Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Y1uWx1SzrfL49CZLsIrX_vnFX4w.roa
File: Y1uWx1SzrfL49CZLsIrX_vnFX4w.roa (raw, json)
Hash identifier: XUbW0VDSaPqw+zERQNCvMoU+6gy4wl9Zwpaoy+n5dQI=
Subject key identifier: 63:5B:96:C7:54:B3:AD:F2:F8:F4:26:4B:B0:8A:D7:FE:F9:C5:5F:8C
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018BAA576CD67E08CC45F7FED21237811513
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Y1uWx1SzrfL49CZLsIrX_vnFX4w.roa
Signing time: Tue 07 Nov 2023 15:12:18 +0000
ROA not before: Tue 07 Nov 2023 15:12:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 185.251.44.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
45.133.136.0/24 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 17:08:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:57:6c:d6:7e:08:cc:45:f7:fe:d2:12:37:81:15:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Nov 7 15:12:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=635b96c754b3adf2f8f4264bb08ad7fef9c55f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:ee:d5:c0:d5:bb:c4:27:2c:c1:8b:5b:a8:
c2:48:b6:17:96:bc:2b:15:bb:02:48:42:a8:c5:37:
72:8c:71:b6:95:84:bc:5e:8a:20:b2:44:8b:8b:a7:
08:21:ef:e4:fe:8a:f0:c6:46:6b:db:61:28:b7:ae:
48:4a:63:b1:d1:1f:01:12:2f:be:5b:f4:ed:82:34:
e1:a9:fd:f7:27:6a:16:9c:a5:61:f7:be:7c:ac:b9:
cd:8e:4d:a2:4d:a6:c7:4d:3e:b0:5e:d2:67:c8:87:
15:b7:ae:6e:30:0a:cd:10:4d:51:b4:b9:96:d6:03:
4c:3e:74:49:57:60:88:10:ce:ee:b3:90:fd:b1:d7:
ca:32:55:76:f3:e4:4b:30:fa:09:db:79:94:c3:6b:
6f:ce:e6:96:ec:ce:67:a2:f6:66:fb:d9:3c:f7:89:
f8:20:04:72:02:08:2e:66:1b:e8:f9:2e:89:5b:cf:
f8:52:53:b2:c2:6a:3f:51:81:3c:83:4f:37:23:4e:
80:9d:fd:04:40:be:c0:1c:76:b1:51:be:c6:bc:29:
2f:48:3c:5f:6e:d4:b0:cd:76:ad:1a:8d:a0:ad:4c:
40:a5:5c:15:25:51:f8:5f:50:18:df:c9:93:47:d4:
fd:ae:d2:97:2f:c6:32:f4:bc:44:80:ec:8e:35:d8:
59:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5B:96:C7:54:B3:AD:F2:F8:F4:26:4B:B0:8A:D7:FE:F9:C5:5F:8C
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Y1uWx1SzrfL49CZLsIrX_vnFX4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
95.175.64.0/19
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
195.66.216.0/21
Signature Algorithm: sha256WithRSAEncryption
61:55:94:a1:3f:17:36:c4:2a:67:0e:f3:f3:95:40:a4:32:2d:
40:31:60:6c:3b:1e:79:04:10:a3:dc:53:78:ca:5f:15:be:98:
78:36:91:f9:e5:4d:9b:26:9a:c3:17:12:41:61:b3:8f:48:6f:
de:fa:34:b4:50:48:66:d0:ca:4d:19:10:e7:c9:57:e8:66:30:
66:a3:98:38:f3:6f:9f:23:08:0a:66:da:fa:37:49:72:e9:73:
51:b5:e2:a5:1e:8f:85:d2:39:3c:b8:ac:ce:9b:d6:7a:f8:ea:
4a:65:cb:31:8c:21:46:12:2e:58:5c:b7:3b:8f:f0:c1:6d:e3:
d4:16:9b:3b:29:d5:20:fa:1a:e8:db:2d:43:31:c5:79:10:1d:
be:a9:ee:39:73:90:6d:c8:0e:a1:4f:20:14:53:ce:86:c5:2a:
cb:6f:f4:46:e0:5f:75:c7:ef:33:46:7b:2f:08:d2:69:8a:a5:
e7:36:cb:66:b5:bd:9c:e7:52:3b:49:47:39:f7:8a:4b:57:91:
24:a1:f9:ae:b4:cb:0d:35:f6:3a:7d:f6:1b:a8:f9:40:47:2b:
8e:63:eb:7e:5f:af:45:9d:a5:51:99:a5:f2:fa:c5:e0:5a:ee:
cf:65:f9:a9:08:45:de:bb:ea:5b:3d:7c:fe:7d:1b:ec:49:17:
10:11:b1:1e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuqV2zWfgjMRff+0hI3gRUTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMTA3MTUxMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzViOTZjNzU0YjNhZGYyZjhmNDI2NGJiMDhhZDdmZWY5YzU1ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7nu1cDVu8QnLMGLW6jCSLYXlrwr
FbsCSEKoxTdyjHG2lYS8XoogskSLi6cIIe/k/orwxkZr22Eot65ISmOx0R8BEi++
W/TtgjThqf33J2oWnKVh9758rLnNjk2iTabHTT6wXtJnyIcVt65uMArNEE1RtLmW
1gNMPnRJV2CIEM7us5D9sdfKMlV28+RLMPoJ23mUw2tvzuaW7M5novZm+9k894n4
IARyAgguZhvo+S6JW8/4UlOywmo/UYE8g083I06Anf0EQL7AHHaxUb7GvCkvSDxf
btSwzXatGo2grUxApVwVJVH4X1AY38mTR9T9rtKXL8Yy9LxEgOyONdhZWwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGNblsdUs63y+PQmS7CK1/75xV+MMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvWTF1V3gxU3pyZkw0OUNaTHNJclhfdm5GWDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYWIAwQF
X69AAwQCuffkAwQCufssAwQCufv4AwQDw0LYMA0GCSqGSIb3DQEBCwUAA4IBAQBh
VZShPxc2xCpnDvPzlUCkMi1AMWBsOx55BBCj3FN4yl8Vvph4NpH55U2bJprDFxJB
YbOPSG/e+jS0UEhm0MpNGRDnyVfoZjBmo5g482+fIwgKZtr6N0ly6XNRteKlHo+F
0jk8uKzOm9Z6+OpKZcsxjCFGEi5YXLc7j/DBbePUFps7KdUg+hro2y1DMcV5EB2+
qe45c5BtyA6hTyAUU86GxSrLb/RG4F91x+8zRnsvCNJpiqXnNstmtb2c51I7SUc5
94pLV5EkofmutMsNNfY6ffYbqPlARyuOY+t+X69FnaVRmaXy+sXgWu7PZfmpCEXe
u+pbPXz+fRvsSRcQEbEe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org