Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/wlxvpeXkISvC-q9TDNQgvNMXfyc.roa
File: wlxvpeXkISvC-q9TDNQgvNMXfyc.roa (raw, json)
Hash identifier: Qc/kX7X9O6d/1NCZRd7mjv0R/nnPF5QKDaRkq2OyM7s=
Subject key identifier: C2:5C:6F:A5:E5:E4:21:2B:C2:FA:AF:53:0C:D4:20:BC:D3:17:7F:27
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 0187D8991357BC04268BB0F9EE9815F3AC88
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/wlxvpeXkISvC-q9TDNQgvNMXfyc.roa
Signing time: Mon 01 May 2023 18:35:23 +0000
ROA not before: Mon 01 May 2023 18:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49870
IP address blocks: 45.95.145.0/24 maxlen: 24
45.95.144.0/23 maxlen: 23
45.95.146.0/24 maxlen: 24
45.95.147.0/24 maxlen: 24
45.80.36.0/23 maxlen: 23
2a0e:3980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d8:99:13:57:bc:04:26:8b:b0:f9:ee:98:15:f3:ac:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: May 1 18:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c25c6fa5e5e4212bc2faaf530cd420bcd3177f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:56:b9:01:af:07:ab:07:15:38:da:0d:c4:
9e:8a:1a:58:28:90:72:d2:ea:f5:ad:ca:58:39:96:
1c:0d:b8:cb:eb:01:26:45:e4:be:c1:06:5b:40:37:
e9:4a:72:47:df:ab:76:8d:9d:71:ca:3b:54:9f:7a:
81:0a:9d:02:25:d7:63:b0:e5:df:2d:ff:37:d4:5f:
d7:a9:8f:a3:73:9d:04:f7:24:f2:a6:e4:cb:aa:2b:
44:ff:b8:b3:1d:7f:e6:b6:dd:f1:96:ee:57:fe:28:
29:17:ff:7c:91:fb:d5:10:bf:a1:45:4e:fd:df:a3:
89:6f:e3:58:7b:89:84:0d:bc:49:d9:67:3b:3f:84:
ee:24:1e:27:56:4e:28:25:a7:cf:f4:9c:23:a2:a5:
d8:57:96:69:3e:60:bf:4f:1c:0b:3c:6b:99:01:86:
11:8c:78:45:ed:7c:aa:d8:56:21:ff:21:77:8c:3c:
0d:ae:c5:ab:a9:bd:e6:e4:6a:9b:cf:5e:6f:4a:3f:
07:de:21:89:06:9b:ab:53:61:6f:a9:cc:b6:ad:63:
48:6b:91:09:2c:51:8a:3f:54:50:2b:29:ac:fa:ea:
e8:92:7d:d3:26:78:35:a2:67:bc:c3:dc:3f:58:73:
25:15:9f:12:88:ff:ed:69:94:72:f4:00:86:c5:cb:
e3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5C:6F:A5:E5:E4:21:2B:C2:FA:AF:53:0C:D4:20:BC:D3:17:7F:27
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/wlxvpeXkISvC-q9TDNQgvNMXfyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.36.0/23
45.95.144.0/22
IPv6:
2a0e:3980::/29
Signature Algorithm: sha256WithRSAEncryption
a3:bd:e8:89:63:b2:94:fb:a9:c8:55:46:47:c8:8f:9d:53:1a:
8a:e7:80:5e:71:96:94:74:35:38:81:d9:eb:cf:5d:d2:02:9d:
1f:9c:3a:4e:4e:67:2d:b9:8a:ce:e0:a9:36:9e:6f:c9:78:d1:
df:30:15:c5:6d:81:28:b0:41:2f:94:59:78:34:fc:22:0c:16:
20:aa:e9:a3:20:95:05:54:a2:18:fc:1f:aa:83:78:a6:a8:5b:
43:a2:d1:a8:60:5d:d6:35:8a:06:47:f7:aa:bb:f3:04:be:09:
99:7b:f5:3b:d3:ef:ef:04:fc:c5:42:76:70:e1:04:76:c1:e4:
6f:a3:a9:00:ca:4a:d1:45:11:05:c0:df:53:29:7a:03:a7:00:
15:77:b3:e7:32:48:8e:cd:c7:fd:41:84:c5:e8:b2:08:ec:d0:
f8:50:35:58:26:aa:62:fa:3f:73:b3:49:fb:cd:90:49:7e:5e:
33:5b:c3:5c:a0:a3:83:88:ee:fb:41:7d:d6:2c:b8:0d:cd:26:
70:fb:fa:c3:b6:c2:29:34:b5:9a:6e:8d:06:12:c0:90:4f:4d:
3d:aa:1e:53:66:06:28:17:5b:bb:06:30:e6:01:47:28:d2:a9:
88:e9:5c:6a:76:d9:1c:df:d8:ce:c6:9b:a6:37:0c:33:ab:b0:
bc:b7:e4:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfYmRNXvAQmi7D57pgV86yIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjMwNTAxMTgzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjVjNmZhNWU1ZTQyMTJiYzJmYWFmNTMwY2Q0MjBiY2QzMTc3ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgJWuQGvB6sHFTjaDcSeihpYKJBy
0ur1rcpYOZYcDbjL6wEmReS+wQZbQDfpSnJH36t2jZ1xyjtUn3qBCp0CJddjsOXf
Lf831F/XqY+jc50E9yTypuTLqitE/7izHX/mtt3xlu5X/igpF/98kfvVEL+hRU79
36OJb+NYe4mEDbxJ2Wc7P4TuJB4nVk4oJafP9JwjoqXYV5ZpPmC/TxwLPGuZAYYR
jHhF7Xyq2FYh/yF3jDwNrsWrqb3m5Gqbz15vSj8H3iGJBpurU2Fvqcy2rWNIa5EJ
LFGKP1RQKyms+urokn3TJng1ome8w9w/WHMlFZ8SiP/taZRy9ACGxcvjeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMJcb6Xl5CErwvqvUwzUILzTF38nMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvd2x4dnBlWGtJU3ZDLXE5VEROUWd2Tk1YZnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLVAkAwQC
LV+QMA0EAgACMAcDBQMqDjmAMA0GCSqGSIb3DQEBCwUAA4IBAQCjveiJY7KU+6nI
VUZHyI+dUxqK54BecZaUdDU4gdnrz13SAp0fnDpOTmctuYrO4Kk2nm/JeNHfMBXF
bYEosEEvlFl4NPwiDBYgqumjIJUFVKIY/B+qg3imqFtDotGoYF3WNYoGR/equ/ME
vgmZe/U70+/vBPzFQnZw4QR2weRvo6kAykrRRREFwN9TKXoDpwAVd7PnMkiOzcf9
QYTF6LII7ND4UDVYJqpi+j9zs0n7zZBJfl4zW8NcoKODiO77QX3WLLgNzSZw+/rD
tsIpNLWabo0GEsCQT009qh5TZgYoF1u7BjDmAUco0qmI6Vxqdtkc39jOxpumNwwz
q7C8t+TD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:12 2024 by rpki-client on console-ams.rpki-client.org