Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/TZtQ4cD2LSNDKKd2dmNvnK09Qhk.roa
File: TZtQ4cD2LSNDKKd2dmNvnK09Qhk.roa (raw, json)
Hash identifier: yugNKH8tF+fkUjvmPQ13RNvuNWHlXrImj5YUMudIQnM=
Subject key identifier: 4D:9B:50:E1:C0:F6:2D:23:43:28:A7:76:76:63:6F:9C:AD:3D:42:19
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018DE61D7B60024AE147FD49FEADC5C94833
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/TZtQ4cD2LSNDKKd2dmNvnK09Qhk.roa
Signing time: Mon 26 Feb 2024 15:51:48 +0000
ROA not before: Mon 26 Feb 2024 15:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 45.88.0.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 11:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e6:1d:7b:60:02:4a:e1:47:fd:49:fe:ad:c5:c9:48:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 26 15:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d9b50e1c0f62d234328a77676636f9cad3d4219
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:75:6d:6d:04:74:d9:28:a3:ee:5b:62:5f:16:
a4:47:5b:3e:6e:68:27:ba:4b:24:b4:aa:74:5f:34:
28:33:5a:d1:d2:90:17:5f:b7:79:08:db:1f:26:1f:
e2:a1:cc:bf:ed:e1:de:27:a3:02:18:02:eb:f6:3f:
9a:1c:cc:e8:4f:ca:b2:68:b0:cc:8e:11:e9:87:66:
45:e0:3c:68:81:d4:74:c1:d0:ed:68:9a:fb:b3:ce:
1c:6c:93:9d:5c:e6:e2:bb:d7:e9:29:9f:91:2a:c5:
92:22:a5:2c:f4:a1:f9:cb:c6:71:18:04:3a:ae:34:
c3:02:3e:f0:fa:27:c6:ea:7f:2f:c7:c7:57:e0:67:
31:37:43:51:1a:66:8f:b1:b3:ae:75:40:de:2e:78:
06:cd:56:38:3f:99:c6:80:04:09:4a:38:7c:69:1e:
b5:2b:02:e3:53:cb:fc:78:16:64:92:5f:58:7b:7e:
0b:6d:e5:d8:21:37:10:5d:7f:15:d4:93:bb:16:18:
a8:8b:61:a5:68:3b:31:c0:a8:33:da:0b:41:b3:ac:
41:f2:c0:d8:83:bb:85:7b:f9:b8:31:23:7c:f7:74:
68:25:cc:5e:5c:d1:49:63:90:44:dd:ac:e7:04:be:
2e:5a:85:a9:aa:3b:f2:de:24:51:97:d7:88:b0:fe:
8f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9B:50:E1:C0:F6:2D:23:43:28:A7:76:76:63:6F:9C:AD:3D:42:19
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/TZtQ4cD2LSNDKKd2dmNvnK09Qhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.0.0/24
45.142.1.0-45.142.2.255
45.148.145.0-45.148.146.255
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:92:72:2b:fc:0f:a1:7c:71:d4:0e:6b:f5:b7:4d:b4:a3:21:
04:3f:df:28:15:71:e8:ac:37:90:03:c7:39:66:4d:29:2f:a4:
65:be:df:b0:07:4e:7e:42:74:07:35:10:9e:8c:d7:5e:ef:57:
7f:65:cd:42:5c:b9:18:62:1b:ba:a3:69:79:59:04:b5:94:f6:
56:47:98:35:33:a1:92:e4:e6:32:88:84:a6:28:31:8d:39:1c:
19:82:50:6f:72:72:3d:c1:c5:5e:a4:1f:61:85:0b:d2:99:24:
5e:6a:67:ec:12:79:3c:1c:05:02:bd:cb:64:0b:5d:89:a8:ee:
e5:f4:7d:86:64:b4:c1:61:3c:82:13:7c:fc:4e:f4:ab:9e:a4:
93:6e:f4:2f:c2:04:27:a9:33:de:99:a9:3b:18:27:97:1f:ad:
78:c1:95:5e:c3:38:81:d4:a9:c0:09:7a:08:89:39:ba:89:fe:
3d:00:5e:25:7d:1a:b6:35:96:4c:eb:54:34:fd:16:30:8f:29:
e6:7a:5a:be:52:6d:a8:0f:90:76:81:13:78:88:32:1b:8b:32:
b3:67:8d:22:c2:0a:8f:60:b2:8e:e6:70:a1:f1:99:c5:74:b9:
0c:47:f6:64:53:13:95:7d:d4:c5:7a:95:70:9a:76:ab:32:b8:
3c:8d:4e:b8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY3mHXtgAkrhR/1J/q3FyUgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMjI2MTU1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDliNTBlMWMwZjYyZDIzNDMyOGE3NzY3NjYzNmY5Y2FkM2Q0MjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3VtbQR02Sij7ltiXxakR1s+bmgn
uksktKp0XzQoM1rR0pAXX7d5CNsfJh/iocy/7eHeJ6MCGALr9j+aHMzoT8qyaLDM
jhHph2ZF4DxogdR0wdDtaJr7s84cbJOdXObiu9fpKZ+RKsWSIqUs9KH5y8ZxGAQ6
rjTDAj7w+ifG6n8vx8dX4GcxN0NRGmaPsbOudUDeLngGzVY4P5nGgAQJSjh8aR61
KwLjU8v8eBZkkl9Ye34LbeXYITcQXX8V1JO7Fhioi2GlaDsxwKgz2gtBs6xB8sDY
g7uFe/m4MSN893RoJcxeXNFJY5BE3aznBL4uWoWpqjvy3iRRl9eIsP6P+QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFE2bUOHA9i0jQyindnZjb5ytPUIZMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvVFp0UTRjRDJMU05ES0tkMmRtTnZuSzA5UWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQALVgAMAwD
BAAtjgEDBAAtjgIwDAMEAC2UkQMEAC2UkgMEAbnZiDANBgkqhkiG9w0BAQsFAAOC
AQEAXJJyK/wPoXxx1A5r9bdNtKMhBD/fKBVx6Kw3kAPHOWZNKS+kZb7fsAdOfkJ0
BzUQnozXXu9Xf2XNQly5GGIbuqNpeVkEtZT2VkeYNTOhkuTmMoiEpigxjTkcGYJQ
b3JyPcHFXqQfYYUL0pkkXmpn7BJ5PBwFAr3LZAtdiaju5fR9hmS0wWE8ghN8/E70
q56kk270L8IEJ6kz3pmpOxgnlx+teMGVXsM4gdSpwAl6CIk5uon+PQBeJX0atjWW
TOtUNP0WMI8p5npavlJtqA+QdoETeIgyG4sys2eNIsIKj2CyjuZwofGZxXS5DEf2
ZFMTlX3UxXqVcJp2qzK4PI1OuA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:04 2025 by rpki-client