Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/fQmhUrA8GKWpE-J8Pdyck433s70.roa
File: fQmhUrA8GKWpE-J8Pdyck433s70.roa (raw, json)
Hash identifier: VhufXf/sTZPH6SR4ARDmtJHV1ICRgdrrx0Hajfos/B8=
Subject key identifier: 7D:09:A1:52:B0:3C:18:A5:A9:13:E2:7C:3D:DC:9C:93:8D:F7:B3:BD
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CED98750F76A84771C4A8A90886B868E6
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/fQmhUrA8GKWpE-J8Pdyck433s70.roa
Signing time: Tue 09 Jan 2024 09:40:40 +0000
ROA not before: Tue 09 Jan 2024 09:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142578
IP address blocks: 45.156.223.0/24 maxlen: 24
85.92.113.0/24 maxlen: 24
45.134.146.0/24 maxlen: 24
45.134.147.0/24 maxlen: 24
45.93.18.0/24 maxlen: 24
45.93.19.0/24 maxlen: 24
193.107.219.0/24 maxlen: 24
193.107.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 02:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:98:75:0f:76:a8:47:71:c4:a8:a9:08:86:b8:68:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 9 09:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d09a152b03c18a5a913e27c3ddc9c938df7b3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:da:cc:5e:1a:17:af:89:21:6b:10:72:40:69:
6f:7d:2e:c6:0a:e5:95:4a:3a:73:70:a2:ea:b5:43:
ac:27:5f:18:5b:31:54:02:d4:de:2c:bb:19:bd:e2:
2b:b3:24:5e:76:dc:d0:ec:6b:d6:6e:0c:99:30:7e:
2a:39:1b:0f:59:de:69:8b:c3:c9:e8:90:16:b4:99:
e7:76:46:48:82:ff:2a:27:ad:4d:be:0a:c3:36:90:
73:4b:ba:d8:e8:c0:33:58:f2:fc:6e:9e:1c:65:c5:
9b:0c:17:02:4b:ad:7b:8f:db:1a:17:f0:a4:44:25:
c0:1c:5e:99:28:09:57:df:10:4f:3a:eb:35:e4:d9:
27:9e:39:8f:bd:b0:4f:c9:2b:a7:61:71:58:e2:90:
04:e7:08:77:ec:b5:85:6c:be:26:7b:0a:bf:7e:29:
02:8d:53:63:d4:9f:aa:88:c1:db:d8:0d:12:9e:9e:
e4:32:d7:87:09:97:84:90:d9:33:37:de:5a:9b:6d:
a3:b2:c8:c7:02:97:52:b7:5c:1c:7a:09:6a:60:5d:
0a:b0:ad:ab:2f:09:e9:31:bb:32:19:d4:3d:f3:49:
c4:e2:5d:95:24:11:74:94:26:35:72:d0:41:8b:ac:
dd:40:9b:d2:fe:6b:20:c1:33:ff:51:a2:cb:58:b6:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:09:A1:52:B0:3C:18:A5:A9:13:E2:7C:3D:DC:9C:93:8D:F7:B3:BD
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/fQmhUrA8GKWpE-J8Pdyck433s70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.18.0/23
45.134.146.0/23
45.156.223.0/24
85.92.113.0/24
193.107.217.0/24
193.107.219.0/24
Signature Algorithm: sha256WithRSAEncryption
74:11:7b:08:18:ef:34:a6:42:40:95:c3:e2:48:32:3b:61:75:
ef:4e:f1:a1:cc:db:b1:e8:0f:99:f7:a3:a5:f0:5a:ea:0a:a9:
79:9a:2e:82:1a:d5:d4:a9:6d:2a:b1:63:c0:30:ec:05:47:2a:
5d:c2:b1:f6:ed:b5:44:6d:49:fc:4b:11:93:f5:41:6a:f2:1c:
d6:bf:b8:95:f2:83:15:37:02:8e:51:8e:b3:d1:fa:f8:ef:bf:
b1:44:ed:55:c8:42:41:5a:81:35:0f:ef:aa:0a:21:dc:20:8a:
f1:73:11:03:0f:87:c9:70:ad:43:c7:29:30:6a:f9:4f:ef:d4:
af:97:98:a7:47:e3:3b:aa:91:7c:a2:ee:bc:29:95:e4:47:47:
44:a3:66:c5:7e:28:e5:18:6c:f7:75:7f:f1:76:a2:dc:bb:1e:
c8:7a:7a:bd:dd:31:cd:3c:73:71:2f:c7:95:15:f2:18:57:6c:
43:03:40:2d:47:af:80:6d:08:52:da:a8:c5:e5:c4:61:1d:86:
9b:e3:bc:96:39:e2:8e:c4:da:da:44:0a:03:3c:5b:72:53:83:
0a:0d:bc:6c:f2:35:7f:52:3c:11:a4:c4:70:3d:9c:26:10:ba:
c6:62:e5:bf:9d:a2:ce:62:3c:68:c5:d3:d8:de:6a:be:64:9b:
c8:16:54:f6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYztmHUPdqhHccSoqQiGuGjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTA5MDk0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA5YTE1MmIwM2MxOGE1YTkxM2UyN2MzZGRjOWM5MzhkZjdiM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNrMXhoXr4khaxByQGlvfS7GCuWV
SjpzcKLqtUOsJ18YWzFUAtTeLLsZveIrsyRedtzQ7GvWbgyZMH4qORsPWd5pi8PJ
6JAWtJnndkZIgv8qJ61NvgrDNpBzS7rY6MAzWPL8bp4cZcWbDBcCS617j9saF/Ck
RCXAHF6ZKAlX3xBPOus15NknnjmPvbBPySunYXFY4pAE5wh37LWFbL4mewq/fikC
jVNj1J+qiMHb2A0Snp7kMteHCZeEkNkzN95am22jssjHApdSt1wceglqYF0KsK2r
LwnpMbsyGdQ980nE4l2VJBF0lCY1ctBBi6zdQJvS/msgwTP/UaLLWLaHywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH0JoVKwPBilqRPifD3cnJON97O9MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvZlFtaFVyQThHS1dwRS1KOFBkeWNrNDMzczcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLV0SAwQB
LYaSAwQALZzfAwQAVVxxAwQAwWvZAwQAwWvbMA0GCSqGSIb3DQEBCwUAA4IBAQB0
EXsIGO80pkJAlcPiSDI7YXXvTvGhzNux6A+Z96Ol8FrqCql5mi6CGtXUqW0qsWPA
MOwFRypdwrH27bVEbUn8SxGT9UFq8hzWv7iV8oMVNwKOUY6z0fr477+xRO1VyEJB
WoE1D++qCiHcIIrxcxEDD4fJcK1DxykwavlP79Svl5inR+M7qpF8ou68KZXkR0dE
o2bFfijlGGz3dX/xdqLcux7Ienq93THNPHNxL8eVFfIYV2xDA0AtR6+AbQhS2qjF
5cRhHYab47yWOeKOxNraRAoDPFtyU4MKDbxs8jV/UjwRpMRwPZwmELrGYuW/naLO
YjxoxdPY3mq+ZJvIFlT2
-----END CERTIFICATE-----
Generated at Tue Sep 10 04:08:44 2024 by rpki-client on console-ams.rpki-client.org