Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/tCMj-QuomvaWXY2JsoyFRJ9w4Jg.roa
File: tCMj-QuomvaWXY2JsoyFRJ9w4Jg.roa (raw, json)
Hash identifier: cVJJ5V+YibYD347upMGuF8kKyc/YgcTeqOJdrjRqDDE=
Subject key identifier: B4:23:23:F9:0B:A8:9A:F6:96:5D:8D:89:B2:8C:85:44:9F:70:E0:98
Certificate issuer: /CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Certificate serial: 01856D787486336D77E2629197DDC2CB94AA
Authority key identifier: D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/tCMj-QuomvaWXY2JsoyFRJ9w4Jg.roa
Signing time: Sun 01 Jan 2023 13:14:48 +0000
ROA not before: Sun 01 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134589
IP address blocks: 145.34.4.0/24 maxlen: 24
145.34.0.0/21 maxlen: 24
145.34.8.0/21 maxlen: 24
145.34.128.0/21 maxlen: 24
145.34.136.0/21 maxlen: 24
145.34.32.0/24 maxlen: 24
145.34.32.0/21 maxlen: 24
145.34.144.0/24 maxlen: 24
145.34.145.0/24 maxlen: 24
145.34.149.0/24 maxlen: 24
145.34.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:74:86:33:6d:77:e2:62:91:97:dd:c2:cb:94:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a38542cfdb1ee6e075eae6b101e7bb5b14c436
Validity
Not Before: Jan 1 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b42323f90ba89af6965d8d89b28c85449f70e098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:93:94:6a:5e:01:bf:5d:40:58:75:97:08:e6:
56:b1:da:44:89:17:d8:d0:d4:2b:73:e2:74:2b:1b:
95:2a:6f:18:b9:9e:70:b5:ed:52:6c:cd:f2:e8:df:
a3:44:65:33:c9:bc:d9:8b:42:e6:48:79:eb:dc:24:
ce:f1:c3:67:90:03:90:9b:b1:ac:b8:c3:4b:d6:f8:
1f:72:0a:d4:01:11:01:cb:cc:24:39:96:86:d8:65:
aa:4d:20:f3:60:b0:a1:3f:bc:b4:af:15:82:3d:2e:
f9:20:17:fc:10:95:a5:cd:3f:8e:81:0b:33:68:37:
8c:5e:f0:74:00:c3:a2:e5:04:d0:b2:9d:db:c4:d9:
6e:ca:0f:31:52:6c:38:18:24:80:6a:0a:00:f3:31:
1d:55:01:7e:5e:c9:2b:6c:86:c3:ea:b6:99:40:16:
a3:40:19:61:2e:0c:09:40:5b:dc:b7:bc:74:a3:56:
16:8f:f6:fe:30:4b:67:fc:c6:b8:f0:c3:b6:8e:52:
7e:9d:de:8f:8d:13:d3:12:75:c8:02:17:6f:11:46:
55:35:d3:f2:a3:21:0d:1e:64:7a:40:47:1a:2f:46:
31:65:a3:14:2e:ca:c3:e6:bc:62:18:40:29:8a:1c:
44:a6:5f:3a:05:72:b7:61:b7:28:72:04:6d:ab:73:
a1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:23:23:F9:0B:A8:9A:F6:96:5D:8D:89:B2:8C:85:44:9F:70:E0:98
X509v3 Authority Key Identifier:
keyid:D0:A3:85:42:CF:DB:1E:E6:E0:75:EA:E6:B1:01:E7:BB:5B:14:C4:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KOFQs_bHubgdermsQHnu1sUxDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/tCMj-QuomvaWXY2JsoyFRJ9w4Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/3f04c9-e6e1-4506-b8fa-40d1911fa7f3/1/0KOFQs_bHubgdermsQHnu1sUxDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.34.0.0/20
145.34.32.0/21
145.34.128.0-145.34.145.255
145.34.148.0/23
Signature Algorithm: sha256WithRSAEncryption
99:95:9e:ac:29:9e:11:88:88:db:fc:60:55:cf:f9:41:44:16:
10:89:96:81:a0:4b:44:c0:f3:b1:14:96:ce:87:c4:d3:9a:1d:
18:66:13:65:ab:b1:73:e2:ce:e3:db:e7:2d:0d:43:e5:52:d9:
6b:5b:ac:47:38:2e:68:fd:90:11:8a:11:72:cc:29:89:41:71:
8c:83:36:83:30:e9:1b:9b:37:f7:2d:a5:87:dd:fc:50:d4:b3:
5e:4e:87:e3:f4:5c:e4:1e:e7:09:aa:1b:2f:a8:f5:e8:d0:d8:
2a:5c:bb:ed:9e:65:d7:ec:b4:fc:f8:65:fb:75:7b:77:69:9a:
65:c6:c1:a3:74:ec:ab:eb:22:6f:11:d0:fb:a2:87:d7:54:67:
4c:d6:55:05:63:6b:1a:87:4e:ae:d0:83:e2:99:34:b1:85:47:
15:2a:8b:8b:ec:e5:9f:c6:62:1a:76:7b:38:57:27:bc:1f:9f:
9e:37:ae:bb:47:b6:d4:65:e7:cd:e3:93:14:65:aa:55:d7:b8:
ed:47:ad:8d:a7:9e:50:d8:c3:f8:8f:96:45:34:f0:bf:59:e4:
80:c1:80:31:e1:aa:86:a7:20:f3:f2:b4:6c:ab:73:d8:85:db:
fb:74:f1:c3:a7:b1:a7:b9:0f:8b:5e:04:4b:f1:62:69:f4:44:
6e:0e:65:7d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVteHSGM2134mKRl93Cy5SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYTM4NTQyY2ZkYjFlZTZlMDc1ZWFlNmIxMDFlN2JiNWIx
NGM0MzYwHhcNMjMwMTAxMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDIzMjNmOTBiYTg5YWY2OTY1ZDhkODliMjhjODU0NDlmNzBlMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJOUal4Bv11AWHWXCOZWsdpEiRfY
0NQrc+J0KxuVKm8YuZ5wte1SbM3y6N+jRGUzybzZi0LmSHnr3CTO8cNnkAOQm7Gs
uMNL1vgfcgrUAREBy8wkOZaG2GWqTSDzYLChP7y0rxWCPS75IBf8EJWlzT+OgQsz
aDeMXvB0AMOi5QTQsp3bxNluyg8xUmw4GCSAagoA8zEdVQF+XskrbIbD6raZQBaj
QBlhLgwJQFvct7x0o1YWj/b+MEtn/Ma48MO2jlJ+nd6PjRPTEnXIAhdvEUZVNdPy
oyENHmR6QEcaL0YxZaMULsrD5rxiGEApihxEpl86BXK3YbcocgRtq3Oh4QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLQjI/kLqJr2ll2NibKMhUSfcOCYMB8GA1UdIwQY
MBaAFNCjhULP2x7m4HXq5rEB57tbFMQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEt
NDBkMTkxMWZhN2YzLzEvdENNai1RdW9tdmFXWFkySnNveUZSSjl3NEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8zZjA0YzktZTZlMS00NTA2LWI4ZmEtNDBkMTkxMWZhN2Yz
LzEvMEtPRlFzX2JIdWJnZGVybXNRSG51MXNVeERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEkSIAAwQD
kSIgMAwDBAeRIoADBAGRIpADBAGRIpQwDQYJKoZIhvcNAQELBQADggEBAJmVnqwp
nhGIiNv8YFXP+UFEFhCJloGgS0TA87EUls6HxNOaHRhmE2WrsXPizuPb5y0NQ+VS
2WtbrEc4Lmj9kBGKEXLMKYlBcYyDNoMw6RubN/ctpYfd/FDUs15Oh+P0XOQe5wmq
Gy+o9ejQ2Cpcu+2eZdfstPz4Zft1e3dpmmXGwaN07KvrIm8R0Puih9dUZ0zWVQVj
axqHTq7Qg+KZNLGFRxUqi4vs5Z/GYhp2ezhXJ7wfn543rrtHttRl583jkxRlqlXX
uO1HrY2nnlDYw/iPlkU08L9Z5IDBgDHhqoanIPPytGyrc9iF2/t08cOnsae5D4te
BEvxYmn0RG4OZX0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:10 2024 by rpki-client on console-ams.rpki-client.org