Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/gdJTF6vrNwcEFzb-MypTkYl8iJg.roa
File: gdJTF6vrNwcEFzb-MypTkYl8iJg.roa (raw, json)
Hash identifier: xIY8QlVAmgxYrgFEX3ilJ5IBAk2ydf8jb6Uy83kLYVM=
Subject key identifier: 81:D2:53:17:AB:EB:37:07:04:17:36:FE:33:2A:53:91:89:7C:88:98
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 0190AB278D78A303F061585B18CF3576611F
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/gdJTF6vrNwcEFzb-MypTkYl8iJg.roa
Signing time: Sat 13 Jul 2024 08:13:34 +0000
ROA not before: Sat 13 Jul 2024 08:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 13:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ab:27:8d:78:a3:03:f0:61:58:5b:18:cf:35:76:61:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jul 13 08:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81d25317abeb3707041736fe332a5391897c8898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d5:4e:f0:38:b8:f6:a4:ab:10:00:50:d4:73:
c1:aa:32:15:60:f1:d3:8c:3f:10:e1:4e:04:fd:51:
00:e1:7e:c4:1e:a4:1a:55:ab:b7:f2:7a:d5:17:28:
46:37:98:02:75:ec:9a:1d:d6:b1:ba:9a:45:0f:66:
73:4a:84:56:64:8e:5a:68:0c:a6:b0:22:d5:c7:86:
21:cc:c6:ce:2c:34:6a:01:67:48:8e:df:b9:56:50:
6b:d0:48:54:91:dc:ad:2b:a6:fc:97:aa:f5:06:68:
bc:c6:bf:7e:c1:39:41:44:e0:3e:78:03:ad:3d:dd:
11:75:54:95:d4:da:4b:75:bb:17:7e:f0:48:4c:18:
b1:7c:c3:46:64:cc:1e:aa:f9:ad:e0:43:43:f0:17:
fd:a1:16:9a:01:5f:9a:aa:51:05:13:15:89:72:ff:
13:5f:f9:9d:9c:63:71:de:4a:50:4e:f6:37:56:95:
27:11:4d:e0:15:fa:73:ec:79:75:1f:9e:17:af:40:
2f:c2:35:95:fe:9d:91:59:5a:c9:4b:67:31:57:52:
59:5c:47:48:25:44:06:be:cf:93:d1:c3:31:4e:50:
9c:bf:f9:c0:3a:a1:de:76:1c:fc:f3:97:a6:ea:24:
a9:34:12:d5:79:9f:f0:ae:63:8d:8e:b3:c5:fd:93:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D2:53:17:AB:EB:37:07:04:17:36:FE:33:2A:53:91:89:7C:88:98
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/gdJTF6vrNwcEFzb-MypTkYl8iJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.6.0/23
45.148.248.0/24
45.148.250.0/23
185.140.232.0/24
185.140.234.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ee:cb:01:87:02:06:ee:65:3f:ee:43:af:88:8d:98:bf:98:
11:de:c9:8d:ad:e7:7c:b3:ef:1a:80:a8:6a:3e:78:7c:3a:25:
02:f8:1d:ba:82:2a:40:5f:51:77:01:43:d8:4f:fd:43:72:f2:
ed:f2:8c:34:da:8d:80:2a:47:77:0c:a5:8d:e4:47:e2:b2:3a:
d1:a4:3b:0d:8c:41:a6:8b:c0:52:c0:d7:58:cd:b6:ef:b5:a7:
39:44:82:bc:37:ea:d0:a8:57:26:e7:e9:82:91:54:63:cb:90:
85:ac:43:39:ed:9d:41:b3:76:8a:f2:34:13:ec:8a:e6:bf:db:
99:1b:a9:fb:a9:4c:1d:8b:be:d6:ae:2f:68:8d:c1:62:dd:c8:
2d:ef:42:9c:e4:af:02:de:14:31:b7:46:cd:e7:f1:08:64:2f:
52:49:c8:4c:a9:d8:89:03:30:65:bb:45:98:3f:a6:e5:ba:1e:
2e:da:c9:b5:90:27:03:d1:74:4a:56:94:3c:98:da:fa:da:b1:
86:e7:98:c6:30:53:46:7e:83:b4:03:46:0d:a2:37:74:c6:0d:
4a:1a:c5:86:28:27:8a:23:e1:fb:11:bc:c9:64:04:7f:b6:8a:
12:f7:3d:0c:93:57:ad:d1:97:e4:86:cf:52:d9:00:f9:78:63:
a2:06:e5:73
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZCrJ414owPwYVhbGM81dmEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjQwNzEzMDgxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQyNTMxN2FiZWIzNzA3MDQxNzM2ZmUzMzJhNTM5MTg5N2M4ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NVO8Di49qSrEABQ1HPBqjIVYPHT
jD8Q4U4E/VEA4X7EHqQaVau38nrVFyhGN5gCdeyaHdaxuppFD2ZzSoRWZI5aaAym
sCLVx4YhzMbOLDRqAWdIjt+5VlBr0EhUkdytK6b8l6r1Bmi8xr9+wTlBROA+eAOt
Pd0RdVSV1NpLdbsXfvBITBixfMNGZMweqvmt4END8Bf9oRaaAV+aqlEFExWJcv8T
X/mdnGNx3kpQTvY3VpUnEU3gFfpz7Hl1H54Xr0AvwjWV/p2RWVrJS2cxV1JZXEdI
JUQGvs+T0cMxTlCcv/nAOqHedhz885em6iSpNBLVeZ/wrmONjrPF/ZNXawIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIHSUxer6zcHBBc2/jMqU5GJfIiYMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvZ2RKVEY2dnJOd2NFRnpiLU15cFRrWWw4aUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQmQAwQB
LVYGAwQALZT4AwQBLZT6AwQAuYzoAwQAuYzqMA0GCSqGSIb3DQEBCwUAA4IBAQAU
7ssBhwIG7mU/7kOviI2Yv5gR3smNred8s+8agKhqPnh8OiUC+B26gipAX1F3AUPY
T/1DcvLt8ow02o2AKkd3DKWN5EfisjrRpDsNjEGmi8BSwNdYzbbvtac5RIK8N+rQ
qFcm5+mCkVRjy5CFrEM57Z1Bs3aK8jQT7Irmv9uZG6n7qUwdi77Wri9ojcFi3cgt
70Kc5K8C3hQxt0bN5/EIZC9SSchMqdiJAzBlu0WYP6bluh4u2sm1kCcD0XRKVpQ8
mNr62rGG55jGMFNGfoO0A0YNojd0xg1KGsWGKCeKI+H7EbzJZAR/tooS9z0Mk1et
0Zfkhs9S2QD5eGOiBuVz
-----END CERTIFICATE-----
Generated at Mon Nov 18 16:23:40 2024 by rpki-client on console-ams.rpki-client.org