Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t4bwye2LMmaX6IHFCvTGIDEUKB0.roa
File: t4bwye2LMmaX6IHFCvTGIDEUKB0.roa (raw, json)
Hash identifier: S0D0HcFwTPkd4YIt0UfUZsmGwEAl+MQqR8452UpWAq0=
Subject key identifier: B7:86:F0:C9:ED:8B:32:66:97:E8:81:C5:0A:F4:C6:20:31:14:28:1D
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CE76078DCCC1807864D5DC9B4695AC54C
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t4bwye2LMmaX6IHFCvTGIDEUKB0.roa
Signing time: Mon 08 Jan 2024 04:41:48 +0000
ROA not before: Mon 08 Jan 2024 04:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.235.164.0/24 maxlen: 24
45.135.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:60:78:dc:cc:18:07:86:4d:5d:c9:b4:69:5a:c5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 8 04:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b786f0c9ed8b326697e881c50af4c6203114281d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:33:9c:ab:ad:73:00:ef:52:fd:30:f4:1a:84:
5c:5d:ff:4e:30:73:e2:ea:7a:e8:08:ec:b0:7a:89:
41:cb:f3:41:8b:04:36:e9:d0:3d:15:32:08:92:59:
2f:67:ec:42:7f:f9:f0:0e:30:93:ae:7c:5d:ce:88:
ed:87:94:1d:2d:b4:aa:cd:b6:6e:12:84:45:da:a3:
cf:99:cf:07:45:3b:14:1a:19:9f:89:0e:f9:14:72:
da:1e:a3:23:23:af:2e:f2:18:1f:01:59:c9:a3:75:
ae:29:30:4d:45:59:a0:34:91:a1:26:1f:04:e0:91:
dd:cd:f1:a0:10:61:05:74:44:b6:d4:6f:dd:89:73:
aa:13:da:cf:54:6a:a1:d9:22:ff:e5:1f:3e:11:e9:
e9:da:15:25:bd:f9:2a:e3:b6:69:61:d9:3f:81:2b:
d3:ab:ee:bc:11:2a:cf:59:d8:83:a7:e2:07:2b:6a:
6b:ef:a6:f7:b0:f1:44:0f:d7:60:e4:2d:e7:f3:d4:
55:94:5b:ff:09:89:50:d9:b3:34:52:4e:7f:b5:7f:
a4:07:69:66:b4:9d:93:2f:23:fe:45:2e:fe:8c:88:
c3:bb:41:49:3d:6d:9b:bb:7c:4a:00:15:3c:0d:a6:
88:e0:84:42:e4:1b:5d:61:4c:03:93:aa:5c:ef:0e:
28:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:86:F0:C9:ED:8B:32:66:97:E8:81:C5:0A:F4:C6:20:31:14:28:1D
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/t4bwye2LMmaX6IHFCvTGIDEUKB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.238.0/24
185.235.164.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:46:07:e8:e8:42:0f:05:55:7b:7e:6c:c1:12:4d:23:f8:5f:
81:59:a0:89:cc:e6:63:09:7f:3d:ec:14:28:0b:48:21:52:2a:
d4:d8:6e:d7:4e:c6:1d:58:23:e6:92:b0:9e:99:da:97:17:59:
96:f4:3a:8c:56:57:86:96:58:dc:80:55:79:a1:aa:03:06:6e:
44:30:8f:5f:b7:34:5b:2d:07:37:20:b9:57:5c:cf:05:13:12:
c3:8f:11:97:63:a3:ec:c7:7f:ae:98:82:51:e4:84:04:e6:e7:
a7:1d:dd:95:af:75:c2:5c:27:3e:da:09:23:5b:5e:d3:19:21:
39:63:7b:b5:26:0a:b7:c8:ab:fa:5f:74:fe:73:e0:4c:eb:7b:
51:f1:0c:4b:dc:6e:05:81:f3:6e:a8:e7:ec:95:d5:cc:76:ed:
8b:14:32:f8:da:32:b9:ef:b1:fc:31:2a:89:32:6c:a8:91:58:
bc:68:d1:7e:d5:ce:92:93:cb:e5:89:7c:43:84:46:23:52:b1:
7b:c3:70:d5:f0:e3:5c:47:02:6f:0e:1c:a7:dd:99:a1:02:95:
d8:bc:2b:73:83:5b:b2:68:49:74:34:45:1c:d5:23:e5:52:96:
fd:18:6e:a6:6b:a3:09:b8:56:4e:91:49:77:3f:0b:ca:f0:8f:
24:c9:de:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYznYHjczBgHhk1dybRpWsVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTA4MDQ0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzg2ZjBjOWVkOGIzMjY2OTdlODgxYzUwYWY0YzYyMDMxMTQyODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDOcq61zAO9S/TD0GoRcXf9OMHPi
6nroCOyweolBy/NBiwQ26dA9FTIIklkvZ+xCf/nwDjCTrnxdzojth5QdLbSqzbZu
EoRF2qPPmc8HRTsUGhmfiQ75FHLaHqMjI68u8hgfAVnJo3WuKTBNRVmgNJGhJh8E
4JHdzfGgEGEFdES21G/diXOqE9rPVGqh2SL/5R8+Eenp2hUlvfkq47ZpYdk/gSvT
q+68ESrPWdiDp+IHK2pr76b3sPFED9dg5C3n89RVlFv/CYlQ2bM0Uk5/tX+kB2lm
tJ2TLyP+RS7+jIjDu0FJPW2bu3xKABU8DaaI4IRC5BtdYUwDk6pc7w4oGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLeG8MntizJml+iBxQr0xiAxFCgdMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdDRid3llMkxNbWFYNklIRkN2VEdJREVVS0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYfuAwQA
ueukMA0GCSqGSIb3DQEBCwUAA4IBAQC7Rgfo6EIPBVV7fmzBEk0j+F+BWaCJzOZj
CX897BQoC0ghUirU2G7XTsYdWCPmkrCemdqXF1mW9DqMVleGlljcgFV5oaoDBm5E
MI9ftzRbLQc3ILlXXM8FExLDjxGXY6Psx3+umIJR5IQE5uenHd2Vr3XCXCc+2gkj
W17TGSE5Y3u1Jgq3yKv6X3T+c+BM63tR8QxL3G4FgfNuqOfsldXMdu2LFDL42jK5
77H8MSqJMmyokVi8aNF+1c6Sk8vliXxDhEYjUrF7w3DV8ONcRwJvDhyn3ZmhApXY
vCtzg1uyaEl0NEUc1SPlUpb9GG6ma6MJuFZOkUl3PwvK8I8kyd5o
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:36 2025 by rpki-client