Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5EA9Wp_WWTeeNFue4r4ykCIYXBQ.roa
File: 5EA9Wp_WWTeeNFue4r4ykCIYXBQ.roa (raw, json)
Hash identifier: RLkYe4LaMxW7yakuhgyessA6uZ46yJFeX7oSmMKbxAI=
Subject key identifier: E4:40:3D:5A:9F:D6:59:37:9E:34:5B:9E:E2:BE:32:90:22:18:5C:14
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 018AD05D68ED0893D319A83B4669B71E1F7D
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5EA9Wp_WWTeeNFue4r4ykCIYXBQ.roa
Signing time: Tue 26 Sep 2023 07:21:37 +0000
ROA not before: Tue 26 Sep 2023 07:21:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48305
IP address blocks: 45.148.0.0/22 maxlen: 22
91.242.128.0/22 maxlen: 24
185.86.184.0/22 maxlen: 22
91.242.132.0/22 maxlen: 22
2a03:77e0:5301::/48 maxlen: 48
2a03:77e0:4401::/48 maxlen: 48
2a03:77e0:3301::/48 maxlen: 48
2a03:77e0:3302::/48 maxlen: 48
2a0f:4400::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:5d:68:ed:08:93:d3:19:a8:3b:46:69:b7:1e:1f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Sep 26 07:21:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4403d5a9fd659379e345b9ee2be329022185c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0a:b4:ab:e1:ab:2b:49:dd:68:50:2d:8f:e6:
ab:66:39:d2:56:81:a5:59:08:dc:04:13:7e:81:43:
2c:c8:f0:da:6e:fc:42:54:76:b2:aa:96:b6:04:22:
9d:b9:aa:e6:bf:3b:da:c3:59:34:e0:dc:8d:70:26:
e3:d9:f5:41:58:dd:1a:a0:1f:c0:0b:86:e3:ed:1d:
8c:e5:a9:c3:fc:1b:f3:04:4e:11:e4:64:cd:01:0a:
a6:15:a8:38:99:3f:e0:9a:bc:1c:a4:e0:bd:63:b3:
17:33:2e:dc:f7:d1:cb:7a:7b:82:31:b6:84:67:16:
83:77:e5:3e:d4:ce:9d:97:08:09:c3:4b:df:9e:f6:
f7:ce:34:6c:d4:bb:e2:44:d4:b1:74:34:26:06:8f:
4c:3f:f6:22:17:e7:ff:03:dd:74:6f:3d:de:67:6a:
9c:68:84:02:e6:c4:da:8d:f3:b5:7f:c1:f7:90:e9:
b0:e7:d2:77:21:56:ea:cb:73:f1:4c:20:b3:82:23:
c8:39:59:9b:60:44:8f:8c:e0:c4:a1:43:fd:06:2b:
d8:04:70:3d:89:16:58:30:1f:c0:06:fa:a2:77:a1:
97:d2:b3:81:6e:f6:b8:8f:47:d5:32:54:ad:f8:45:
20:40:59:ba:41:4d:ec:15:cf:b2:64:61:0a:ef:db:
c4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:40:3D:5A:9F:D6:59:37:9E:34:5B:9E:E2:BE:32:90:22:18:5C:14
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/5EA9Wp_WWTeeNFue4r4ykCIYXBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.0.0/22
91.242.128.0/21
185.86.184.0/22
IPv6:
2a03:77e0:3301::-2a03:77e0:3302:ffff:ffff:ffff:ffff:ffff
2a03:77e0:4401::/48
2a03:77e0:5301::/48
2a0f:4400::/29
Signature Algorithm: sha256WithRSAEncryption
40:ee:06:5e:b5:3f:49:48:dd:f1:9e:38:2c:e0:25:bc:7b:99:
36:c6:26:ff:57:dd:a3:ae:e5:b8:e7:23:8f:64:f6:35:57:ab:
74:94:e7:d6:41:a7:00:32:73:59:db:36:ef:33:7a:ea:7f:82:
17:07:f2:4b:4f:ff:f6:3d:73:3c:c4:35:4a:6c:33:f7:95:19:
5a:04:02:c9:8d:8c:66:8c:44:34:2d:d5:ad:c1:f5:07:fe:d3:
47:b8:52:cf:fd:60:0a:8c:f2:23:a8:7c:85:b2:08:9c:42:d1:
31:78:5a:1d:bf:75:e4:38:bd:53:0e:8f:ef:ed:5d:70:1d:6f:
4a:82:69:ad:3b:89:9d:7f:d8:3c:20:ff:d7:b8:8e:95:80:2d:
aa:9d:5b:c8:9b:b0:e6:00:8a:5b:31:bb:4d:29:20:1a:59:06:
55:9d:6f:84:5d:9f:ed:9b:ad:30:8a:68:7c:92:e3:69:83:3e:
fb:24:d0:89:a2:21:df:a8:fe:6f:6a:b3:a4:15:d1:30:8a:0c:
f1:12:27:d6:1a:cf:38:c5:46:4e:d3:8c:52:a4:db:c9:fd:f9:
81:3d:2e:9d:d0:bf:1c:a4:41:d4:20:54:48:0f:2d:4d:56:b0:
45:85:3e:76:d6:6e:04:3e:38:d6:62:aa:60:38:b1:8c:e8:87:
ff:03:0e:bb
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYrQXWjtCJPTGag7Rmm3Hh99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjMwOTI2MDcyMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQwM2Q1YTlmZDY1OTM3OWUzNDViOWVlMmJlMzI5MDIyMTg1YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgq0q+GrK0ndaFAtj+arZjnSVoGl
WQjcBBN+gUMsyPDabvxCVHayqpa2BCKduarmvzvaw1k04NyNcCbj2fVBWN0aoB/A
C4bj7R2M5anD/BvzBE4R5GTNAQqmFag4mT/gmrwcpOC9Y7MXMy7c99HLenuCMbaE
ZxaDd+U+1M6dlwgJw0vfnvb3zjRs1LviRNSxdDQmBo9MP/YiF+f/A910bz3eZ2qc
aIQC5sTajfO1f8H3kOmw59J3IVbqy3PxTCCzgiPIOVmbYESPjODEoUP9BivYBHA9
iRZYMB/ABvqid6GX0rOBbva4j0fVMlSt+EUgQFm6QU3sFc+yZGEK79vEiwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFORAPVqf1lk3njRbnuK+MpAiGFwUMB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvNUVBOVdwX1dXVGVlTkZ1ZTRyNHlrQ0lZWEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQCLZQAAwQD
W/KAAwQCuVa4MDMEAgACMC0wEgMHACoDd+AzAQMHACoDd+AzAgMHACoDd+BEAQMH
ACoDd+BTAQMFAyoPRAAwDQYJKoZIhvcNAQELBQADggEBAEDuBl61P0lI3fGeOCzg
Jbx7mTbGJv9X3aOu5bjnI49k9jVXq3SU59ZBpwAyc1nbNu8zeup/ghcH8ktP//Y9
czzENUpsM/eVGVoEAsmNjGaMRDQt1a3B9Qf+00e4Us/9YAqM8iOofIWyCJxC0TF4
Wh2/deQ4vVMOj+/tXXAdb0qCaa07iZ1/2Dwg/9e4jpWALaqdW8ibsOYAilsxu00p
IBpZBlWdb4Rdn+2brTCKaHyS42mDPvsk0ImiId+o/m9qs6QV0TCKDPESJ9YazzjF
Rk7TjFKk28n9+YE9Lp3QvxykQdQgVEgPLU1WsEWFPnbWbgQ+ONZiqmA4sYzoh/8D
Drs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:26 2024 by rpki-client on console.sobornost.net