Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/3xHBkbmeQ0lnv8LROigILl_iX4o.roa
File: 3xHBkbmeQ0lnv8LROigILl_iX4o.roa (raw, json)
Hash identifier: i+UTW4TB3U5ttRCRD7fZgvuxbML18I6PV00mmV7krs4=
Subject key identifier: DF:11:C1:91:B9:9E:43:49:67:BF:C2:D1:3A:28:08:2E:5F:E2:5F:8A
Certificate issuer: /CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Certificate serial: 018E761FE362F8D880DCE31B9A09839BCF86
Authority key identifier: F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/3xHBkbmeQ0lnv8LROigILl_iX4o.roa
Signing time: Mon 25 Mar 2024 14:59:44 +0000
ROA not before: Mon 25 Mar 2024 14:59:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56798
IP address blocks: 45.66.220.0/22 maxlen: 22
45.86.36.0/24 maxlen: 24
185.34.102.0/24 maxlen: 24
185.54.7.0/24 maxlen: 24
193.17.33.0/24 maxlen: 24
2a0f:9180::/29 maxlen: 29
2a10:d440:1::/48 maxlen: 48
2a10:d440:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Apr 2024 04:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:1f:e3:62:f8:d8:80:dc:e3:1b:9a:09:83:9b:cf:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f14a6318b2ed6d0c8234f98208f88de0e9d4698e
Validity
Not Before: Mar 25 14:59:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df11c191b99e434967bfc2d13a28082e5fe25f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:41:62:ed:62:b0:df:21:d3:f9:90:a4:c7:d5:
19:ee:25:93:66:27:ec:94:12:d0:58:27:cb:fb:87:
a0:34:8b:cb:9c:1f:6d:4c:a4:2a:24:30:cd:22:40:
99:b9:f0:7c:d5:e9:8f:b5:a7:31:5a:c9:d1:35:87:
a1:a4:2e:11:7a:8c:6a:52:9f:a7:5e:d0:67:bb:6a:
bc:ee:aa:22:c9:d5:2d:24:59:9d:a8:27:72:a5:e1:
cf:10:74:e6:be:bb:cf:37:8d:5a:ee:9c:fb:08:1d:
f2:29:35:02:07:3f:ae:d3:66:9b:28:8a:55:c2:5f:
2b:2f:2d:74:c1:68:9e:22:3a:c4:a4:be:f3:25:b3:
f6:18:f1:a8:f2:dd:a4:05:a7:33:05:21:4a:08:6d:
e7:a3:a3:a4:d9:11:40:7a:33:df:78:84:2f:d3:d3:
fd:44:29:2a:e7:e3:86:2d:1d:4b:99:50:39:1c:3b:
90:eb:b1:fb:06:42:e4:ff:7d:fa:e0:49:bf:cc:26:
8a:c7:e6:f7:ce:fd:19:54:7a:60:a5:13:9d:c5:59:
72:46:f2:66:fb:67:27:56:d3:ee:a7:c2:8f:6a:73:
4d:5c:79:ff:e7:53:a5:05:03:e8:66:96:4d:6d:35:
d7:6e:53:75:63:73:02:cd:b2:0c:f9:78:95:e8:0e:
92:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:11:C1:91:B9:9E:43:49:67:BF:C2:D1:3A:28:08:2E:5F:E2:5F:8A
X509v3 Authority Key Identifier:
keyid:F1:4A:63:18:B2:ED:6D:0C:82:34:F9:82:08:F8:8D:E0:E9:D4:69:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8UpjGLLtbQyCNPmCCPiN4OnUaY4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/3xHBkbmeQ0lnv8LROigILl_iX4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/335797-9b21-4c50-b044-c86ed4862501/1/8UpjGLLtbQyCNPmCCPiN4OnUaY4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.220.0/22
45.86.36.0/24
185.34.102.0/24
185.54.7.0/24
193.17.33.0/24
IPv6:
2a0f:9180::/29
2a10:d440:1::-2a10:d440:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:16:04:1b:42:ff:66:70:13:e7:ba:2f:1e:1c:88:9f:cc:b3:
4c:4b:bd:55:17:6e:57:a3:10:c4:0c:08:43:0d:a2:cb:ab:93:
04:98:4d:a0:0d:1c:17:39:f5:bd:6b:1a:19:45:f4:fa:89:83:
e7:f4:11:ac:35:6a:07:96:b2:55:09:77:f7:ec:4d:a9:ab:31:
e8:72:2d:b5:95:b2:10:cd:d0:79:97:02:14:0c:25:2c:bd:c0:
10:04:b4:f5:c3:b1:65:a5:7d:4a:60:35:47:e7:34:6d:8e:0d:
82:cc:69:d1:b4:1d:49:d4:db:8b:12:c6:19:bb:d8:62:bd:42:
1f:cf:2f:b0:b9:c4:54:d4:f2:6b:6c:bb:5e:ef:42:65:56:57:
8d:f3:4d:4a:a9:6a:86:a0:16:74:3d:64:a5:d1:65:98:5e:1a:
df:68:1a:73:28:05:b2:a5:fe:62:40:96:24:3e:51:e9:87:64:
ff:48:cb:d0:ff:38:8b:17:9d:b7:6e:70:d3:eb:df:ad:b1:c8:
20:c9:91:2c:97:d8:fd:4c:e0:5c:59:d9:6f:5f:42:3d:ec:14:
70:b5:62:a7:79:d7:c0:d1:4b:2a:8d:71:10:7a:c9:06:bf:b1:
63:db:d5:e6:c8:14:e0:4a:5e:7f:c7:10:b7:2d:8c:26:be:27:
52:10:43:9f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY52H+Ni+NiA3OMbmgmDm8+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNGE2MzE4YjJlZDZkMGM4MjM0Zjk4MjA4Zjg4ZGUwZTlk
NDY5OGUwHhcNMjQwMzI1MTQ1OTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjExYzE5MWI5OWU0MzQ5NjdiZmMyZDEzYTI4MDgyZTVmZTI1ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUFi7WKw3yHT+ZCkx9UZ7iWTZifs
lBLQWCfL+4egNIvLnB9tTKQqJDDNIkCZufB81emPtacxWsnRNYehpC4ReoxqUp+n
XtBnu2q87qoiydUtJFmdqCdypeHPEHTmvrvPN41a7pz7CB3yKTUCBz+u02abKIpV
wl8rLy10wWieIjrEpL7zJbP2GPGo8t2kBaczBSFKCG3no6Ok2RFAejPfeIQv09P9
RCkq5+OGLR1LmVA5HDuQ67H7BkLk/3364Em/zCaKx+b3zv0ZVHpgpROdxVlyRvJm
+2cnVtPup8KPanNNXHn/51OlBQPoZpZNbTXXblN1Y3MCzbIM+XiV6A6SGwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFN8RwZG5nkNJZ7/C0TooCC5f4l+KMB8GA1UdIwQY
MBaAFPFKYxiy7W0MgjT5ggj4jeDp1GmOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQt
Yzg2ZWQ0ODYyNTAxLzEvM3hIQmtibWVRMGxudjhMUk9pZ0lMbF9pWDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zMzU3OTctOWIyMS00YzUwLWIwNDQtYzg2ZWQ0ODYyNTAx
LzEvOFVwakdMTHRiUXlDTlBtQ0NQaU40T25VYVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAkBAIAATAeAwQCLULcAwQA
LVYkAwQAuSJmAwQAuTYHAwQAwREhMCEEAgACMBsDBQMqD5GAMBIDBwAqENRAAAED
BwAqENRAAAIwDQYJKoZIhvcNAQELBQADggEBAEcWBBtC/2ZwE+e6Lx4ciJ/Ms0xL
vVUXblejEMQMCEMNosurkwSYTaANHBc59b1rGhlF9PqJg+f0Eaw1ageWslUJd/fs
TamrMehyLbWVshDN0HmXAhQMJSy9wBAEtPXDsWWlfUpgNUfnNG2ODYLMadG0HUnU
24sSxhm72GK9Qh/PL7C5xFTU8mtsu17vQmVWV43zTUqpaoagFnQ9ZKXRZZheGt9o
GnMoBbKl/mJAliQ+UemHZP9Iy9D/OIsXnbducNPr362xyCDJkSyX2P1M4FxZ2W9f
Qj3sFHC1Yqd518DRSyqNcRB6yQa/sWPb1ebIFOBKXn/HELctjCa+J1IQQ58=
-----END CERTIFICATE-----
Generated at Fri Apr 26 07:41:46 2024 by rpki-client on console.sobornost.net