Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/drnD6JYg0MZ7F_noA1sUAQTj8dg.roa
File: drnD6JYg0MZ7F_noA1sUAQTj8dg.roa (raw, json)
Hash identifier: EWM5nY/jBzS75r+5qFicx+/J7L6AD8xC3XcMdNq/+NU=
Subject key identifier: 76:B9:C3:E8:96:20:D0:C6:7B:17:F9:E8:03:5B:14:01:04:E3:F1:D8
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018E46B7A854C9A2F53896E2CFEE2EC4146B
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/drnD6JYg0MZ7F_noA1sUAQTj8dg.roa
Signing time: Sat 16 Mar 2024 10:03:45 +0000
ROA not before: Sat 16 Mar 2024 10:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210538
IP address blocks: 45.133.36.0/24 maxlen: 24
185.169.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:46:b7:a8:54:c9:a2:f5:38:96:e2:cf:ee:2e:c4:14:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Mar 16 10:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76b9c3e89620d0c67b17f9e8035b140104e3f1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:b0:f2:9f:34:34:49:94:8f:eb:ca:1a:db:
0f:37:94:ba:15:70:3c:36:cf:7f:c1:07:6f:a8:10:
03:57:da:a1:ef:10:3d:75:aa:d1:0a:89:e4:c5:ed:
c6:4d:9e:25:04:e3:cd:0c:64:59:2f:d4:e3:b0:94:
33:e7:ff:a2:15:b8:26:e3:22:63:c9:7e:ce:1e:49:
ac:15:ec:6f:54:3d:0e:6d:8a:b4:d6:6d:49:04:12:
61:08:1a:62:7f:3d:52:39:a7:86:1e:98:a1:b7:01:
4d:cf:70:8a:79:03:f7:6e:63:6d:24:f2:e0:00:df:
61:ec:c5:db:cd:23:3c:8c:9d:94:99:67:8a:78:58:
61:d5:ef:ad:7b:ac:37:09:d4:00:5c:e7:f8:71:50:
81:93:f7:c8:33:d9:6e:5a:b9:1c:93:b5:f0:1d:9c:
17:c1:9e:4f:94:99:09:0e:ad:f6:93:b2:a1:33:46:
bf:0d:34:af:7a:67:37:a6:9e:47:6b:62:21:0e:65:
1c:34:dc:25:06:be:9a:66:d6:7f:d5:03:70:e3:bd:
6f:f5:99:ad:a4:e9:37:7a:ef:76:b7:06:58:9b:7d:
18:d5:8f:82:bd:e7:be:17:29:2e:98:09:64:d5:74:
e7:ae:41:ca:bd:ab:a1:9d:11:69:5d:8d:2d:2b:2e:
ec:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B9:C3:E8:96:20:D0:C6:7B:17:F9:E8:03:5B:14:01:04:E3:F1:D8
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/drnD6JYg0MZ7F_noA1sUAQTj8dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.36.0/24
185.169.180.0/24
Signature Algorithm: sha256WithRSAEncryption
54:79:a6:43:c6:c9:d9:d4:eb:36:0f:6e:93:62:14:a7:84:2b:
50:05:b3:dc:ad:21:1a:81:04:62:8b:ee:aa:1d:06:4d:5f:06:
20:8b:b6:3a:df:7c:1a:29:4c:e9:83:fc:8b:b3:e4:fc:5b:52:
a2:e3:ac:ae:d2:a3:72:7b:88:be:dc:5b:d3:56:b2:b5:fa:bf:
76:04:de:15:ff:0a:fb:5f:90:f8:0e:20:d8:8d:df:de:34:2c:
1f:44:85:90:b6:b0:e2:79:33:da:63:b4:02:62:86:70:a8:36:
a1:d7:03:d2:20:9a:2b:ff:bb:1f:4f:79:ce:53:98:26:2c:6a:
7d:f8:3b:a7:bb:5c:22:47:3d:fe:e2:fd:b8:b6:b8:ff:67:1b:
db:4f:56:ed:08:b1:4c:eb:ed:21:d3:76:64:ac:2a:3e:2f:96:
e5:b1:85:23:eb:0a:8f:3a:da:46:bd:ba:82:fd:f8:30:53:d5:
00:ff:eb:9d:47:a8:2d:18:2c:8e:bb:b5:a7:6b:c9:2b:3a:cf:
39:b7:65:2f:7a:cf:b4:8b:c8:30:2d:9d:24:ae:4e:47:e2:6e:
bb:7d:10:fc:d6:8b:80:e2:78:52:e4:a9:43:1b:37:f0:f2:f3:
4e:c0:28:40:15:68:11:33:87:c8:38:a2:a7:7e:f3:77:04:c5:
a3:ca:98:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5Gt6hUyaL1OJbiz+4uxBRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwMzE2MTAwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI5YzNlODk2MjBkMGM2N2IxN2Y5ZTgwMzViMTQwMTA0ZTNmMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk+w8p80NEmUj+vKGtsPN5S6FXA8
Ns9/wQdvqBADV9qh7xA9darRConkxe3GTZ4lBOPNDGRZL9TjsJQz5/+iFbgm4yJj
yX7OHkmsFexvVD0ObYq01m1JBBJhCBpifz1SOaeGHpihtwFNz3CKeQP3bmNtJPLg
AN9h7MXbzSM8jJ2UmWeKeFhh1e+te6w3CdQAXOf4cVCBk/fIM9luWrkck7XwHZwX
wZ5PlJkJDq32k7KhM0a/DTSvemc3pp5Ha2IhDmUcNNwlBr6aZtZ/1QNw471v9Zmt
pOk3eu92twZYm30Y1Y+Cvee+FykumAlk1XTnrkHKvauhnRFpXY0tKy7snQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHa5w+iWINDGexf56ANbFAEE4/HYMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvZHJuRDZKWWcwTVo3Rl9ub0Exc1VBUVRqOGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYUkAwQA
uam0MA0GCSqGSIb3DQEBCwUAA4IBAQBUeaZDxsnZ1Os2D26TYhSnhCtQBbPcrSEa
gQRii+6qHQZNXwYgi7Y633waKUzpg/yLs+T8W1Ki46yu0qNye4i+3FvTVrK1+r92
BN4V/wr7X5D4DiDYjd/eNCwfRIWQtrDieTPaY7QCYoZwqDah1wPSIJor/7sfT3nO
U5gmLGp9+Dunu1wiRz3+4v24trj/ZxvbT1btCLFM6+0h03ZkrCo+L5blsYUj6wqP
OtpGvbqC/fgwU9UA/+udR6gtGCyOu7Wna8krOs85t2Uves+0i8gwLZ0krk5H4m67
fRD81ouA4nhS5KlDGzfw8vNOwChAFWgRM4fIOKKnfvN3BMWjypi+
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:51:11 2025 by rpki-client