Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0WYGEUiYgMN-HkJhhM1kfiOI-NY.roa
File: 0WYGEUiYgMN-HkJhhM1kfiOI-NY.roa (raw, json)
Hash identifier: r9IhfEDex+mhymzYelqruDEp6CqAvrR8FvVQF3fus40=
Subject key identifier: D1:66:06:11:48:98:80:C3:7E:1E:42:61:84:CD:64:7E:23:88:F8:D6
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B0B72FD03EA4688CDA8D210FFF673
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0WYGEUiYgMN-HkJhhM1kfiOI-NY.roa
Signing time: Fri 02 Feb 2024 09:34:05 +0000
ROA not before: Fri 02 Feb 2024 09:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.129.129.0/24 maxlen: 24
45.129.130.0/24 maxlen: 24
45.129.131.0/24 maxlen: 24
45.138.4.0/24 maxlen: 24
45.138.5.0/24 maxlen: 24
45.138.6.0/24 maxlen: 24
45.142.37.0/24 maxlen: 24
45.146.26.0/24 maxlen: 24
45.159.85.0/24 maxlen: 24
92.119.192.0/24 maxlen: 24
176.222.58.0/24 maxlen: 24
193.32.164.0/24 maxlen: 24
193.32.165.0/24 maxlen: 24
193.32.166.0/24 maxlen: 24
193.32.167.0/24 maxlen: 24
193.36.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:0b:72:fd:03:ea:46:88:cd:a8:d2:10:ff:f6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1660611489880c37e1e426184cd647e2388f8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f1:ca:24:73:64:37:b0:06:64:ee:48:35:26:
85:ee:f5:f4:42:a9:0a:f6:53:06:c4:fe:30:93:75:
54:9e:15:6f:71:f1:4b:af:1a:1a:a1:7d:b6:50:b4:
0a:4d:4c:b7:0c:34:e1:8d:dc:4a:44:b3:ae:ad:03:
a1:38:8a:d8:c9:d5:11:10:4b:63:f6:4e:57:71:24:
85:95:1e:d7:d6:ea:ad:49:d7:46:9e:73:43:99:fb:
63:ad:8a:9e:84:fc:46:ec:bb:ce:b0:0e:f6:66:37:
00:3d:db:36:8b:8e:32:aa:ab:f0:ab:9c:d4:8e:70:
24:0d:56:42:23:d2:a7:da:b9:b7:87:27:6a:45:b1:
9e:d1:10:06:11:02:48:f3:ef:06:fd:43:e4:c7:11:
34:70:1e:b1:21:c4:44:c2:6b:8b:21:11:4f:4a:7c:
24:2f:ca:7c:a3:7c:bd:e1:b1:6c:28:58:e2:2a:58:
57:b6:32:a0:bc:4d:4e:b2:60:58:fb:4d:8f:2c:28:
71:bf:60:76:ba:74:a2:8b:b7:5f:a5:53:66:6e:16:
15:22:06:b2:66:c2:fb:ac:e5:a8:5e:d1:e5:05:3a:
27:08:9e:e4:c6:a2:f9:86:0c:95:eb:71:57:62:0e:
6c:e7:d3:e9:da:cf:4b:75:3c:89:06:49:47:5d:bd:
39:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:66:06:11:48:98:80:C3:7E:1E:42:61:84:CD:64:7E:23:88:F8:D6
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0WYGEUiYgMN-HkJhhM1kfiOI-NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.129.0-45.129.131.255
45.138.4.0-45.138.6.255
45.142.37.0/24
45.146.26.0/24
45.159.85.0/24
92.119.192.0/24
176.222.58.0/24
193.32.164.0/22
193.36.231.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6f:50:72:20:1f:5d:8c:e4:d2:f5:46:56:58:83:16:e4:d7:
7a:5c:5b:d9:a9:de:d7:08:dc:94:78:20:cf:33:16:9f:7a:68:
c8:86:5b:e2:7c:c0:ac:53:22:c2:2d:fc:af:19:56:76:47:d3:
b5:2d:16:dc:13:5b:98:c3:d8:2a:e3:88:ea:21:20:7d:0a:9d:
3c:e3:94:94:6f:2c:de:fe:f8:3e:fb:86:09:7e:03:ff:38:d3:
a8:63:29:a0:32:bb:a5:c2:85:c7:c3:cb:6a:71:60:2c:06:ab:
b9:ce:c1:45:13:68:4d:f6:8c:66:09:fe:0e:11:6c:ca:fc:1d:
56:f1:27:2f:df:59:13:bf:9e:ca:c0:2c:ff:49:db:a2:bb:79:
5e:39:0a:83:d6:64:6c:f3:37:0d:fa:2b:47:85:b4:93:99:3c:
02:d5:01:5f:c2:f8:ca:79:fb:e5:6f:73:76:1d:ce:c6:b1:df:
7d:b5:81:8a:d4:c0:96:6d:dd:4d:f6:cc:4b:2d:cf:67:11:3e:
21:35:aa:aa:c0:f6:78:47:a0:70:a8:c3:04:a9:fc:01:f6:e5:
07:4b:ff:bb:68:e2:d9:e0:23:2d:77:e0:a3:3e:01:76:42:50:
a5:86:cb:c8:59:1e:2d:a9:0c:4a:4f:94:d4:6b:f5:b7:a2:1e:
82:34:7c:30
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY1pKwty/QPqRojNqNIQ//ZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTY2MDYxMTQ4OTg4MGMzN2UxZTQyNjE4NGNkNjQ3ZTIzODhmOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPHKJHNkN7AGZO5INSaF7vX0QqkK
9lMGxP4wk3VUnhVvcfFLrxoaoX22ULQKTUy3DDThjdxKRLOurQOhOIrYydUREEtj
9k5XcSSFlR7X1uqtSddGnnNDmftjrYqehPxG7LvOsA72ZjcAPds2i44yqqvwq5zU
jnAkDVZCI9Kn2rm3hydqRbGe0RAGEQJI8+8G/UPkxxE0cB6xIcREwmuLIRFPSnwk
L8p8o3y94bFsKFjiKlhXtjKgvE1OsmBY+02PLChxv2B2unSii7dfpVNmbhYVIgay
ZsL7rOWoXtHlBTonCJ7kxqL5hgyV63FXYg5s59Pp2s9LdTyJBklHXb05yQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNFmBhFImIDDfh5CYYTNZH4jiPjWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMFdZR0VVaVlnTU4tSGtKaGhNMWtmaU9JLU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAAtgYED
BAItgYAwDAMEAi2KBAMEAC2KBgMEAC2OJQMEAC2SGgMEAC2fVQMEAFx3wAMEALDe
OgMEAsEgpAMEAMEk5zANBgkqhkiG9w0BAQsFAAOCAQEAk29QciAfXYzk0vVGVliD
FuTXelxb2ane1wjclHggzzMWn3poyIZb4nzArFMiwi38rxlWdkfTtS0W3BNbmMPY
KuOI6iEgfQqdPOOUlG8s3v74PvuGCX4D/zjTqGMpoDK7pcKFx8PLanFgLAaruc7B
RRNoTfaMZgn+DhFsyvwdVvEnL99ZE7+eysAs/0nbort5XjkKg9ZkbPM3DforR4W0
k5k8AtUBX8L4ynn75W9zdh3OxrHffbWBitTAlm3dTfbMSy3PZxE+ITWqqsD2eEeg
cKjDBKn8AfblB0v/u2ji2eAjLXfgoz4BdkJQpYbLyFkeLakMSk+U1Gv1t6IegjR8
MA==
-----END CERTIFICATE-----
Generated at Mon Feb 5 22:57:47 2024 by rpki-client on console-fra.rpki-client.org