Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H-nV-7miF6eyPvelmGx-My_biXY.roa
File: H-nV-7miF6eyPvelmGx-My_biXY.roa (raw, json)
Hash identifier: eDQzxqnylyqR0nM5Fw5Swsy4hQiExKUpnFJWh6xdDfc=
Subject key identifier: 1F:E9:D5:FB:B9:A2:17:A7:B2:3E:F7:A5:98:6C:7E:33:2F:DB:89:76
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0187FAF62A917285776738D2CBBEBBFDD707
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H-nV-7miF6eyPvelmGx-My_biXY.roa
Signing time: Mon 08 May 2023 10:44:09 +0000
ROA not before: Mon 08 May 2023 10:44:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
194.61.40.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:f6:2a:91:72:85:77:67:38:d2:cb:be:bb:fd:d7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 8 10:44:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fe9d5fbb9a217a7b23ef7a5986c7e332fdb8976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e4:2b:1a:7e:3c:21:27:2c:ea:19:1a:3a:9f:
02:ef:a7:c2:cf:14:1b:42:0f:d5:a2:82:8b:75:f6:
f8:89:be:1d:3f:0c:e3:e9:35:c7:43:0c:30:04:85:
be:67:4a:cf:0b:29:cc:66:2d:b9:ba:c7:ff:d8:2e:
79:43:21:de:20:42:b6:d4:97:95:fc:c2:3f:db:04:
3d:a8:21:93:c2:ae:4a:7e:f9:08:3a:d1:78:2a:33:
f0:10:de:52:62:83:87:1f:4a:2a:ae:78:de:e5:69:
87:19:8a:9d:2f:8f:26:74:9e:18:a2:d9:6c:59:c9:
02:83:3e:27:1a:25:ae:4a:4f:47:72:d8:dc:60:ca:
10:f0:46:05:01:4a:71:73:39:43:c7:a7:42:db:74:
d3:11:ec:a8:3b:e7:73:fd:0a:78:52:5d:80:b8:9a:
87:4d:e0:ff:77:98:c3:fb:48:a4:7c:03:a4:72:af:
6d:f4:5f:0e:9f:c8:72:6d:bc:15:ea:94:59:ce:c1:
c1:7e:65:9b:a8:75:48:cc:8e:8b:45:00:b0:65:1b:
a1:16:cf:4c:97:68:ee:39:2c:83:84:00:5f:3d:fa:
c5:24:cb:bf:ab:41:45:32:08:a4:de:2b:f3:92:5c:
a3:61:00:db:78:10:4c:ac:d1:01:40:eb:4b:16:4f:
54:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E9:D5:FB:B9:A2:17:A7:B2:3E:F7:A5:98:6C:7E:33:2F:DB:89:76
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/H-nV-7miF6eyPvelmGx-My_biXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
194.5.82.0/23
194.61.40.0/23
Signature Algorithm: sha256WithRSAEncryption
43:18:64:40:7f:75:06:82:12:94:7c:cc:a1:21:ea:12:5e:97:
5a:b0:bc:58:7e:10:d2:1d:3b:23:28:68:43:90:b7:a2:14:5d:
50:e1:3d:64:e4:87:91:e3:27:f9:a2:61:e4:46:06:6f:18:c8:
b1:db:b1:92:e9:de:e4:9d:c2:44:9a:74:db:be:e0:f2:a1:46:
2d:da:5d:a0:56:2f:17:b5:5a:17:89:2d:18:41:83:a1:bd:01:
26:2e:f1:e5:6d:85:0a:0a:87:81:68:f2:91:9b:68:de:ac:c8:
c2:b5:63:11:9c:ac:eb:6b:eb:7a:c3:66:c8:e7:62:f7:8d:53:
49:35:93:d6:59:6e:41:47:ed:5a:14:87:0a:9e:49:50:e9:0c:
08:ed:8a:6c:23:d9:6d:cc:5a:38:90:0c:a1:89:2b:59:dd:f4:
67:4c:e2:8a:e9:18:30:6a:07:af:ca:6a:59:5f:00:c7:46:ab:
9d:19:f0:96:18:2a:ab:40:03:51:ef:0f:fa:30:28:f8:f9:20:
16:ed:39:80:da:91:6b:21:e6:b9:79:75:a7:a6:98:90:56:56:
29:71:10:99:f2:b0:73:42:55:06:fa:cc:46:fd:a6:9c:e8:82:
49:20:65:a7:7d:32:03:3e:e9:af:b6:95:a4:fb:ef:6f:41:77:
3a:3f:10:99
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYf69iqRcoV3ZzjSy767/dcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTA4MTA0NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmU5ZDVmYmI5YTIxN2E3YjIzZWY3YTU5ODZjN2UzMzJmZGI4OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8eQrGn48IScs6hkaOp8C76fCzxQb
Qg/VooKLdfb4ib4dPwzj6TXHQwwwBIW+Z0rPCynMZi25usf/2C55QyHeIEK21JeV
/MI/2wQ9qCGTwq5KfvkIOtF4KjPwEN5SYoOHH0oqrnje5WmHGYqdL48mdJ4Yotls
WckCgz4nGiWuSk9HctjcYMoQ8EYFAUpxczlDx6dC23TTEeyoO+dz/Qp4Ul2AuJqH
TeD/d5jD+0ikfAOkcq9t9F8On8hybbwV6pRZzsHBfmWbqHVIzI6LRQCwZRuhFs9M
l2juOSyDhABfPfrFJMu/q0FFMgik3ivzklyjYQDbeBBMrNEBQOtLFk9UGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB/p1fu5ohensj73pZhsfjMv24l2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSC1uVi03bWlGNmV5UHZlbG1HeC1NeV9iaVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQhGAwQB
LYLKAwQCLYUEAwQBWSJ+AwQBwgVSAwQBwj0oMA0GCSqGSIb3DQEBCwUAA4IBAQBD
GGRAf3UGghKUfMyhIeoSXpdasLxYfhDSHTsjKGhDkLeiFF1Q4T1k5IeR4yf5omHk
RgZvGMix27GS6d7kncJEmnTbvuDyoUYt2l2gVi8XtVoXiS0YQYOhvQEmLvHlbYUK
CoeBaPKRm2jerMjCtWMRnKzra+t6w2bI52L3jVNJNZPWWW5BR+1aFIcKnklQ6QwI
7YpsI9ltzFo4kAyhiStZ3fRnTOKK6RgwagevympZXwDHRqudGfCWGCqrQANR7w/6
MCj4+SAW7TmA2pFrIea5eXWnppiQVlYpcRCZ8rBzQlUG+sxG/aac6IJJIGWnfTID
PumvtpWk++9vQXc6PxCZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org