Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/o3DzQxc2jyFUkViwpiNV9mTH2U8.roa
File: o3DzQxc2jyFUkViwpiNV9mTH2U8.roa (raw, json)
Hash identifier: 3Xc473K+TeINlIlcQ7fgmp50Qw2LNV/5Gs3n1IPeKLg=
Subject key identifier: A3:70:F3:43:17:36:8F:21:54:91:58:B0:A6:23:55:F6:64:C7:D9:4F
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018ED239CD05F175019A59C0613BC44216B2
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/o3DzQxc2jyFUkViwpiNV9mTH2U8.roa
Signing time: Fri 12 Apr 2024 12:13:07 +0000
ROA not before: Fri 12 Apr 2024 12:13:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142019
IP address blocks: 45.93.17.0/24 maxlen: 24
45.155.225.0/24 maxlen: 24
160.238.64.0/24 maxlen: 24
160.238.65.0/24 maxlen: 24
160.238.67.0/24 maxlen: 24
185.245.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 May 2024 14:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:39:cd:05:f1:75:01:9a:59:c0:61:3b:c4:42:16:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 12 12:13:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a370f34317368f21549158b0a62355f664c7d94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ce:23:3d:c1:13:f5:a5:4e:dd:8e:6e:63:20:
06:1d:ef:fd:4f:f3:b9:a8:dc:78:65:66:9c:0f:5d:
85:ce:52:b5:98:eb:93:2b:4f:c1:af:e0:5e:22:f4:
66:5e:41:e0:20:d5:f4:96:18:aa:90:8e:a6:8a:3b:
52:69:cf:c0:65:c9:b0:37:ea:41:52:ac:0e:85:15:
ea:60:f0:91:b6:93:b7:49:cf:ab:75:41:95:27:dc:
51:cc:c1:5c:4a:31:f3:31:78:e0:8d:a3:7f:d5:3d:
6b:8a:63:1d:e6:20:6f:30:0f:ba:46:3e:3e:4d:f3:
18:81:db:4d:e1:11:4e:47:84:71:40:69:ca:0d:0c:
25:12:3a:d8:d7:04:9f:4b:4b:bf:9e:ab:60:08:04:
3e:ad:f8:bf:d4:89:88:36:5b:18:c4:43:10:6b:42:
11:48:7e:a6:ae:a8:ae:d2:fe:0d:79:ff:5b:a4:29:
53:d0:1f:79:89:42:38:a9:7e:0f:af:0e:30:8a:eb:
8e:f6:e3:6d:1a:0c:0b:b5:4f:08:64:01:d8:39:62:
dd:f1:a4:f1:b4:c1:4b:e9:28:94:e4:04:0c:f6:9d:
98:cb:fe:13:b6:be:1d:fe:ee:7c:b0:2b:01:cb:e5:
67:04:ff:7b:55:67:bb:3e:40:fa:d5:a4:7f:8f:6b:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:70:F3:43:17:36:8F:21:54:91:58:B0:A6:23:55:F6:64:C7:D9:4F
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/o3DzQxc2jyFUkViwpiNV9mTH2U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.17.0/24
45.155.225.0/24
160.238.64.0/23
160.238.67.0/24
185.245.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:04:ca:e9:75:3a:e4:d2:83:82:18:bb:c0:1f:26:6d:ed:d3:
cf:e7:e1:28:ce:61:d5:1d:9e:78:d9:17:2e:67:19:27:c1:66:
7a:08:d4:5d:88:86:76:44:91:77:11:b9:47:95:b5:dd:5c:78:
bf:8a:5f:eb:ea:b6:f6:5d:f9:6f:0d:e3:17:ac:e4:38:b9:d1:
8c:ca:c7:ed:bf:b3:aa:6f:84:0b:bb:28:37:a5:f3:67:40:55:
f2:b1:8e:78:b7:3e:6e:20:b0:c4:ec:5e:29:59:4d:f4:fb:01:
80:ba:bb:7e:79:19:20:af:87:68:f1:7b:6a:1e:a5:99:b3:36:
92:e2:1c:95:7f:19:92:9b:2c:66:78:04:e5:a0:4f:b1:be:33:
89:d7:63:66:c8:27:64:44:30:84:8f:d1:d4:fb:01:95:82:48:
ea:83:b1:4f:1c:25:e5:0e:d9:49:f6:6c:92:1b:6a:5b:34:dc:
3f:48:42:5d:75:2b:fb:9d:c2:c3:d9:5f:f3:3e:57:71:09:17:
0c:2f:ee:16:1a:27:87:34:ef:f5:fd:7e:f4:dc:be:16:79:60:
75:69:b2:16:e8:56:f8:f2:70:bd:00:95:36:48:0f:39:aa:d6:
e3:c3:82:47:9d:fb:46:21:bf:9d:57:d4:c8:d9:6d:7d:7a:94:
58:36:ca:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7SOc0F8XUBmlnAYTvEQhayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNDEyMTIxMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcwZjM0MzE3MzY4ZjIxNTQ5MTU4YjBhNjIzNTVmNjY0YzdkOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM4jPcET9aVO3Y5uYyAGHe/9T/O5
qNx4ZWacD12FzlK1mOuTK0/Br+BeIvRmXkHgINX0lhiqkI6mijtSac/AZcmwN+pB
UqwOhRXqYPCRtpO3Sc+rdUGVJ9xRzMFcSjHzMXjgjaN/1T1rimMd5iBvMA+6Rj4+
TfMYgdtN4RFOR4RxQGnKDQwlEjrY1wSfS0u/nqtgCAQ+rfi/1ImINlsYxEMQa0IR
SH6mrqiu0v4Nef9bpClT0B95iUI4qX4Prw4wiuuO9uNtGgwLtU8IZAHYOWLd8aTx
tMFL6SiU5AQM9p2Yy/4Ttr4d/u58sCsBy+VnBP97VWe7PkD61aR/j2sHWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKNw80MXNo8hVJFYsKYjVfZkx9lPMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvbzNEelF4YzJqeUZVa1Zpd3BpTlY5bVRIMlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV0RAwQA
LZvhAwQBoO5AAwQAoO5DAwQAufUDMA0GCSqGSIb3DQEBCwUAA4IBAQB8BMrpdTrk
0oOCGLvAHyZt7dPP5+EozmHVHZ542RcuZxknwWZ6CNRdiIZ2RJF3EblHlbXdXHi/
il/r6rb2XflvDeMXrOQ4udGMysftv7Oqb4QLuyg3pfNnQFXysY54tz5uILDE7F4p
WU30+wGAurt+eRkgr4do8XtqHqWZszaS4hyVfxmSmyxmeATloE+xvjOJ12NmyCdk
RDCEj9HU+wGVgkjqg7FPHCXlDtlJ9mySG2pbNNw/SEJddSv7ncLD2V/zPldxCRcM
L+4WGieHNO/1/X703L4WeWB1abIW6Fb48nC9AJU2SA85qtbjw4JHnftGIb+dV9TI
2W19epRYNspN
-----END CERTIFICATE-----
Generated at Sat May 18 16:25:48 2024 by rpki-client on console-ams.rpki-client.org