Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9gXMsrYJQXD7iqlifSpECnoNYAw.roa
File: 9gXMsrYJQXD7iqlifSpECnoNYAw.roa (raw, json)
Hash identifier: 64xG73s5j2y8mh9UiDIrZsLibCEvYZ4CtMQ3akGoF8M=
Subject key identifier: F6:05:CC:B2:B6:09:41:70:FB:8A:A9:62:7D:2A:44:0A:7A:0D:60:0C
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0191FB116CB86FD3D14BC8C2C7A1B1C9650A
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9gXMsrYJQXD7iqlifSpECnoNYAw.roa
Signing time: Mon 16 Sep 2024 13:41:48 +0000
ROA not before: Mon 16 Sep 2024 13:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.85.190.0/24 maxlen: 24
45.133.141.0/24 maxlen: 24
45.133.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 05:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fb:11:6c:b8:6f:d3:d1:4b:c8:c2:c7:a1:b1:c9:65:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Sep 16 13:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f605ccb2b6094170fb8aa9627d2a440a7a0d600c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:41:a1:fa:a2:34:56:91:20:71:c9:05:02:
72:eb:55:a3:f5:45:99:9e:cd:61:cc:e8:95:7e:99:
f0:20:5d:b4:c2:4e:32:35:a3:8f:93:71:66:08:8e:
8c:90:77:24:2c:50:40:23:0a:d9:de:14:1c:da:13:
01:e8:36:ec:20:65:f2:8e:88:bd:6d:39:cf:8e:58:
49:7f:40:cf:df:a5:1a:ce:47:29:59:d6:ee:27:0c:
7c:b2:e1:e6:0c:2f:49:fe:42:20:f0:8c:38:fa:37:
b2:03:50:32:7a:7a:5e:90:86:9b:c1:94:c0:20:8a:
57:c4:a9:a3:03:08:74:f8:5f:fd:e6:f4:f2:51:14:
ce:14:a6:58:19:eb:ed:03:2e:02:0a:41:1d:f8:6a:
fc:73:b7:9a:34:b1:0f:34:96:eb:5c:3a:6d:2a:0e:
5c:c5:ab:cd:ba:cd:ae:8a:2a:01:1e:81:70:ce:17:
30:6d:e7:64:b9:f7:b0:4b:a5:18:27:84:b9:0b:90:
56:dd:a2:3a:e8:bc:66:e2:e4:e2:54:f7:fc:22:ac:
de:53:ae:50:dc:44:ff:c0:e0:5a:2a:4e:9d:9e:fa:
73:76:d7:fa:c2:39:46:d9:5a:e8:b1:c5:96:12:fb:
ea:57:79:70:4e:eb:20:64:90:01:99:23:c2:a3:8d:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:05:CC:B2:B6:09:41:70:FB:8A:A9:62:7D:2A:44:0A:7A:0D:60:0C
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9gXMsrYJQXD7iqlifSpECnoNYAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.190.0/24
45.133.141.0/24
45.133.143.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ca:28:02:e6:0f:87:55:8a:fd:85:f6:8e:9c:0b:38:5b:18:
1f:dd:d7:02:b8:37:73:a8:de:21:e3:84:47:ac:f1:ba:27:44:
4e:36:fc:b6:bf:83:85:83:06:07:e3:03:dc:59:86:4c:6f:f0:
21:56:54:c0:0e:c3:e7:67:90:97:83:eb:aa:15:f5:63:30:54:
80:37:df:72:9a:5b:b1:d2:a6:e0:0b:93:dd:8e:bb:b2:51:5d:
b7:e0:1d:c5:30:60:8e:09:d5:e9:7d:d8:c3:30:6b:dd:bc:30:
fe:6a:de:f8:15:b0:4d:bc:77:77:2f:39:ac:94:02:5b:74:66:
5e:68:9a:11:c4:38:12:df:6e:20:57:bb:6e:f5:b3:ad:35:1b:
2d:e0:89:1d:25:52:66:a4:ee:68:99:4e:82:00:88:65:fd:3a:
38:2e:c5:b7:03:ce:8a:06:c8:b9:a3:9a:9e:51:d8:99:ce:cf:
f2:65:ae:2d:51:01:0a:b4:fc:94:24:08:e7:84:4b:b0:90:0f:
71:9c:53:65:f1:47:10:f1:6c:2e:aa:5f:77:bc:ff:db:b7:a2:
9a:4a:55:f1:59:63:9a:22:37:ed:18:34:60:4b:51:b1:06:86:
69:d6:cd:f6:96:5c:26:6a:49:a6:05:61:84:5e:24:5a:9b:e1:
1d:a2:c3:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZH7EWy4b9PRS8jCx6GxyWUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwOTE2MTM0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjA1Y2NiMmI2MDk0MTcwZmI4YWE5NjI3ZDJhNDQwYTdhMGQ2MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVhBofqiNFaRIHHJBQJy61Wj9UWZ
ns1hzOiVfpnwIF20wk4yNaOPk3FmCI6MkHckLFBAIwrZ3hQc2hMB6DbsIGXyjoi9
bTnPjlhJf0DP36UazkcpWdbuJwx8suHmDC9J/kIg8Iw4+jeyA1AyenpekIabwZTA
IIpXxKmjAwh0+F/95vTyURTOFKZYGevtAy4CCkEd+Gr8c7eaNLEPNJbrXDptKg5c
xavNus2uiioBHoFwzhcwbedkufewS6UYJ4S5C5BW3aI66Lxm4uTiVPf8IqzeU65Q
3ET/wOBaKk6dnvpzdtf6wjlG2VroscWWEvvqV3lwTusgZJABmSPCo40T/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPYFzLK2CUFw+4qpYn0qRAp6DWAMMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvOWdYTXNyWUpRWEQ3aXFsaWZTcEVDbm9OWUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVW+AwQA
LYWNAwQALYWPMA0GCSqGSIb3DQEBCwUAA4IBAQBAyigC5g+HVYr9hfaOnAs4Wxgf
3dcCuDdzqN4h44RHrPG6J0RONvy2v4OFgwYH4wPcWYZMb/AhVlTADsPnZ5CXg+uq
FfVjMFSAN99ymlux0qbgC5PdjruyUV234B3FMGCOCdXpfdjDMGvdvDD+at74FbBN
vHd3LzmslAJbdGZeaJoRxDgS324gV7tu9bOtNRst4IkdJVJmpO5omU6CAIhl/To4
LsW3A86KBsi5o5qeUdiZzs/yZa4tUQEKtPyUJAjnhEuwkA9xnFNl8UcQ8Wwuql93
vP/bt6KaSlXxWWOaIjftGDRgS1GxBoZp1s32llwmakmmBWGEXiRam+EdosPD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:43 2025 by rpki-client