Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/IXq7N9X5TqnhVksSMb2gsXZzKXg.roa
File: IXq7N9X5TqnhVksSMb2gsXZzKXg.roa (raw, json)
Hash identifier: 8MH/3UgPM3d00DbevEiMP6bRi/T+t/Pg7xV1I5iwOb0=
Subject key identifier: 21:7A:BB:37:D5:F9:4E:A9:E1:56:4B:12:31:BD:A0:B1:76:73:29:78
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018D455B0E218337E517348A89DBC9DF0543
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/IXq7N9X5TqnhVksSMb2gsXZzKXg.roa
Signing time: Fri 26 Jan 2024 10:40:11 +0000
ROA not before: Fri 26 Jan 2024 10:40:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215938
IP address blocks: 45.134.144.0/24 maxlen: 24
103.211.100.0/24 maxlen: 24
103.211.102.0/23 maxlen: 24
185.245.1.0/24 maxlen: 24
185.245.2.0/24 maxlen: 24
194.145.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 06:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:5b:0e:21:83:37:e5:17:34:8a:89:db:c9:df:05:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 26 10:40:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=217abb37d5f94ea9e1564b1231bda0b176732978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8d:2e:08:13:81:6e:82:83:23:73:94:60:31:
ae:d4:8c:14:3f:27:de:1a:98:e4:53:ce:dc:5e:a1:
44:4f:a0:d7:15:cd:13:41:5b:e3:2d:a4:03:0e:5a:
7e:cc:0e:96:28:76:97:c7:df:e3:2f:57:f4:1c:f1:
de:86:db:fb:22:de:e8:51:fd:6a:3c:a4:b9:42:45:
b1:20:28:3b:89:11:82:c5:7d:8b:5a:85:c8:9e:e2:
62:1f:56:82:c4:60:b5:90:6b:d7:52:d9:7d:e3:a0:
54:5f:9f:e2:38:96:8a:de:c5:cc:48:70:06:9e:65:
9f:74:08:47:4a:19:6f:7c:a3:79:a8:49:02:03:74:
3b:97:82:e9:73:0b:d1:b9:b5:1d:c5:9a:fe:1f:df:
ae:04:f0:96:9a:53:b3:d5:5e:49:df:1f:37:8d:1d:
c7:5c:56:31:3b:63:30:df:0b:6f:8f:16:b7:36:6f:
8e:53:0e:9f:c9:4b:36:71:b4:5e:1e:63:66:2c:14:
8d:99:ec:93:bc:90:08:0c:c4:6f:77:cd:04:f0:c8:
27:db:6c:6e:f9:d8:53:22:45:0f:27:8b:78:79:b6:
c6:2c:b0:81:64:65:34:d3:d5:37:0e:e6:e8:45:9d:
94:13:13:68:80:b4:2f:a6:b5:5f:91:34:12:ca:1f:
d9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7A:BB:37:D5:F9:4E:A9:E1:56:4B:12:31:BD:A0:B1:76:73:29:78
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/IXq7N9X5TqnhVksSMb2gsXZzKXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.144.0/24
103.211.100.0/24
103.211.102.0/23
185.245.1.0-185.245.2.255
194.145.237.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:0d:94:34:1e:32:c4:fb:96:2d:51:19:b7:06:e2:f2:5b:b1:
4b:56:ed:51:60:3a:a5:32:7e:1d:30:57:86:f8:df:24:28:93:
65:ff:50:af:68:c1:5d:15:11:5a:11:89:bc:f4:a4:9f:f6:57:
a1:74:1d:c3:bb:a7:19:53:0f:74:a3:e2:41:09:16:73:af:b2:
ce:a0:0e:a6:82:02:4b:b0:41:0f:45:19:2a:ad:5e:f6:01:ea:
6a:2f:b5:9a:22:43:d8:bc:7d:50:06:52:45:d1:f8:05:31:d4:
90:cf:4f:67:da:6e:d3:29:ee:d3:d6:c5:fd:a9:b0:fb:71:2e:
ac:c3:a4:b6:e1:c5:62:a2:50:08:3e:e8:0d:41:17:1b:d4:ee:
d6:0b:89:08:3c:60:19:01:0e:d6:40:15:13:7b:7a:3f:af:30:
24:e1:74:e9:1c:e4:2e:46:0c:c5:f4:7c:40:46:f8:ee:1a:6c:
0a:ed:aa:d4:6a:a7:96:28:16:90:53:50:5a:96:35:7e:78:dc:
fd:91:1f:20:6c:bc:86:f8:3e:bf:71:c7:b7:0b:bf:76:fa:b3:
45:4a:0d:46:d2:7a:d4:11:4a:be:88:e9:2d:b5:89:01:48:b8:
74:f8:15:36:3b:ed:64:6d:d6:4a:6d:b6:9d:d5:2b:f2:ad:e2:
7c:2f:47:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY1FWw4hgzflFzSKidvJ3wVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTI2MTA0MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdhYmIzN2Q1Zjk0ZWE5ZTE1NjRiMTIzMWJkYTBiMTc2NzMyOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx40uCBOBboKDI3OUYDGu1IwUPyfe
GpjkU87cXqFET6DXFc0TQVvjLaQDDlp+zA6WKHaXx9/jL1f0HPHehtv7It7oUf1q
PKS5QkWxICg7iRGCxX2LWoXInuJiH1aCxGC1kGvXUtl946BUX5/iOJaK3sXMSHAG
nmWfdAhHShlvfKN5qEkCA3Q7l4LpcwvRubUdxZr+H9+uBPCWmlOz1V5J3x83jR3H
XFYxO2Mw3wtvjxa3Nm+OUw6fyUs2cbReHmNmLBSNmeyTvJAIDMRvd80E8Mgn22xu
+dhTIkUPJ4t4ebbGLLCBZGU009U3DuboRZ2UExNogLQvprVfkTQSyh/Z+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCF6uzfV+U6p4VZLEjG9oLF2cyl4MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvSVhxN045WDVUcW5oVmtzU01iMmdzWFp6S1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALYaQAwQA
Z9NkAwQBZ9NmMAwDBAC59QEDBAC59QIDBADCke0wDQYJKoZIhvcNAQELBQADggEB
AJ4NlDQeMsT7li1RGbcG4vJbsUtW7VFgOqUyfh0wV4b43yQok2X/UK9owV0VEVoR
ibz0pJ/2V6F0HcO7pxlTD3Sj4kEJFnOvss6gDqaCAkuwQQ9FGSqtXvYB6movtZoi
Q9i8fVAGUkXR+AUx1JDPT2fabtMp7tPWxf2psPtxLqzDpLbhxWKiUAg+6A1BFxvU
7tYLiQg8YBkBDtZAFRN7ej+vMCThdOkc5C5GDMX0fEBG+O4abArtqtRqp5YoFpBT
UFqWNX543P2RHyBsvIb4Pr9xx7cLv3b6s0VKDUbSetQRSr6I6S21iQFIuHT4FTY7
7WRt1kpttp3VK/Kt4nwvRwQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:40 2025 by rpki-client