Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/458282-5405-4b17-997d-7cd59619c0d6/1/s2NAYjaN_rmcCHc2gui6gfNEQwA.roa
File: s2NAYjaN_rmcCHc2gui6gfNEQwA.roa (raw, json)
Hash identifier: ulDKiqE3z9deMWFykkEDGC3jT/snGRqCnASXeoeBwJM=
Subject key identifier: B3:63:40:62:36:8D:FE:B9:9C:08:77:36:82:E8:BA:81:F3:44:43:00
Certificate issuer: /CN=48c741c9df5b2e48993b9183b79ff346b4319381
Certificate serial: 0185728C6EFB1A11B25932AF7DDE9CE07AAC
Authority key identifier: 48:C7:41:C9:DF:5B:2E:48:99:3B:91:83:B7:9F:F3:46:B4:31:93:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SMdByd9bLkiZO5GDt5_zRrQxk4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/458282-5405-4b17-997d-7cd59619c0d6/1/s2NAYjaN_rmcCHc2gui6gfNEQwA.roa
Signing time: Mon 02 Jan 2023 12:54:44 +0000
ROA not before: Mon 02 Jan 2023 12:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207164
IP address blocks: 45.15.224.0/22 maxlen: 24
185.164.80.0/22 maxlen: 24
2a0e:5180::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:6e:fb:1a:11:b2:59:32:af:7d:de:9c:e0:7a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48c741c9df5b2e48993b9183b79ff346b4319381
Validity
Not Before: Jan 2 12:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3634062368dfeb99c08773682e8ba81f3444300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a2:2b:0b:ec:3e:e0:7b:11:67:69:d4:e3:07:
db:0a:4c:83:73:b4:c8:ef:1c:6d:8b:99:c7:e6:11:
bb:df:05:f9:d7:39:09:6e:10:f6:9c:10:5f:17:a8:
de:7a:2e:18:8b:f4:55:f2:e7:39:a4:10:d3:9a:4d:
f2:b8:04:36:43:51:f7:56:0b:d9:f0:00:8c:6d:99:
4c:46:89:bf:c2:19:d2:df:d0:2d:d1:17:60:38:16:
33:3d:e0:4e:96:d3:b4:f6:34:fa:d1:a7:aa:9c:bb:
ba:f1:d6:86:c4:8d:59:68:e7:c2:cd:51:ed:6e:0f:
b3:3a:a6:4d:ea:16:00:32:49:64:ca:69:03:e9:bc:
5a:82:8b:3f:bf:67:0c:d3:37:66:82:f0:86:b1:07:
a1:b5:22:38:f0:4d:ee:3b:e3:b9:a1:ab:e1:d9:5b:
5d:59:5b:39:90:2a:f9:b9:ec:ed:6c:18:c8:05:93:
e9:1a:b0:ea:fe:4a:4f:82:92:4e:f2:37:c3:88:99:
96:fe:0e:28:18:2f:2f:9e:a2:0b:bc:37:a2:25:40:
98:aa:b0:d2:f8:4b:95:3d:15:d3:8b:d0:73:e3:d7:
bc:af:f6:cc:9c:e9:68:e1:61:05:23:7a:6c:54:40:
e8:3c:ce:f6:85:4c:20:e5:71:c5:61:55:b9:ef:b6:
0b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:63:40:62:36:8D:FE:B9:9C:08:77:36:82:E8:BA:81:F3:44:43:00
X509v3 Authority Key Identifier:
keyid:48:C7:41:C9:DF:5B:2E:48:99:3B:91:83:B7:9F:F3:46:B4:31:93:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SMdByd9bLkiZO5GDt5_zRrQxk4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/458282-5405-4b17-997d-7cd59619c0d6/1/s2NAYjaN_rmcCHc2gui6gfNEQwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/458282-5405-4b17-997d-7cd59619c0d6/1/SMdByd9bLkiZO5GDt5_zRrQxk4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.224.0/22
185.164.80.0/22
IPv6:
2a0e:5180::/29
Signature Algorithm: sha256WithRSAEncryption
5a:04:a6:44:be:49:43:f0:f3:9a:a4:df:7f:c5:51:91:51:69:
71:70:0b:cc:c1:74:91:ad:1d:57:6b:5f:f8:a4:87:b8:51:24:
da:a5:4d:de:b2:8a:e1:bd:2d:f7:84:da:6d:78:c4:7e:23:a9:
10:5e:4e:46:4a:98:9a:f0:3f:ae:ac:65:84:70:b9:31:6b:75:
27:15:5e:59:1a:63:cc:d0:cf:7d:a2:0f:ad:dd:46:2f:67:c4:
30:29:cf:c1:f6:33:40:48:04:98:d4:eb:8f:94:f1:a8:c4:d4:
bb:2c:a2:42:45:11:1d:41:08:e8:ea:8e:d0:fa:b6:8b:f2:ac:
71:4d:e2:ae:bc:20:59:4a:fa:81:4f:f1:8f:65:79:26:a1:bf:
d2:1f:66:e6:17:bd:70:78:a9:d6:76:67:29:c2:7e:fe:b5:7a:
4e:21:9c:37:1f:37:12:b1:fe:18:0d:01:4a:8c:c1:5f:80:2e:
1d:a8:53:d4:51:bf:09:05:2b:ca:f4:d9:30:8e:06:15:06:0b:
77:de:7c:0f:2e:01:15:fe:a1:81:df:86:63:21:ee:f0:ae:c7:
32:b4:9f:5f:8b:00:3b:1d:8a:4a:94:f2:21:fc:46:4a:5c:ae:
52:68:8d:bd:ce:36:4e:6b:e5:00:52:3f:c3:00:b8:d6:67:c5:
54:79:bf:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyjG77GhGyWTKvfd6c4HqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Yzc0MWM5ZGY1YjJlNDg5OTNiOTE4M2I3OWZmMzQ2YjQz
MTkzODEwHhcNMjMwMTAyMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYzNDA2MjM2OGRmZWI5OWMwODc3MzY4MmU4YmE4MWYzNDQ0MzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKIrC+w+4HsRZ2nU4wfbCkyDc7TI
7xxti5nH5hG73wX51zkJbhD2nBBfF6jeei4Yi/RV8uc5pBDTmk3yuAQ2Q1H3VgvZ
8ACMbZlMRom/whnS39At0RdgOBYzPeBOltO09jT60aeqnLu68daGxI1ZaOfCzVHt
bg+zOqZN6hYAMklkymkD6bxagos/v2cM0zdmgvCGsQehtSI48E3uO+O5oavh2Vtd
WVs5kCr5ueztbBjIBZPpGrDq/kpPgpJO8jfDiJmW/g4oGC8vnqILvDeiJUCYqrDS
+EuVPRXTi9Bz49e8r/bMnOlo4WEFI3psVEDoPM72hUwg5XHFYVW577YLCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLNjQGI2jf65nAh3NoLouoHzREMAMB8GA1UdIwQY
MBaAFEjHQcnfWy5ImTuRg7ef80a0MZOBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU01kQnlkOWJMa2laTzVHRHQ1X3pSclF4azRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80NTgyODItNTQwNS00YjE3LTk5N2Qt
N2NkNTk2MTljMGQ2LzEvczJOQVlqYU5fcm1jQ0hjMmd1aTZnZk5FUXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80NTgyODItNTQwNS00YjE3LTk5N2QtN2NkNTk2MTljMGQ2
LzEvU01kQnlkOWJMa2laTzVHRHQ1X3pSclF4azRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ/gAwQC
uaRQMA0EAgACMAcDBQMqDlGAMA0GCSqGSIb3DQEBCwUAA4IBAQBaBKZEvklD8POa
pN9/xVGRUWlxcAvMwXSRrR1Xa1/4pIe4USTapU3esorhvS33hNpteMR+I6kQXk5G
Spia8D+urGWEcLkxa3UnFV5ZGmPM0M99og+t3UYvZ8QwKc/B9jNASASY1OuPlPGo
xNS7LKJCRREdQQjo6o7Q+raL8qxxTeKuvCBZSvqBT/GPZXkmob/SH2bmF71weKnW
dmcpwn7+tXpOIZw3HzcSsf4YDQFKjMFfgC4dqFPUUb8JBSvK9NkwjgYVBgt33nwP
LgEV/qGB34ZjIe7wrscytJ9fiwA7HYpKlPIh/EZKXK5SaI29zjZOa+UAUj/DALjW
Z8VUeb9h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org