Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/23ZtSyVOnPG1Voh4lXh_ZVl--Dg.roa
File: 23ZtSyVOnPG1Voh4lXh_ZVl--Dg.roa (raw, json)
Hash identifier: bTnBOWiAiYJjzHEvU07d5KDVhCFILq7bkA6SZDOS2k8=
Subject key identifier: DB:76:6D:4B:25:4E:9C:F1:B5:56:88:78:95:78:7F:65:59:7E:F8:38
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018F20117829D9D7C3125DFB554853E867E8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/23ZtSyVOnPG1Voh4lXh_ZVl--Dg.roa
Signing time: Sat 27 Apr 2024 14:59:26 +0000
ROA not before: Sat 27 Apr 2024 14:59:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.107.50.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.198.234.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 15:25:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:11:78:29:d9:d7:c3:12:5d:fb:55:48:53:e8:67:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 27 14:59:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db766d4b254e9cf1b556887895787f65597ef838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:eb:75:31:03:67:be:9e:93:b2:71:d8:e5:8b:
86:4f:f4:a3:28:38:e6:16:fb:4f:29:d1:7d:10:7c:
7b:a2:52:0e:30:72:ad:1b:59:cf:83:b9:28:b4:95:
f6:74:0c:09:e1:2b:d1:9a:f8:6e:c6:af:46:28:65:
80:9a:24:14:1e:80:86:69:8a:cd:73:1d:5d:6f:fd:
2f:85:14:60:25:f4:37:4c:9a:3d:7c:39:83:bf:1e:
3f:66:e2:09:2b:70:2d:bc:05:78:ab:d0:be:7b:f6:
a8:36:1e:9a:78:7c:ea:d5:ee:96:15:b9:52:59:f4:
c2:f2:fd:76:5b:a9:a3:25:27:b2:27:1c:fa:25:fa:
0a:87:03:03:03:fb:be:2e:c7:87:f3:16:3a:77:3c:
ff:92:e2:e0:e9:8c:5c:88:20:69:e5:5c:ae:a0:b7:
ed:ec:c0:f8:76:f7:1a:a0:d9:a8:47:f2:25:c2:18:
1a:59:89:87:ac:65:ba:cc:f6:2d:49:0d:e7:51:21:
10:13:b5:b7:22:e2:f5:cd:95:d4:02:6e:a0:bf:50:
3c:48:2c:74:be:d6:eb:a2:c7:7e:8a:94:55:43:be:
28:d8:fd:2b:89:f1:66:96:a1:ac:58:f9:6b:fe:1f:
41:04:24:15:61:bc:38:92:43:16:b9:af:62:c4:5d:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:6D:4B:25:4E:9C:F1:B5:56:88:78:95:78:7F:65:59:7E:F8:38
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/23ZtSyVOnPG1Voh4lXh_ZVl--Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
86.107.50.0/24
89.34.106.0/24
93.114.183.0/24
185.198.234.0/24
188.64.142.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
24:16:19:91:da:72:02:45:7e:16:06:cc:c2:98:de:3e:67:6e:
fb:7b:98:70:58:f8:b5:79:98:41:f5:c6:58:21:ca:2f:50:40:
74:21:f9:e9:37:94:52:38:91:86:f7:74:18:f4:de:ac:56:58:
a0:76:50:5e:a0:6f:49:ec:16:f2:e1:29:10:21:b8:da:93:09:
a7:7f:66:ad:aa:b8:e2:bb:ec:75:e7:55:c4:55:a1:66:0a:b5:
1d:a9:ce:88:3a:a5:4c:66:8b:71:c6:bc:ef:d9:60:d7:6c:c2:
4d:fc:a8:49:0b:1f:cc:81:39:b6:7f:0e:7a:c1:03:34:7a:33:
04:8f:6f:46:9f:08:a9:c6:10:8a:32:c9:82:aa:b5:24:05:28:
3c:f1:5d:7a:df:cb:d9:ce:83:34:04:c9:f7:50:9e:0b:48:8c:
93:6c:4d:bd:7e:d7:61:8a:ba:90:71:42:0a:a6:d0:c5:e2:d1:
5a:13:15:a2:23:67:68:9b:4f:53:2a:42:8c:c3:62:9f:d0:03:
0a:39:bd:9e:66:11:2c:a9:93:7d:ce:27:ab:c5:6a:42:aa:4a:
9f:f0:37:b6:d9:51:70:fc:82:03:ad:3a:75:a8:43:c0:a9:ff:
7c:81:74:3c:3f:82:e8:34:81:2b:5d:dd:f9:2c:39:06:c8:16:
e4:c2:21:f2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY8gEXgp2dfDEl37VUhT6GfoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNDI3MTQ1OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc2NmQ0YjI1NGU5Y2YxYjU1Njg4Nzg5NTc4N2Y2NTU5N2VmODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlut1MQNnvp6TsnHY5YuGT/SjKDjm
FvtPKdF9EHx7olIOMHKtG1nPg7kotJX2dAwJ4SvRmvhuxq9GKGWAmiQUHoCGaYrN
cx1db/0vhRRgJfQ3TJo9fDmDvx4/ZuIJK3AtvAV4q9C+e/aoNh6aeHzq1e6WFblS
WfTC8v12W6mjJSeyJxz6JfoKhwMDA/u+LseH8xY6dzz/kuLg6YxciCBp5VyuoLft
7MD4dvcaoNmoR/IlwhgaWYmHrGW6zPYtSQ3nUSEQE7W3IuL1zZXUAm6gv1A8SCx0
vtbrosd+ipRVQ74o2P0rifFmlqGsWPlr/h9BBCQVYbw4kkMWua9ixF01cwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNt2bUslTpzxtVaIeJV4f2VZfvg4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMjNadFN5Vk9uUEcxVm9oNGxYaF9aVmwtLURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
VmsyAwQAWSJqAwQAXXK3AwQAucbqAwQAvECOAwQAvNBnAwQA2RMEMA0GCSqGSIb3
DQEBCwUAA4IBAQAkFhmR2nICRX4WBszCmN4+Z277e5hwWPi1eZhB9cZYIcovUEB0
IfnpN5RSOJGG93QY9N6sVligdlBeoG9J7Bby4SkQIbjakwmnf2atqrjiu+x151XE
VaFmCrUdqc6IOqVMZotxxrzv2WDXbMJN/KhJCx/MgTm2fw56wQM0ejMEj29Gnwip
xhCKMsmCqrUkBSg88V1638vZzoM0BMn3UJ4LSIyTbE29ftdhirqQcUIKptDF4tFa
ExWiI2dom09TKkKMw2Kf0AMKOb2eZhEsqZN9zierxWpCqkqf8De22VFw/IIDrTp1
qEPAqf98gXQ8P4LoNIErXd35LDkGyBbkwiHy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:11 2024 by rpki-client on console-ams.rpki-client.org