Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/8hUtXtZvcSn7_ik1nncO1CzsKcw.roa
File: 8hUtXtZvcSn7_ik1nncO1CzsKcw.roa (raw, json)
Hash identifier: mcF0ECuIA80BAJXemWDMBi/DGo+rmD2+V8Xurj5/LGg=
Subject key identifier: F2:15:2D:5E:D6:6F:71:29:FB:FE:29:35:9E:77:0E:D4:2C:EC:29:CC
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB859B2FB89F49F4EE6CFB445BC2B9A
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/8hUtXtZvcSn7_ik1nncO1CzsKcw.roa
Signing time: Sun 01 Jan 2023 09:44:58 +0000
ROA not before: Sun 01 Jan 2023 09:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 45.133.238.0/24 maxlen: 24
45.133.239.0/24 maxlen: 24
45.135.118.0/24 maxlen: 24
45.135.119.0/24 maxlen: 24
45.140.90.0/24 maxlen: 24
45.140.91.0/24 maxlen: 24
185.106.178.0/24 maxlen: 24
185.106.177.0/24 maxlen: 24
185.106.179.0/24 maxlen: 24
2a06:5040:3::/48 maxlen: 48
2a06:5040:20::/45 maxlen: 45
2a06:5040:30::/45 maxlen: 48
2a06:5040:5040::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 19 Nov 2023 09:41:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:59:b2:fb:89:f4:9f:4e:e6:cf:b4:45:bc:2b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2152d5ed66f7129fbfe29359e770ed42cec29cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7e:c1:3c:79:53:a5:b6:1e:01:9d:c1:61:09:
f4:21:26:72:f7:d7:b8:d3:b1:6a:c9:60:3e:a4:9b:
8f:a8:5b:93:38:d9:ed:1f:04:ca:c6:e3:f8:cc:9b:
25:8e:a7:0c:d4:1d:20:f8:64:17:c1:49:b5:a2:ab:
e5:ac:3f:bd:43:e3:dd:5b:c4:4f:b8:ea:db:d9:4a:
2f:a3:51:5e:22:4c:a4:ab:99:9a:58:f2:a6:c9:a4:
2e:7f:ce:1f:fc:5a:da:20:bf:74:04:37:b1:93:d8:
65:79:08:68:02:5c:60:75:a3:76:83:04:f1:64:1e:
dc:2c:54:ae:f8:c8:41:92:bb:d2:31:40:7f:a8:85:
b8:4f:3a:77:e6:f3:b0:39:7d:dc:29:2f:72:26:77:
a4:1c:28:00:f1:36:5c:c0:76:53:82:2f:7d:7f:bd:
e6:e9:8d:b0:6d:5d:3a:9f:6d:19:03:0c:a6:bb:ec:
c7:cf:d3:01:5e:40:54:e4:4f:4e:39:98:a5:c7:a9:
dc:a8:37:15:25:b9:d2:a3:e5:8d:35:f2:4a:9f:d3:
21:ea:72:9a:fc:e7:60:5e:77:f9:d7:96:a1:c6:02:
14:8e:0c:63:2c:4f:46:86:4f:60:10:f0:36:ba:0f:
13:2a:b1:af:5c:cc:5b:61:fd:be:22:d6:e2:9c:dd:
39:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:15:2D:5E:D6:6F:71:29:FB:FE:29:35:9E:77:0E:D4:2C:EC:29:CC
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/8hUtXtZvcSn7_ik1nncO1CzsKcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.238.0/23
45.135.118.0/23
45.140.90.0/23
185.106.177.0-185.106.179.255
IPv6:
2a06:5040:3::/48
2a06:5040:20::/45
2a06:5040:30::/45
2a06:5040:5040::/48
Signature Algorithm: sha256WithRSAEncryption
69:82:37:5b:12:9b:e6:76:93:22:c6:e7:24:92:b4:8c:f4:35:
11:3b:26:cd:2f:38:f1:ef:fe:46:de:9c:e6:13:da:26:a9:04:
54:01:d3:12:db:c9:bb:96:8c:77:9f:d2:e1:fc:5c:ad:c4:1c:
68:55:86:34:5b:97:01:be:40:3e:9a:3f:7f:38:98:57:72:f7:
6d:2e:39:b3:5b:4e:f7:be:88:be:87:28:ac:25:2c:f6:7d:26:
c2:e0:93:dc:21:0c:16:22:f6:33:2c:b8:50:48:0b:37:f6:5c:
8a:5b:2e:06:60:35:4e:cd:b1:28:ed:4c:a6:89:44:b6:53:09:
4c:ea:f6:9d:d3:29:da:12:19:1e:c7:e8:80:14:d2:fc:c9:47:
24:36:9a:76:1c:bb:60:9d:62:7a:28:d8:33:09:3f:19:b2:1e:
75:35:88:1f:04:cc:f4:76:f1:7e:ab:b7:16:3b:e9:75:7a:0e:
d1:ee:6e:ca:b6:3b:79:c1:70:e1:c4:8a:32:72:84:eb:9d:87:
d7:a8:d5:77:70:a9:3f:bb:a8:18:a7:a7:c5:1a:f1:1c:fd:ba:
78:03:af:e0:e6:1d:c2:0c:9a:18:b4:19:ee:ee:51:03:e5:33:
96:29:a7:7f:41:f2:cb:fd:42:48:3d:4f:f5:8d:80:a7:2a:2d:
d4:69:a4:48
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVsuFmy+4n0n07mz7RFvCuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjE1MmQ1ZWQ2NmY3MTI5ZmJmZTI5MzU5ZTc3MGVkNDJjZWMyOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj37BPHlTpbYeAZ3BYQn0ISZy99e4
07FqyWA+pJuPqFuTONntHwTKxuP4zJsljqcM1B0g+GQXwUm1oqvlrD+9Q+PdW8RP
uOrb2Uovo1FeIkykq5maWPKmyaQuf84f/FraIL90BDexk9hleQhoAlxgdaN2gwTx
ZB7cLFSu+MhBkrvSMUB/qIW4Tzp35vOwOX3cKS9yJnekHCgA8TZcwHZTgi99f73m
6Y2wbV06n20ZAwymu+zHz9MBXkBU5E9OOZilx6ncqDcVJbnSo+WNNfJKn9Mh6nKa
/OdgXnf515ahxgIUjgxjLE9Ghk9gEPA2ug8TKrGvXMxbYf2+ItbinN05UwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFPIVLV7Wb3Ep+/4pNZ53DtQs7CnMMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvOGhVdFh0WnZjU243X2lrMW5uY08xQ3pzS2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDAmBAIAATAgAwQBLYXuAwQB
LYd2AwQBLYxaMAwDBAC5arEDBAK5arAwKgQCAAIwJAMHACoGUEAAAwMHAyoGUEAA
IAMHAyoGUEAAMAMHACoGUEBQQDANBgkqhkiG9w0BAQsFAAOCAQEAaYI3WxKb5naT
IsbnJJK0jPQ1ETsmzS848e/+Rt6c5hPaJqkEVAHTEtvJu5aMd5/S4fxcrcQcaFWG
NFuXAb5APpo/fziYV3L3bS45s1tO976IvocorCUs9n0mwuCT3CEMFiL2Myy4UEgL
N/ZcilsuBmA1Ts2xKO1MpolEtlMJTOr2ndMp2hIZHsfogBTS/MlHJDaadhy7YJ1i
eijYMwk/GbIedTWIHwTM9Hbxfqu3FjvpdXoO0e5uyrY7ecFw4cSKMnKE652H16jV
d3CpP7uoGKenxRrxHP26eAOv4OYdwgyaGLQZ7u5RA+Uzlimnf0Hyy/1CSD1P9Y2A
pyot1GmkSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org