Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/UvntSnjnHZ4aApDKLQc0UrYIHwU.roa
File: UvntSnjnHZ4aApDKLQc0UrYIHwU.roa (raw, json)
Hash identifier: uZh10vPKp+SazBc62s8bWUqR+3VQIayFn/HE4BrfuPc=
Subject key identifier: 52:F9:ED:4A:78:E7:1D:9E:1A:02:90:CA:2D:07:34:52:B6:08:1F:05
Certificate issuer: /CN=235163d39db88816cddc597a5db5eae707d3de39
Certificate serial: 018572D5B56B32A8EEF5F4AA7C93BCC00483
Authority key identifier: 23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/UvntSnjnHZ4aApDKLQc0UrYIHwU.roa
Signing time: Mon 02 Jan 2023 14:14:46 +0000
ROA not before: Mon 02 Jan 2023 14:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208250
IP address blocks: 45.150.120.0/24 maxlen: 24
45.150.120.0/22 maxlen: 22
45.150.121.0/24 maxlen: 24
45.150.122.0/24 maxlen: 24
2a0f:be00::/29 maxlen: 29
2a0f:be00:0:200::/56 maxlen: 56
2a0f:be00:0:100::/56 maxlen: 56
2a0f:be00::/56 maxlen: 56
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:b5:6b:32:a8:ee:f5:f4:aa:7c:93:bc:c0:04:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=235163d39db88816cddc597a5db5eae707d3de39
Validity
Not Before: Jan 2 14:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52f9ed4a78e71d9e1a0290ca2d073452b6081f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:46:7a:d2:06:f8:a7:6f:b6:f9:a9:b0:b2:
b4:48:aa:f0:a8:1f:6b:c7:98:fe:5a:95:6e:70:65:
bc:22:84:b4:85:46:1a:04:55:b7:7a:51:4f:e7:80:
f5:59:8a:c3:5d:26:85:09:22:2e:e8:88:9a:41:00:
e1:38:64:2c:32:91:19:cb:d3:a4:31:33:45:84:75:
89:cb:08:70:38:13:63:92:64:cc:d8:db:8a:cc:96:
00:68:d5:b3:00:49:d8:76:d5:42:e8:70:71:15:cd:
8b:f0:d8:fe:e0:40:b6:e7:02:4a:a8:f5:aa:d4:23:
ab:31:c2:9e:72:e8:b3:07:9b:95:6d:56:c0:de:b7:
f9:22:60:7e:26:15:e0:0c:8b:bd:ba:81:1f:71:32:
24:7a:2d:a6:90:2b:d2:b7:e4:d1:76:25:5c:a2:7d:
ac:32:25:19:ee:0f:31:35:a3:56:09:eb:f4:d6:b5:
a6:f5:c5:c6:5e:64:2a:a9:09:8a:38:74:fe:7e:5c:
ed:c9:74:a7:bc:fa:4e:7e:6e:f8:b1:81:dd:e5:2d:
f7:bf:ab:d5:15:38:f7:ed:3b:83:c8:11:bd:53:94:
44:59:8b:a4:b2:ea:a8:8c:d0:fb:79:9c:2b:86:c3:
d8:93:0d:45:61:b3:5e:2d:e3:69:46:f7:1d:1d:e3:
13:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F9:ED:4A:78:E7:1D:9E:1A:02:90:CA:2D:07:34:52:B6:08:1F:05
X509v3 Authority Key Identifier:
keyid:23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/UvntSnjnHZ4aApDKLQc0UrYIHwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.120.0/22
IPv6:
2a0f:be00::/29
Signature Algorithm: sha256WithRSAEncryption
38:4c:d5:75:cf:2b:af:b5:74:c8:54:74:e5:db:2f:1c:22:68:
70:e7:db:3b:ac:92:a0:ce:82:f3:a4:97:63:54:4c:60:82:5c:
4b:27:31:13:60:21:7a:9c:a8:d9:65:73:24:ea:fa:95:74:9e:
c2:bd:d0:56:bc:2b:cc:1b:ab:4d:09:65:e4:0c:25:88:38:cf:
28:43:b9:68:b5:f3:3b:86:20:fd:6e:e2:a6:e6:c2:ac:8e:4a:
c8:83:43:d9:b6:47:8c:74:a6:89:40:8d:2e:54:c8:15:28:b6:
3f:cb:fe:21:f6:4b:68:b4:0f:3f:49:c2:68:99:82:72:6a:92:
71:71:e3:e6:1b:f6:53:04:eb:86:73:4f:f2:f9:b2:ce:0b:4d:
ff:ff:14:7c:62:2f:f0:81:36:a6:19:14:22:36:bb:67:8d:29:
5e:b0:7c:e9:7f:ef:63:d5:88:89:c5:62:d8:4a:6e:2d:9b:a0:
62:c6:34:68:55:5b:98:a4:9e:d7:69:65:3e:c4:a4:ed:45:46:
45:6d:bc:50:b9:9e:c1:e9:8b:e5:9e:2d:01:4a:74:5d:c7:a4:
d9:e7:49:0b:1e:db:bb:ce:3b:49:56:ed:30:3e:bb:8f:69:0b:
16:e0:62:3b:d0:47:1f:5d:e5:d7:55:65:08:d4:ce:8e:bb:8d:
8d:a4:f5:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy1bVrMqju9fSqfJO8wASDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTE2M2QzOWRiODg4MTZjZGRjNTk3YTVkYjVlYWU3MDdk
M2RlMzkwHhcNMjMwMTAyMTQxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY5ZWQ0YTc4ZTcxZDllMWEwMjkwY2EyZDA3MzQ1MmI2MDgxZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsNGetIG+KdvtvmpsLK0SKrwqB9r
x5j+WpVucGW8IoS0hUYaBFW3elFP54D1WYrDXSaFCSIu6IiaQQDhOGQsMpEZy9Ok
MTNFhHWJywhwOBNjkmTM2NuKzJYAaNWzAEnYdtVC6HBxFc2L8Nj+4EC25wJKqPWq
1COrMcKecuizB5uVbVbA3rf5ImB+JhXgDIu9uoEfcTIkei2mkCvSt+TRdiVcon2s
MiUZ7g8xNaNWCev01rWm9cXGXmQqqQmKOHT+flztyXSnvPpOfm74sYHd5S33v6vV
FTj37TuDyBG9U5REWYuksuqojND7eZwrhsPYkw1FYbNeLeNpRvcdHeMTkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFL57Up45x2eGgKQyi0HNFK2CB8FMB8GA1UdIwQY
MBaAFCNRY9OduIgWzdxZel216ucH0945MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgt
OTE1MDI5NmRhYTBhLzEvVXZudFNuam5IWjRhQXBES0xRYzBVcllJSHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgtOTE1MDI5NmRhYTBh
LzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZZ4MA0E
AgACMAcDBQMqD74AMA0GCSqGSIb3DQEBCwUAA4IBAQA4TNV1zyuvtXTIVHTl2y8c
Imhw59s7rJKgzoLzpJdjVExgglxLJzETYCF6nKjZZXMk6vqVdJ7CvdBWvCvMG6tN
CWXkDCWIOM8oQ7lotfM7hiD9buKm5sKsjkrIg0PZtkeMdKaJQI0uVMgVKLY/y/4h
9ktotA8/ScJomYJyapJxcePmG/ZTBOuGc0/y+bLOC03//xR8Yi/wgTamGRQiNrtn
jSlesHzpf+9j1YiJxWLYSm4tm6BixjRoVVuYpJ7XaWU+xKTtRUZFbbxQuZ7B6Yvl
ni0BSnRdx6TZ50kLHtu7zjtJVu0wPruPaQsW4GI70EcfXeXXVWUI1M6Ou42NpPUi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:55 2023 by rpki-client on console-fra.rpki-client.org