Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/RbXQ5vBU-Xi2DPNpztlBc9oGFJY.roa
File: RbXQ5vBU-Xi2DPNpztlBc9oGFJY.roa (raw, json)
Hash identifier: 28/jIGPZ35HbtNKWZ3+pB4Hr3LxPX0RlP8KCGjRlWrE=
Subject key identifier: 45:B5:D0:E6:F0:54:F9:78:B6:0C:F3:69:CE:D9:41:73:DA:06:14:96
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019437A033A7E292DA23DBD5D151C96CA37A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/RbXQ5vBU-Xi2DPNpztlBc9oGFJY.roa
Signing time: Sun 05 Jan 2025 18:00:33 +0000
ROA not before: Sun 05 Jan 2025 18:00:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 11:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:a0:33:a7:e2:92:da:23:db:d5:d1:51:c9:6c:a3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 5 18:00:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45b5d0e6f054f978b60cf369ced94173da061496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:89:86:c8:55:a7:d5:11:f4:2e:df:32:6d:28:
13:46:9f:f1:09:24:36:12:3d:5c:62:76:d1:d2:b9:
5b:8f:5e:4a:81:a8:95:be:0e:e7:93:85:56:c6:4f:
62:76:95:7a:89:5e:3c:44:c3:87:a2:03:40:4b:d9:
de:db:fe:6a:9c:b9:01:e7:1d:28:5f:ed:85:cd:68:
dc:6c:5b:c5:33:f5:a0:09:db:79:40:0f:d4:b9:c7:
b9:9e:68:71:92:d2:75:fe:33:04:7a:e0:80:23:2e:
f7:f7:e0:3d:0f:27:74:e3:53:e8:f0:5c:41:eb:7e:
58:a7:0e:9e:39:60:9b:59:88:92:b7:b3:30:f1:03:
bf:6e:6e:a7:09:8e:ba:c8:6d:c6:a2:95:23:7e:b9:
03:df:2c:56:ab:5f:a2:e6:b3:24:92:38:c4:e5:54:
b7:0e:4d:35:78:95:1e:73:0a:d1:4a:2b:59:22:35:
d9:48:ed:c1:8f:d1:4d:39:e0:7d:50:97:1b:09:3c:
8d:4a:d6:53:92:ce:99:b9:25:c1:1f:5e:28:a2:7d:
7e:08:92:02:96:32:2c:33:56:c6:b6:1f:be:b3:8a:
0d:da:01:57:47:4c:c0:d6:ad:6b:89:3f:bc:fa:4e:
fb:1a:8a:3c:ae:89:32:f9:69:4d:aa:11:9a:ac:1c:
b0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:B5:D0:E6:F0:54:F9:78:B6:0C:F3:69:CE:D9:41:73:DA:06:14:96
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/RbXQ5vBU-Xi2DPNpztlBc9oGFJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0-45.90.146.255
45.140.220.0/23
77.83.241.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
04:6e:df:c0:ab:2e:db:f2:8f:0f:9b:b7:d0:fa:7b:aa:7a:4a:
5a:bd:94:2a:b6:04:1f:89:6e:e6:ad:c6:22:46:ff:c5:50:91:
17:02:63:45:5b:b4:ef:ba:47:76:d9:3f:30:f2:24:d1:27:0c:
06:e7:49:1f:3a:22:e6:19:64:90:99:01:2f:5a:6c:a9:df:9a:
fc:ef:08:a8:a4:56:53:a6:e1:e1:cb:a4:80:c2:4f:6c:4b:7f:
fb:82:55:9b:1e:58:8e:1d:cb:ef:6d:ba:3c:3b:a1:0b:0f:94:
55:5f:27:f6:74:74:99:67:64:cd:64:69:0a:45:b0:c6:2a:c7:
07:59:6e:7d:04:41:e3:30:8b:7f:5d:07:b0:5b:8a:60:51:19:
24:53:d7:78:50:77:9e:58:02:13:64:95:3e:0d:e0:a6:e9:67:
64:27:18:e6:6a:61:8a:87:be:72:9d:ed:99:3d:ec:e3:e5:77:
14:d0:b7:cc:15:af:b4:48:54:7d:a2:b3:10:7e:5c:6c:76:68:
5f:7e:88:ea:94:70:0f:15:8b:07:25:13:6a:05:06:45:81:60:
84:0f:25:70:9a:51:95:51:0a:c5:64:f5:62:1e:49:4f:18:5e:
44:e8:31:9b:cd:0f:a6:aa:f8:f4:14:b1:e4:53:c4:23:75:29:
6d:11:d8:3e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQ3oDOn4pLaI9vV0VHJbKN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTA1MTgwMDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWI1ZDBlNmYwNTRmOTc4YjYwY2YzNjljZWQ5NDE3M2RhMDYxNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYmGyFWn1RH0Lt8ybSgTRp/xCSQ2
Ej1cYnbR0rlbj15KgaiVvg7nk4VWxk9idpV6iV48RMOHogNAS9ne2/5qnLkB5x0o
X+2FzWjcbFvFM/WgCdt5QA/Uuce5nmhxktJ1/jMEeuCAIy739+A9Dyd041Po8FxB
635Ypw6eOWCbWYiSt7Mw8QO/bm6nCY66yG3GopUjfrkD3yxWq1+i5rMkkjjE5VS3
Dk01eJUecwrRSitZIjXZSO3Bj9FNOeB9UJcbCTyNStZTks6ZuSXBH14oon1+CJIC
ljIsM1bGth++s4oN2gFXR0zA1q1riT+8+k77Goo8roky+WlNqhGarBywBQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEW10ObwVPl4tgzzac7ZQXPaBhSWMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUmJYUTV2QlUtWGkyRFBOcHp0bEJjOW9HRkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAAjimMAwD
BAAtWpEDBAAtWpIDBAEtjNwDBABNU/EDBAC56koDBADCH4wDBADCOOEwDQYJKoZI
hvcNAQELBQADggEBAARu38CrLtvyjw+bt9D6e6p6Slq9lCq2BB+JbuatxiJG/8VQ
kRcCY0VbtO+6R3bZPzDyJNEnDAbnSR86IuYZZJCZAS9abKnfmvzvCKikVlOm4eHL
pIDCT2xLf/uCVZseWI4dy+9tujw7oQsPlFVfJ/Z0dJlnZM1kaQpFsMYqxwdZbn0E
QeMwi39dB7BbimBRGSRT13hQd55YAhNklT4N4KbpZ2QnGOZqYYqHvnKd7Zk97OPl
dxTQt8wVr7RIVH2isxB+XGx2aF9+iOqUcA8ViwclE2oFBkWBYIQPJXCaUZVRCsVk
9WIeSU8YXkToMZvND6aq+PQUseRTxCN1KW0R2D4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:52:57 2025 by rpki-client