Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/94Td8mD3sFRHJ0hNRdoqszz6Jg8.roa
File: 94Td8mD3sFRHJ0hNRdoqszz6Jg8.roa (raw, json)
Hash identifier: AvgkIg3o0L0InH5kCKDi75AViCgsRwW/KqKHcVqQpH4=
Subject key identifier: F7:84:DD:F2:60:F7:B0:54:47:27:48:4D:45:DA:2A:B3:3C:FA:26:0F
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01942748943F4D02343917688BAAE6000E75
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/94Td8mD3sFRHJ0hNRdoqszz6Jg8.roa
Signing time: Thu 02 Jan 2025 13:50:55 +0000
ROA not before: Thu 02 Jan 2025 13:50:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152586
IP address blocks: 2.58.201.0/24 maxlen: 24
2.58.202.0/24 maxlen: 24
45.11.230.0/23 maxlen: 23
45.11.230.0/24 maxlen: 24
45.11.231.0/24 maxlen: 24
45.134.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:94:3f:4d:02:34:39:17:68:8b:aa:e6:00:0e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f784ddf260f7b0544727484d45da2ab33cfa260f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5d:30:e9:f2:af:ed:36:68:29:06:63:dd:dc:
f5:72:75:9b:43:c5:25:99:c9:e3:31:f1:04:3e:81:
f3:64:99:b4:d2:7b:4b:60:d5:c2:17:94:97:c2:3e:
77:83:b9:ea:5d:ee:03:54:7a:85:21:d9:27:96:b6:
76:d2:a1:3a:db:aa:08:9a:86:c9:2b:66:51:28:d5:
12:a5:dd:13:c4:e0:dc:f2:73:f0:97:d0:ee:d1:c1:
c1:f0:6e:21:ac:49:00:2a:8d:f9:6a:96:2e:b9:30:
38:01:72:53:b8:bf:c1:e7:08:c1:26:38:46:45:ea:
f1:52:7f:e3:27:12:4d:5f:72:45:05:c4:90:10:de:
ee:77:d8:f3:0e:24:bb:dd:42:69:0f:b7:12:a5:61:
b4:43:5f:f4:f9:8a:8a:ea:b9:74:53:42:51:1a:ef:
61:db:09:42:2c:f4:70:9f:d1:b8:2f:4b:0b:98:d1:
52:87:36:22:71:09:c1:94:6c:fc:05:d5:1a:de:2d:
af:52:f2:05:67:79:0b:61:a2:ba:33:ad:c1:0d:ea:
1c:16:be:4a:9e:47:b3:0b:11:46:68:96:27:3b:5f:
eb:5c:36:f2:77:17:25:57:92:55:a4:4e:c0:be:7d:
67:2b:85:da:ec:be:91:27:b7:11:2f:09:0b:64:15:
9c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:84:DD:F2:60:F7:B0:54:47:27:48:4D:45:DA:2A:B3:3C:FA:26:0F
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/94Td8mD3sFRHJ0hNRdoqszz6Jg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.201.0-2.58.202.255
45.11.230.0/23
45.134.111.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:28:0d:ce:50:d9:6b:bd:cc:4f:e7:0e:e0:59:fa:69:13:b7:
ca:00:24:0e:fc:1b:c7:89:0d:e1:59:19:34:6c:3e:32:8b:68:
0a:66:69:08:aa:14:69:54:97:67:1c:4b:3b:c6:7d:5d:e7:08:
93:45:60:c5:87:77:8c:95:8a:4a:dc:3a:56:74:d8:f4:2d:29:
1e:c8:ac:18:9e:8e:82:0f:7a:62:9b:9b:e5:f1:ed:21:f8:a5:
43:46:27:01:90:f6:49:9d:66:cf:03:80:f0:fb:84:21:f7:00:
81:99:2a:b5:d3:93:09:9a:bc:5f:63:48:84:0a:7a:6e:91:32:
ff:06:31:dc:66:35:b1:35:14:bf:07:9d:83:97:8f:7a:34:11:
90:56:f4:95:37:52:0e:45:aa:12:7b:01:1b:1c:b7:0c:af:9f:
c3:f7:f7:9a:31:45:e8:f9:e2:99:62:93:b9:2a:9d:c2:b2:a9:
ad:9e:80:ef:07:e3:64:67:2b:f0:6f:8d:fe:8b:b2:8e:d4:84:
69:48:e7:e7:d3:b1:15:05:91:ba:37:5e:b1:2a:a4:30:fe:83:
64:89:40:71:b5:47:5d:fd:09:29:c3:9b:8c:fe:54:ba:94:2b:
37:25:ac:d0:db:c1:0b:12:1a:cc:62:88:41:88:9c:8d:87:f7:
4d:4c:1f:01
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnSJQ/TQI0ORdoi6rmAA51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg0ZGRmMjYwZjdiMDU0NDcyNzQ4NGQ0NWRhMmFiMzNjZmEyNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyV0w6fKv7TZoKQZj3dz1cnWbQ8Ul
mcnjMfEEPoHzZJm00ntLYNXCF5SXwj53g7nqXe4DVHqFIdknlrZ20qE626oImobJ
K2ZRKNUSpd0TxODc8nPwl9Du0cHB8G4hrEkAKo35apYuuTA4AXJTuL/B5wjBJjhG
RerxUn/jJxJNX3JFBcSQEN7ud9jzDiS73UJpD7cSpWG0Q1/0+YqK6rl0U0JRGu9h
2wlCLPRwn9G4L0sLmNFShzYicQnBlGz8BdUa3i2vUvIFZ3kLYaK6M63BDeocFr5K
nkezCxFGaJYnO1/rXDbydxclV5JVpE7Avn1nK4Xa7L6RJ7cRLwkLZBWcEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPeE3fJg97BURydITUXaKrM8+iYPMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOTRUZDhtRDNzRlJISjBoTlJkb3Fzeno2Smc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAACOskD
BAACOsoDBAEtC+YDBAAthm8wDQYJKoZIhvcNAQELBQADggEBAJ4oDc5Q2Wu9zE/n
DuBZ+mkTt8oAJA78G8eJDeFZGTRsPjKLaApmaQiqFGlUl2ccSzvGfV3nCJNFYMWH
d4yVikrcOlZ02PQtKR7IrBiejoIPemKbm+Xx7SH4pUNGJwGQ9kmdZs8DgPD7hCH3
AIGZKrXTkwmavF9jSIQKem6RMv8GMdxmNbE1FL8HnYOXj3o0EZBW9JU3Ug5FqhJ7
ARsctwyvn8P395oxRej54plik7kqncKyqa2egO8H42RnK/Bvjf6Lso7UhGlI5+fT
sRUFkbo3XrEqpDD+g2SJQHG1R139CSnDm4z+VLqUKzclrNDbwQsSGsxiiEGInI2H
901MHwE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:40:20 2025 by rpki-client