Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/3We3twVH5y1q6RjmBkMYNCdGPo0.roa
File: 3We3twVH5y1q6RjmBkMYNCdGPo0.roa (raw, json)
Hash identifier: rl/j58MdWdyw4FYBndtI21f3hr6Lj42TruE5uK36tzE=
Subject key identifier: DD:67:B7:B7:05:47:E7:2D:6A:E9:18:E6:06:43:18:34:27:46:3E:8D
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 01914272C92ED22DE1BBA85E79A3B8CD2992
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/3We3twVH5y1q6RjmBkMYNCdGPo0.roa
Signing time: Sun 11 Aug 2024 17:18:24 +0000
ROA not before: Sun 11 Aug 2024 17:18:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 19:20:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:42:72:c9:2e:d2:2d:e1:bb:a8:5e:79:a3:b8:cd:29:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Aug 11 17:18:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd67b7b70547e72d6ae918e60643183427463e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e5:8d:13:23:af:b2:aa:1d:6b:72:4b:78:85:
7a:47:5c:7d:a2:1e:ff:4c:0e:d9:49:73:08:27:09:
58:da:13:8e:c3:75:52:3a:c2:b8:e8:bd:21:cf:a3:
b7:4c:eb:07:e2:f5:50:51:a4:6d:40:86:7c:29:aa:
14:20:44:47:f0:04:a6:e1:49:35:89:59:77:ba:a4:
57:23:d5:45:5f:b5:63:c3:1e:2e:41:cb:c1:a0:4c:
0a:ad:51:de:0c:3f:b8:e1:ed:af:61:28:6f:0f:80:
f2:e4:08:4f:40:b2:97:e0:02:dd:7e:94:dc:00:71:
10:9a:a9:e2:b1:f8:de:b2:0a:f3:05:0a:59:d2:f2:
30:ec:c3:c5:e6:c0:83:23:b6:86:a1:31:8e:6a:69:
80:83:1e:86:3e:cd:7a:3f:cb:47:a2:07:39:6d:51:
c7:26:32:06:c5:7f:88:51:5a:34:49:f8:9b:2d:ab:
c6:e3:f7:f8:54:28:3e:3a:51:9d:9f:fe:b6:2b:09:
6d:10:ae:cf:25:83:6c:40:38:2c:89:3f:4a:db:df:
b3:f2:93:bb:1f:67:c3:99:aa:ee:b7:63:e2:31:d6:
a4:8e:fb:bc:92:7a:23:75:fe:d8:9e:57:8c:3f:0b:
c6:c9:97:c5:d1:40:c1:60:fd:d7:af:97:b6:1d:90:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:67:B7:B7:05:47:E7:2D:6A:E9:18:E6:06:43:18:34:27:46:3E:8D
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/3We3twVH5y1q6RjmBkMYNCdGPo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.132.107.0/24
77.83.175.0/24
92.119.114.0/24
Signature Algorithm: sha256WithRSAEncryption
89:dd:a3:8b:3d:88:40:7d:80:b6:fd:c8:22:a7:a7:71:d9:41:
55:2c:e9:2b:5b:a6:8c:ae:2b:9f:49:34:0e:11:49:61:aa:26:
c6:2f:70:f0:43:88:5e:7d:47:9b:64:67:a2:19:1b:83:dc:28:
7b:17:4c:77:fc:4b:ed:24:17:a9:a3:26:93:41:b9:b1:3b:7e:
2f:3c:5b:3e:38:36:a3:01:fb:7c:05:4d:38:c0:f4:e0:c2:a2:
f2:98:a0:68:de:ec:2f:8f:f8:4e:d7:f1:8d:f0:cc:5f:4d:d5:
3b:6c:bb:28:12:83:89:e6:8c:14:1d:1d:6d:81:46:e0:24:6a:
9f:d3:0d:6e:f9:01:29:52:15:3f:39:bf:1e:89:a0:8d:ff:99:
0a:56:52:25:c9:f8:5d:4f:18:7d:62:e4:9d:58:65:53:7e:6e:
60:1d:74:2a:b1:e6:54:c6:c2:4b:91:be:91:06:98:b4:76:3f:
dd:ad:fb:d6:83:ab:e5:a0:3b:46:ee:67:df:0e:31:9b:b3:3a:
06:17:87:b8:f1:ac:89:2b:e6:0e:87:83:89:77:ea:8f:80:a4:
99:67:c6:93:c8:14:e2:4f:8b:73:c3:83:5e:fb:44:43:2b:4b:
95:b7:f0:c8:cf:51:d2:7b:fa:16:29:ae:2b:b3:4d:d8:6b:6f:
36:69:a0:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFCcsku0i3hu6heeaO4zSmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQwODExMTcxODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY3YjdiNzA1NDdlNzJkNmFlOTE4ZTYwNjQzMTgzNDI3NDYzZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluWNEyOvsqoda3JLeIV6R1x9oh7/
TA7ZSXMIJwlY2hOOw3VSOsK46L0hz6O3TOsH4vVQUaRtQIZ8KaoUIERH8ASm4Uk1
iVl3uqRXI9VFX7Vjwx4uQcvBoEwKrVHeDD+44e2vYShvD4Dy5AhPQLKX4ALdfpTc
AHEQmqnisfjesgrzBQpZ0vIw7MPF5sCDI7aGoTGOammAgx6GPs16P8tHogc5bVHH
JjIGxX+IUVo0SfibLavG4/f4VCg+OlGdn/62KwltEK7PJYNsQDgsiT9K29+z8pO7
H2fDmarut2PiMdakjvu8knojdf7YnleMPwvGyZfF0UDBYP3Xr5e2HZBnNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN1nt7cFR+ctaukY5gZDGDQnRj6NMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvM1dlM3R3Vkg1eTFxNlJqbUJrTVlOQ2RHUG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVhMAwQA
LVhpAwQALYRrAwQATVOvAwQAXHdyMA0GCSqGSIb3DQEBCwUAA4IBAQCJ3aOLPYhA
fYC2/cgip6dx2UFVLOkrW6aMriufSTQOEUlhqibGL3DwQ4hefUebZGeiGRuD3Ch7
F0x3/EvtJBepoyaTQbmxO34vPFs+ODajAft8BU04wPTgwqLymKBo3uwvj/hO1/GN
8MxfTdU7bLsoEoOJ5owUHR1tgUbgJGqf0w1u+QEpUhU/Ob8eiaCN/5kKVlIlyfhd
Txh9YuSdWGVTfm5gHXQqseZUxsJLkb6RBpi0dj/drfvWg6vloDtG7mffDjGbszoG
F4e48ayJK+YOh4OJd+qPgKSZZ8aTyBTiT4tzw4Ne+0RDK0uVt/DIz1HSe/oWKa4r
s03Ya282aaAu
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:48:10 2025 by rpki-client