Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/avLhZP8zctT-Md3wVt9UkyW0e2E.roa
File: avLhZP8zctT-Md3wVt9UkyW0e2E.roa (raw, json)
Hash identifier: zFFyLGDGxgCs3eLd4spiF5P5UOsQMAUhEUcwHqSfUUg=
Subject key identifier: 6A:F2:E1:64:FF:33:72:D4:FE:31:DD:F0:56:DF:54:93:25:B4:7B:61
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018E31671EA48B48BBB74E7924740883F14B
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/avLhZP8zctT-Md3wVt9UkyW0e2E.roa
Signing time: Tue 12 Mar 2024 06:43:45 +0000
ROA not before: Tue 12 Mar 2024 06:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215938
IP address blocks: 45.134.144.0/24 maxlen: 24
103.211.100.0/24 maxlen: 24
185.245.1.0/24 maxlen: 24
185.245.2.0/24 maxlen: 24
194.145.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 02:23:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:67:1e:a4:8b:48:bb:b7:4e:79:24:74:08:83:f1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 12 06:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6af2e164ff3372d4fe31ddf056df549325b47b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:9a:df:8c:05:4f:a2:99:c9:1f:e3:47:d1:
e1:4e:1a:e6:fb:2b:49:a0:34:de:e0:80:9f:20:72:
91:1e:f2:98:1c:68:70:c9:d9:d6:1d:01:b6:43:ac:
bb:b7:1a:da:9b:2e:a3:30:90:44:62:9a:60:3a:5e:
63:8a:4c:45:67:af:ba:ed:38:a3:45:b6:10:ab:73:
b5:ef:5b:54:49:45:91:07:9a:08:ae:fc:39:8b:a8:
64:66:e4:44:d0:95:87:e1:f4:3c:ad:29:c3:09:6b:
24:6b:f0:b8:a2:a6:ea:3a:a1:14:72:f8:d2:b8:db:
99:2a:df:31:d0:30:d6:9b:52:e2:f2:24:ff:5e:51:
26:87:c0:52:6b:d6:d0:da:35:52:5a:2e:26:7e:ff:
b5:28:ef:a9:cb:ea:1d:4a:9e:11:09:aa:e3:6c:9c:
bd:15:b0:62:d0:6e:1e:1c:a2:9d:d1:89:a0:39:05:
94:00:01:a5:91:94:0b:65:dc:d0:97:35:38:b5:39:
4b:5d:5b:ee:d2:bd:56:48:ac:87:4a:bb:e9:4c:4f:
6c:b7:61:df:2c:00:98:fe:5b:2e:8b:ad:82:a2:41:
df:4d:99:a4:98:d6:67:f3:93:90:30:00:9e:35:c7:
30:4c:c5:1f:fb:d9:b0:c9:f2:ce:90:ce:e7:9e:da:
7c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F2:E1:64:FF:33:72:D4:FE:31:DD:F0:56:DF:54:93:25:B4:7B:61
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/avLhZP8zctT-Md3wVt9UkyW0e2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.144.0/24
103.211.100.0/24
185.245.1.0-185.245.2.255
194.145.237.0/24
Signature Algorithm: sha256WithRSAEncryption
27:68:43:7f:14:b1:48:29:8a:be:04:17:ca:f7:79:16:db:5d:
c9:a4:14:fb:e2:a5:ec:64:c1:8b:37:c8:a0:01:ca:25:21:7b:
34:c6:73:69:a1:9c:bf:00:8c:66:52:97:ca:b3:f2:5f:d1:f5:
53:2b:3c:e5:38:96:08:56:76:9b:cb:87:f1:f3:76:87:cc:65:
d4:06:f7:6f:86:49:9a:60:15:f9:25:51:fb:30:17:dd:20:6b:
dd:0d:38:9f:8c:3c:29:46:d3:50:c8:69:c1:3b:fb:78:e3:61:
cb:09:4f:db:71:12:ad:b2:d8:66:5f:21:d4:0d:a0:14:cf:3b:
fc:21:04:ca:9f:4b:3b:7a:da:7f:59:ff:b7:43:10:d9:43:e5:
cc:eb:d2:f5:93:e1:99:31:a9:69:7a:2d:1b:e0:14:c0:ac:de:
4d:2f:c1:5c:1a:5e:fd:78:1c:28:f2:08:75:60:9c:ed:38:3b:
ac:6f:17:1f:a2:43:d3:dd:47:db:49:ee:2a:df:e4:53:99:29:
15:c9:79:ef:4f:e1:1b:0f:be:a8:20:76:c6:a6:0f:9b:97:31:
d3:0a:e6:2d:40:76:6c:93:e4:05:10:25:91:e7:5b:08:71:46:
a9:96:cc:7d:bc:31:4c:cf:67:4b:94:13:c2:8f:f7:a5:70:c0:
90:5d:4d:84
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4xZx6ki0i7t055JHQIg/FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMzEyMDY0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYyZTE2NGZmMzM3MmQ0ZmUzMWRkZjA1NmRmNTQ5MzI1YjQ3YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN+a34wFT6KZyR/jR9HhThrm+ytJ
oDTe4ICfIHKRHvKYHGhwydnWHQG2Q6y7txramy6jMJBEYppgOl5jikxFZ6+67Tij
RbYQq3O171tUSUWRB5oIrvw5i6hkZuRE0JWH4fQ8rSnDCWska/C4oqbqOqEUcvjS
uNuZKt8x0DDWm1Li8iT/XlEmh8BSa9bQ2jVSWi4mfv+1KO+py+odSp4RCarjbJy9
FbBi0G4eHKKd0YmgOQWUAAGlkZQLZdzQlzU4tTlLXVvu0r1WSKyHSrvpTE9st2Hf
LACY/lsui62CokHfTZmkmNZn85OQMACeNccwTMUf+9mwyfLOkM7nntp8MQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGry4WT/M3LU/jHd8FbfVJMltHthMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvYXZMaFpQOHpjdFQtTWQzd1Z0OVVreVcwZTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALYaQAwQA
Z9NkMAwDBAC59QEDBAC59QIDBADCke0wDQYJKoZIhvcNAQELBQADggEBACdoQ38U
sUgpir4EF8r3eRbbXcmkFPvipexkwYs3yKAByiUhezTGc2mhnL8AjGZSl8qz8l/R
9VMrPOU4lghWdpvLh/HzdofMZdQG92+GSZpgFfklUfswF90ga90NOJ+MPClG01DI
acE7+3jjYcsJT9txEq2y2GZfIdQNoBTPO/whBMqfSzt62n9Z/7dDENlD5czr0vWT
4ZkxqWl6LRvgFMCs3k0vwVwaXv14HCjyCHVgnO04O6xvFx+iQ9PdR9tJ7irf5FOZ
KRXJee9P4RsPvqggdsamD5uXMdMK5i1AdmyT5AUQJZHnWwhxRqmWzH28MUzPZ0uU
E8KP96VwwJBdTYQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:18 2025 by rpki-client