Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Z5CdkEngDdjzhkmnoupGlyxK5R8.roa
File: Z5CdkEngDdjzhkmnoupGlyxK5R8.roa (raw, json)
Hash identifier: PY5zc6ZqsPtGEYiURIz5Y6nRKjgkYQiaMceSz8sivMw=
Subject key identifier: 67:90:9D:90:49:E0:0D:D8:F3:86:49:A7:A2:EA:46:97:2C:4A:E5:1F
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB86018985A2F84B7D23C2A4D06B47E
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Z5CdkEngDdjzhkmnoupGlyxK5R8.roa
Signing time: Sun 01 Jan 2023 09:45:00 +0000
ROA not before: Sun 01 Jan 2023 09:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395886
IP address blocks: 45.81.128.0/24 maxlen: 24
45.135.116.0/23 maxlen: 24
45.91.83.0/24 maxlen: 24
45.91.82.0/24 maxlen: 24
45.91.81.0/24 maxlen: 24
45.91.80.0/24 maxlen: 24
45.155.222.0/23 maxlen: 24
45.140.88.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:60:18:98:5a:2f:84:b7:d2:3c:2a:4d:06:b4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67909d9049e00dd8f38649a7a2ea46972c4ae51f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:76:7e:6e:9b:45:79:2f:19:49:a4:8f:bf:29:
a4:dc:72:2d:af:7e:d5:36:44:e8:08:36:de:6b:de:
cf:06:3c:f6:02:b6:27:a4:5d:68:8b:8e:e4:e1:0e:
55:be:f6:be:4e:dd:c5:14:6c:48:d2:bd:21:5e:de:
59:fd:46:7b:37:b1:4c:d3:d5:0f:26:34:26:81:df:
06:30:62:ca:e8:9e:ed:40:c1:6a:08:eb:d3:39:a8:
f3:b8:bb:05:9b:15:b8:8e:18:c1:ef:76:50:f5:57:
5f:4c:3f:74:3c:a2:64:06:31:ce:37:f5:56:5c:a5:
2e:fa:05:da:5e:8b:b6:d5:85:e8:0e:9f:42:3f:ec:
3e:c8:46:cb:2d:9a:b6:57:cc:2b:b1:22:03:eb:45:
24:af:ad:3f:7f:22:6b:b0:8d:b9:2e:e6:a0:37:4d:
a8:79:4f:ff:14:ac:85:e8:bb:09:2a:d0:85:49:06:
06:65:43:a2:04:6a:1d:de:53:aa:1a:45:9b:09:85:
25:5d:a6:fc:54:e1:31:fc:a6:bf:5c:7b:01:5b:e9:
3a:b7:ed:ff:0e:d4:32:2e:e1:19:2e:a7:1a:7b:fa:
45:d7:29:2f:05:30:58:01:1a:89:63:95:1d:3f:e8:
ba:05:32:ab:38:aa:de:2a:6f:e2:a6:15:51:11:be:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:90:9D:90:49:E0:0D:D8:F3:86:49:A7:A2:EA:46:97:2C:4A:E5:1F
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Z5CdkEngDdjzhkmnoupGlyxK5R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.128.0/24
45.91.80.0/22
45.135.116.0/23
45.140.88.0/23
45.155.222.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:8f:6d:25:50:41:36:57:05:a2:a0:8c:be:d9:88:d4:3c:46:
ad:91:2e:d8:68:d3:4f:f5:fd:64:d9:0a:d9:f8:a9:c5:e1:15:
82:d6:49:46:76:3b:f5:4a:d6:e5:6a:d2:1f:74:f6:c1:f6:f0:
8b:42:d0:18:32:c5:79:d5:e1:4c:3c:9a:c8:e5:30:cb:be:df:
97:f0:22:15:c7:24:e2:b9:9d:ca:c0:7a:3c:52:96:e7:39:3a:
9e:e4:ab:6d:5a:bc:d4:35:93:14:b4:b3:44:31:37:d6:11:04:
b0:20:ca:51:e5:be:b5:e7:42:f1:13:af:0e:68:dc:e7:5c:d2:
d0:b6:1a:07:1a:89:bb:8f:c0:64:ce:c6:57:32:18:78:c3:9c:
39:a3:be:18:55:23:56:9f:db:79:64:4b:1a:c9:46:d0:e9:05:
6a:ff:cc:1f:73:b6:04:68:be:f8:ef:14:6a:8a:89:ed:7b:b9:
d4:15:2c:ed:c4:51:f4:56:d4:e2:61:3f:51:fa:9b:bd:e4:e5:
33:de:e0:d3:fb:78:c5:d6:c8:5f:03:6c:16:fb:72:91:a5:be:
f0:11:aa:4d:88:2c:fd:e3:d8:9b:17:f5:96:28:48:c7:2c:c1:
0a:8b:5f:04:85:d0:d0:35:f7:14:4b:72:f3:fa:97:f6:db:84:
85:08:d6:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsuGAYmFovhLfSPCpNBrR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkwOWQ5MDQ5ZTAwZGQ4ZjM4NjQ5YTdhMmVhNDY5NzJjNGFlNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3Z+bptFeS8ZSaSPvymk3HItr37V
NkToCDbea97PBjz2ArYnpF1oi47k4Q5Vvva+Tt3FFGxI0r0hXt5Z/UZ7N7FM09UP
JjQmgd8GMGLK6J7tQMFqCOvTOajzuLsFmxW4jhjB73ZQ9VdfTD90PKJkBjHON/VW
XKUu+gXaXou21YXoDp9CP+w+yEbLLZq2V8wrsSID60Ukr60/fyJrsI25LuagN02o
eU//FKyF6LsJKtCFSQYGZUOiBGod3lOqGkWbCYUlXab8VOEx/Ka/XHsBW+k6t+3/
DtQyLuEZLqcae/pF1ykvBTBYARqJY5UdP+i6BTKrOKreKm/iphVREb5aXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGeQnZBJ4A3Y84ZJp6LqRpcsSuUfMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvWjVDZGtFbmdEZGp6aGttbm91cEdseXhLNVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVGAAwQC
LVtQAwQBLYd0AwQBLYxYAwQBLZveMA0GCSqGSIb3DQEBCwUAA4IBAQCtj20lUEE2
VwWioIy+2YjUPEatkS7YaNNP9f1k2QrZ+KnF4RWC1klGdjv1StblatIfdPbB9vCL
QtAYMsV51eFMPJrI5TDLvt+X8CIVxyTiuZ3KwHo8UpbnOTqe5KttWrzUNZMUtLNE
MTfWEQSwIMpR5b6150LxE68OaNznXNLQthoHGom7j8BkzsZXMhh4w5w5o74YVSNW
n9t5ZEsayUbQ6QVq/8wfc7YEaL747xRqionte7nUFSztxFH0VtTiYT9R+pu95OUz
3uDT+3jF1shfA2wW+3KRpb7wEapNiCz949ibF/WWKEjHLMEKi18EhdDQNfcUS3Lz
+pf224SFCNbN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:14 2024 by rpki-client on console-ams.rpki-client.org