9ciqsSjkuSxIJ6wTB0xt6Po2LvyEcIhKqY5hR+ik95UhiqEEEMItJXgXTwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMB6IDKSIPW6iFNYysW84AzgpOvaMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvd0hvZ01wSWc5YnFJVTFqS3hiemdET0NrNjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQALYzWAwQA
LY7MAwQALY7OAwQALZCcAwQALZCeAwQALZH5MBQEAgACMA4DBQAqB+NDAwUAKg/j
gTANBgkqhkiG9w0BAQsFAAOCAQEAdlEKkMPzBveCFevAnp52yGd9QgiOhlUxJCrP
WGnD7otKIqxtLGnwDL2GZkSsqIa+xXclY95QbTIcp619bILg8zQLB+xmvI9ml2Zg
UkZM2pKAWgjrP5n9w2WfEab4pieI8K3+WRQPHIoo00Eg+MSsI0UrCeA4+RslLVZg
SANyDQyDG2Zjav/I7nllbgvD40jf0yYBqMl96vyjfCL1aYHdgfzlegvWhfolZL7t
Mbq3qvMuoeplFhWcyraEkgQ0y0Qx+ra1DC7w5CMS9x19WFArn5DOyTq627jvylJ8
15zfWxDybG8+faYpyp12JRtKCKXTUjgnqKvPRDhbb/wC1pWZ/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org