Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/BaftqYryumFmy2qHrNKlD1COXUg.roa
File: BaftqYryumFmy2qHrNKlD1COXUg.roa (raw, json)
Hash identifier: ExMA+zQInUOqGSvjxuVU0IISGotIKLPv8BxBav/NcP0=
Subject key identifier: 05:A7:ED:A9:8A:F2:BA:61:66:CB:6A:87:AC:D2:A5:0F:50:8E:5D:48
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0191E2BD1828FFFD8BFA746C31A880FE27D6
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/BaftqYryumFmy2qHrNKlD1COXUg.roa
Signing time: Wed 11 Sep 2024 20:18:48 +0000
ROA not before: Wed 11 Sep 2024 20:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 45.133.38.0/24 maxlen: 24
45.143.96.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.169.181.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 07:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e2:bd:18:28:ff:fd:8b:fa:74:6c:31:a8:80:fe:27:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 11 20:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a7eda98af2ba6166cb6a87acd2a50f508e5d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ec:92:75:38:73:24:70:2b:5d:ae:49:d1:20:
40:8a:aa:07:2f:04:1f:b7:26:4f:bc:b5:ed:6e:aa:
7a:22:c5:6b:35:8d:d5:6f:65:90:6f:83:71:c6:90:
c8:3c:e0:50:6e:3f:b5:eb:93:21:2a:94:05:6d:03:
27:2f:39:f6:05:ff:76:8f:88:4c:72:b8:8d:c8:4b:
24:81:6a:f3:67:26:ac:cc:ed:6e:8c:48:94:82:f9:
9f:8d:d5:c1:7d:42:64:4e:80:06:0b:bd:d1:a8:78:
59:3d:ac:a0:60:cb:bf:f4:f5:b8:86:e6:0a:83:98:
c2:90:59:cf:22:41:f6:99:0b:66:e0:73:3e:0a:d9:
fb:12:c9:b6:1a:87:51:0c:7d:33:a2:51:47:5b:fe:
da:67:6b:74:a0:98:cb:d4:6f:31:ee:d1:25:c5:c4:
99:fe:d4:bc:89:98:40:f2:67:51:05:91:e7:67:76:
fe:a4:6b:fb:20:fe:4a:46:77:69:79:db:da:01:6c:
0f:c7:4e:89:6b:67:a2:fa:09:fe:ee:d2:1b:ff:8c:
49:e5:16:a5:f5:a1:65:06:fa:e9:39:24:9e:de:a5:
c9:c2:e8:a2:de:f7:92:c1:86:5c:cc:8f:18:fa:73:
fe:b4:fc:c1:03:6e:20:4e:4c:4f:50:16:cc:cf:64:
7d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A7:ED:A9:8A:F2:BA:61:66:CB:6A:87:AC:D2:A5:0F:50:8E:5D:48
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/BaftqYryumFmy2qHrNKlD1COXUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.38.0/24
45.143.96.0/24
185.148.243.0/24
185.169.181.0/24
185.169.183.0/24
185.174.20.0/24
185.174.23.0/24
Signature Algorithm: sha256WithRSAEncryption
30:e5:a0:45:9c:d6:21:31:55:25:57:8c:0d:14:d1:38:87:08:
de:11:c7:65:8a:e9:b6:23:dd:2f:06:ae:68:03:71:ca:21:61:
29:43:3f:30:18:61:97:29:a6:93:da:42:57:83:ff:51:e6:fc:
83:f6:ab:b0:f9:82:96:06:10:2e:53:da:64:e4:55:6f:f2:d1:
c6:a8:3f:a3:ae:68:a6:c8:99:e5:68:f9:73:24:01:c3:49:0e:
b2:be:88:c1:a9:7b:23:59:06:a1:72:58:a9:ae:6f:c3:19:37:
73:5a:23:7d:fc:61:29:c1:56:e3:b2:71:6f:e2:91:ad:20:76:
fd:2e:5c:55:29:b0:d0:7e:dc:3c:7a:77:b5:31:cb:f9:ec:aa:
29:29:6d:e9:08:62:49:ac:8a:1a:12:60:00:e5:59:2c:c5:ab:
fd:5a:7f:c4:12:c1:7c:ef:62:15:40:18:9f:0e:1d:84:e5:d6:
ce:91:99:00:ea:dc:48:e8:c8:1b:63:b3:e9:df:f5:c3:54:68:
e5:3d:7f:7f:6c:5b:e9:5b:be:3b:d0:ef:9d:cf:db:c5:d0:1e:
0d:f2:76:c9:96:80:5d:77:51:63:d6:d9:eb:8a:fd:5e:99:f6:
f9:f8:ac:cc:73:f1:f6:98:a1:40:53:29:b6:f7:0f:38:33:6f:
3a:b9:bb:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZHivRgo//2L+nRsMaiA/ifWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwOTExMjAxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWE3ZWRhOThhZjJiYTYxNjZjYjZhODdhY2QyYTUwZjUwOGU1ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eySdThzJHArXa5J0SBAiqoHLwQf
tyZPvLXtbqp6IsVrNY3Vb2WQb4NxxpDIPOBQbj+165MhKpQFbQMnLzn2Bf92j4hM
criNyEskgWrzZyaszO1ujEiUgvmfjdXBfUJkToAGC73RqHhZPaygYMu/9PW4huYK
g5jCkFnPIkH2mQtm4HM+Ctn7Esm2GodRDH0zolFHW/7aZ2t0oJjL1G8x7tElxcSZ
/tS8iZhA8mdRBZHnZ3b+pGv7IP5KRndpedvaAWwPx06Ja2ei+gn+7tIb/4xJ5Ral
9aFlBvrpOSSe3qXJwuii3veSwYZczI8Y+nP+tPzBA24gTkxPUBbMz2R9owIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAWn7amK8rphZstqh6zSpQ9Qjl1IMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvQmFmdHFZcnl1bUZteTJxSHJOS2xEMUNPWFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYUmAwQA
LY9gAwQAuZTzAwQAuam1AwQAuam3AwQAua4UAwQAua4XMA0GCSqGSIb3DQEBCwUA
A4IBAQAw5aBFnNYhMVUlV4wNFNE4hwjeEcdlium2I90vBq5oA3HKIWEpQz8wGGGX
KaaT2kJXg/9R5vyD9quw+YKWBhAuU9pk5FVv8tHGqD+jrmimyJnlaPlzJAHDSQ6y
vojBqXsjWQahcliprm/DGTdzWiN9/GEpwVbjsnFv4pGtIHb9LlxVKbDQftw8ene1
Mcv57KopKW3pCGJJrIoaEmAA5Vksxav9Wn/EEsF872IVQBifDh2E5dbOkZkA6txI
6MgbY7Pp3/XDVGjlPX9/bFvpW7470O+dz9vF0B4N8nbJloBdd1Fj1tnriv1emfb5
+KzMc/H2mKFAUym29w84M286ubuN
-----END CERTIFICATE-----
Generated at Thu Sep 12 09:26:05 2024 by rpki-client on console-fra.rpki-client.org