Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ntd6QwHkOTehe3Vl64A14p703O4.roa
File: ntd6QwHkOTehe3Vl64A14p703O4.roa (raw, json)
Hash identifier: 4l5LC0lUf9s4jUrkZg/cmb167y7R/cDKZB5N3ced4wo=
Subject key identifier: 9E:D7:7A:43:01:E4:39:37:A1:7B:75:65:EB:80:35:E2:9E:F4:DC:EE
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 019418F296D5B0FB4C189582E1D623B88C19
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ntd6QwHkOTehe3Vl64A14p703O4.roa
Signing time: Mon 30 Dec 2024 19:02:19 +0000
ROA not before: Mon 30 Dec 2024 19:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.157.138.0/24 maxlen: 24
178.211.154.0/24 maxlen: 24
185.225.188.0/24 maxlen: 24
193.56.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:f2:96:d5:b0:fb:4c:18:95:82:e1:d6:23:b8:8c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Dec 30 19:02:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ed77a4301e43937a17b7565eb8035e29ef4dcee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ce:b6:3e:02:95:84:4e:8b:bd:7a:e8:71:42:
e2:4e:4e:cf:6b:dd:21:e2:0f:b6:0d:c1:ab:1e:c3:
14:01:68:7c:ad:e5:08:b0:7e:42:6d:b2:dd:b2:f1:
50:23:0d:05:a3:e9:a9:38:86:e5:f2:6f:50:3a:05:
5a:03:89:4a:e0:72:41:b1:54:ad:d7:ba:c3:61:85:
e0:07:c8:99:8d:7d:85:0f:f8:7d:76:8d:b9:7d:fb:
1a:5c:ed:2b:e3:6a:6b:dc:51:5d:08:c2:fe:99:fe:
c9:5a:32:3f:da:e4:44:8e:1a:6d:76:ed:5b:ac:fd:
ee:ba:01:66:20:28:7f:54:72:03:4a:b5:c0:92:08:
04:65:a1:cd:e4:2f:83:f2:12:ac:2f:62:c3:6c:61:
d1:36:f5:d5:cf:64:77:a4:c8:47:ee:a0:a6:58:df:
44:4f:b3:72:74:a6:7e:94:00:55:cc:25:7b:95:87:
dc:1c:df:25:ec:ce:fc:82:25:25:af:0e:f6:76:c7:
37:ba:87:4d:45:04:fc:e2:07:9c:5e:5e:a5:23:e5:
ca:d9:b8:b9:49:33:d2:3d:e2:e0:11:67:34:40:90:
52:15:eb:dd:2d:43:06:b1:c8:67:3e:9d:78:1f:a4:
bf:99:8c:51:c6:de:c9:7b:ef:03:fb:eb:bc:05:30:
05:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D7:7A:43:01:E4:39:37:A1:7B:75:65:EB:80:35:E2:9E:F4:DC:EE
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/ntd6QwHkOTehe3Vl64A14p703O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.138.0/24
178.211.154.0/24
185.225.188.0/24
193.56.112.0/24
Signature Algorithm: sha256WithRSAEncryption
07:c9:ce:68:ca:fc:49:9a:93:a7:07:73:82:64:d6:01:70:be:
26:2b:8b:1d:9d:66:bc:c9:0d:e0:f7:63:aa:24:e5:4f:37:bf:
01:b4:7e:34:98:11:0c:76:2d:5c:84:6b:c9:e7:98:5a:96:9e:
8f:dc:d4:a5:6c:c7:da:d0:71:13:09:a8:10:97:29:97:e7:0f:
ab:20:48:a7:78:bc:3a:7e:4f:99:e1:7b:26:7a:30:6b:a2:30:
47:2e:ab:ef:5f:23:06:30:2a:6b:58:1e:1b:d2:bd:2d:89:58:
23:d9:fc:b5:c0:d0:19:7c:10:05:50:cf:56:25:ad:7d:08:d9:
0c:87:9c:61:39:e9:72:bc:15:2d:a0:77:af:15:8b:ce:d7:5a:
57:89:ee:87:1a:1c:36:20:b7:92:a6:53:30:b7:26:b4:82:33:
63:93:58:4f:fa:bd:0f:42:6a:30:e2:2a:0f:37:ca:09:4d:3b:
38:c9:82:2e:c9:5a:7b:88:33:26:99:35:91:9d:24:5d:5a:e0:
9a:c0:ea:dc:e7:e9:17:67:2c:cd:18:29:37:99:59:c1:7c:e4:
fc:8b:23:b0:0b:f0:75:14:1b:b9:55:1d:f3:71:45:47:68:5a:
5a:62:32:f7:70:ea:fe:41:83:fe:5c:20:2a:74:c7:2e:61:81:
c7:82:93:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQY8pbVsPtMGJWC4dYjuIwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjQxMjMwMTkwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ3N2E0MzAxZTQzOTM3YTE3Yjc1NjVlYjgwMzVlMjllZjRkY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts62PgKVhE6LvXrocULiTk7Pa90h
4g+2DcGrHsMUAWh8reUIsH5CbbLdsvFQIw0Fo+mpOIbl8m9QOgVaA4lK4HJBsVSt
17rDYYXgB8iZjX2FD/h9do25ffsaXO0r42pr3FFdCML+mf7JWjI/2uREjhptdu1b
rP3uugFmICh/VHIDSrXAkggEZaHN5C+D8hKsL2LDbGHRNvXVz2R3pMhH7qCmWN9E
T7NydKZ+lABVzCV7lYfcHN8l7M78giUlrw72dsc3uodNRQT84gecXl6lI+XK2bi5
STPSPeLgEWc0QJBSFevdLUMGschnPp14H6S/mYxRxt7Je+8D++u8BTAF4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ7XekMB5Dk3oXt1ZeuANeKe9NzuMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvbnRkNlF3SGtPVGVoZTNWbDY0QTE0cDcwM080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ2KAwQA
stOaAwQAueG8AwQAwThwMA0GCSqGSIb3DQEBCwUAA4IBAQAHyc5oyvxJmpOnB3OC
ZNYBcL4mK4sdnWa8yQ3g92OqJOVPN78BtH40mBEMdi1chGvJ55halp6P3NSlbMfa
0HETCagQlymX5w+rIEineLw6fk+Z4XsmejBrojBHLqvvXyMGMCprWB4b0r0tiVgj
2fy1wNAZfBAFUM9WJa19CNkMh5xhOelyvBUtoHevFYvO11pXie6HGhw2ILeSplMw
tya0gjNjk1hP+r0PQmow4ioPN8oJTTs4yYIuyVp7iDMmmTWRnSRdWuCawOrc5+kX
ZyzNGCk3mVnBfOT8iyOwC/B1FBu5VR3zcUVHaFpaYjL3cOr+QYP+XCAqdMcuYYHH
gpNb
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:46:32 2025 by rpki-client