Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5angEelCLtaVPiHQXfvdVZFzb2c.roa
File: 5angEelCLtaVPiHQXfvdVZFzb2c.roa (raw, json)
Hash identifier: 44dagtH+dufAsG1kU4kQXBcoAVfSj8Jxo6o48/geK+I=
Subject key identifier: E5:A9:E0:11:E9:42:2E:D6:95:3E:21:D0:5D:FB:DD:55:91:73:6F:67
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018895A2C52494D7C73B0F03D79DC6CCF1FC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5angEelCLtaVPiHQXfvdVZFzb2c.roa
Signing time: Wed 07 Jun 2023 11:34:12 +0000
ROA not before: Wed 07 Jun 2023 11:34:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.40.0/22 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
45.141.202.0/24 maxlen: 24
185.35.138.0/23 maxlen: 24
185.35.136.0/23 maxlen: 24
2a0b:64c0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:a2:c5:24:94:d7:c7:3b:0f:03:d7:9d:c6:cc:f1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 7 11:34:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5a9e011e9422ed6953e21d05dfbdd5591736f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2a:80:d7:5b:73:e9:73:70:43:55:45:5d:14:
8b:0c:8a:8c:18:70:29:9a:40:5a:72:ad:46:15:45:
08:6d:38:76:0a:29:e0:78:2f:16:be:91:d1:7e:b7:
b1:cb:ce:c9:53:55:64:fb:b9:7e:07:37:ef:c3:a7:
a5:67:a6:06:b1:72:d9:8d:dd:59:ce:1b:c9:89:e9:
39:57:f0:5e:5f:b8:e5:fb:81:95:71:d8:6d:6c:4b:
c2:65:df:e9:f6:4e:c7:19:56:1e:05:9b:16:a7:0d:
0b:b6:64:2e:2f:f1:b9:f5:74:c9:68:07:68:1b:56:
87:b4:4a:d1:8c:69:bd:f8:3b:d6:d7:6a:db:5a:fb:
c4:75:21:9a:2a:dc:8a:e7:36:27:0c:50:3c:1d:4f:
08:00:7f:1b:28:46:d0:d4:cd:6c:11:9d:d3:b8:11:
b3:11:cd:65:ce:0c:38:ae:f2:bf:bd:4a:d7:7d:bc:
c3:a0:bb:6e:47:2d:04:4c:8c:ba:a7:18:21:3d:38:
db:5a:ea:6f:64:82:6c:2a:94:bf:ab:e8:8d:b4:0a:
b0:61:3f:71:e1:93:27:92:8a:44:a2:0a:18:f5:53:
b7:4b:c0:c8:ef:0b:1d:d7:03:fc:d7:9c:1d:72:a4:
69:2c:bb:e4:f7:71:2e:92:50:4a:1f:4e:48:e2:fb:
f2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A9:E0:11:E9:42:2E:D6:95:3E:21:D0:5D:FB:DD:55:91:73:6F:67
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5angEelCLtaVPiHQXfvdVZFzb2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.40.0/22
45.141.200.0/22
185.35.136.0/22
IPv6:
2a0b:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
63:c5:5a:82:09:b9:d2:93:c9:a2:40:d1:e8:ea:49:b8:99:d6:
2c:ff:d2:3b:a2:c8:72:c2:18:4f:0a:43:f1:ab:09:1a:64:8d:
57:24:9f:fc:f4:f4:dd:b4:f4:8b:35:cb:26:e5:f3:d0:09:88:
15:55:ec:0e:b4:30:bc:20:c6:ee:f2:cd:80:6d:d7:cd:71:9e:
36:f1:cc:23:44:a8:8a:26:50:3f:3b:88:1a:0f:a3:bb:5e:8f:
93:91:1a:b5:c3:41:14:23:6c:57:d3:8e:6c:1f:81:97:0c:33:
cf:38:58:36:33:0e:c4:3c:5d:9e:b1:5d:a5:97:69:2b:ac:aa:
a6:d4:df:8b:b8:b7:0d:38:4b:92:f0:66:68:4b:61:38:ae:7c:
f8:e9:97:1d:1e:2b:cd:cb:a2:d0:e5:15:e9:2c:8b:9c:f6:7c:
31:36:a7:45:8a:1b:1f:67:ba:7c:d0:1f:28:36:35:ef:f3:53:
de:55:d2:02:b9:a4:ce:84:fc:d6:50:3b:34:c6:4c:76:59:31:
b4:a0:f4:5b:a0:b0:4a:c3:25:a6:14:75:33:ac:92:19:79:8c:
37:d1:94:22:77:19:31:d1:cb:be:e2:3a:65:15:dd:61:4a:dd:
a5:17:b3:d5:e7:29:d2:f9:26:36:b4:75:cf:3b:6a:38:f1:6f:
45:99:bc:04
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYiVosUklNfHOw8D153GzPH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjA3MTEzNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE5ZTAxMWU5NDIyZWQ2OTUzZTIxZDA1ZGZiZGQ1NTkxNzM2ZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSqA11tz6XNwQ1VFXRSLDIqMGHAp
mkBacq1GFUUIbTh2CingeC8WvpHRfrexy87JU1Vk+7l+Bzfvw6elZ6YGsXLZjd1Z
zhvJiek5V/BeX7jl+4GVcdhtbEvCZd/p9k7HGVYeBZsWpw0LtmQuL/G59XTJaAdo
G1aHtErRjGm9+DvW12rbWvvEdSGaKtyK5zYnDFA8HU8IAH8bKEbQ1M1sEZ3TuBGz
Ec1lzgw4rvK/vUrXfbzDoLtuRy0ETIy6pxghPTjbWupvZIJsKpS/q+iNtAqwYT9x
4ZMnkopEogoY9VO3S8DI7wsd1wP815wdcqRpLLvk93EuklBKH05I4vvy3QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOWp4BHpQi7WlT4h0F373VWRc29nMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNWFuZ0VlbENMdGFWUGlIUVhmdmRWWkZ6YjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLXsoAwQC
LY3IAwQCuSOIMA0EAgACMAcDBQAqC2TAMA0GCSqGSIb3DQEBCwUAA4IBAQBjxVqC
CbnSk8miQNHo6km4mdYs/9I7oshywhhPCkPxqwkaZI1XJJ/89PTdtPSLNcsm5fPQ
CYgVVewOtDC8IMbu8s2AbdfNcZ428cwjRKiKJlA/O4gaD6O7Xo+TkRq1w0EUI2xX
045sH4GXDDPPOFg2Mw7EPF2esV2ll2krrKqm1N+LuLcNOEuS8GZoS2E4rnz46Zcd
HivNy6LQ5RXpLIuc9nwxNqdFihsfZ7p80B8oNjXv81PeVdICuaTOhPzWUDs0xkx2
WTG0oPRboLBKwyWmFHUzrJIZeYw30ZQidxkx0cu+4jplFd1hSt2lF7PV5ynS+SY2
tHXPO2o48W9FmbwE
-----END CERTIFICATE-----
Generated at Sun Oct 8 10:48:08 2023 by rpki-client on console-fra.rpki-client.org