Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2oCsAqqZHpAvEt7pPgFzqc6CGEQ.roa
File: 2oCsAqqZHpAvEt7pPgFzqc6CGEQ.roa (raw, json)
Hash identifier: +P8Tx7pjTnKEQ6xxAghEKREjEWfml+hNZxWizUMiXiI=
Subject key identifier: DA:80:AC:02:AA:99:1E:90:2F:12:DE:E9:3E:01:73:A9:CE:82:18:44
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019493D7949E985E237107354C8685D7286B
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2oCsAqqZHpAvEt7pPgFzqc6CGEQ.roa
Signing time: Thu 23 Jan 2025 15:46:06 +0000
ROA not before: Thu 23 Jan 2025 15:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 16:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:d7:94:9e:98:5e:23:71:07:35:4c:86:85:d7:28:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 23 15:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da80ac02aa991e902f12dee93e0173a9ce821844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:51:25:0f:67:d6:48:dc:9a:36:a5:45:33:7b:
c0:a4:90:1b:57:aa:7e:98:34:7c:9f:cd:14:0f:1b:
61:39:a7:68:e9:f4:46:d5:be:ec:d9:6a:9f:6f:9c:
2c:ba:ee:3b:cb:eb:30:e5:75:93:44:8b:a6:98:1f:
0f:9a:38:f6:df:62:e1:e1:7f:4d:19:55:72:64:ff:
74:79:f8:d2:fb:80:f3:b2:ed:a3:4a:0d:cb:05:e0:
ee:35:e8:e8:98:a7:e1:c4:46:fd:f4:cc:7e:fb:b6:
ca:e3:4e:fc:4c:11:13:52:a6:68:98:3e:3a:ae:c1:
8e:9e:7e:95:05:db:5e:31:5d:63:d2:20:33:01:22:
78:4c:62:15:e4:8a:59:3f:8a:d2:3c:8c:7c:d6:b8:
cb:8b:4b:55:bf:7d:0b:3c:7b:9a:c9:84:71:e4:d1:
ed:aa:26:e9:3f:cb:be:c9:90:9c:4e:3c:25:d3:67:
f5:60:2d:c0:62:f1:92:5f:b9:a2:c3:bc:d8:6f:a5:
82:9e:ef:1c:46:bf:f7:25:cd:23:a9:3f:92:b9:4c:
54:8f:d1:37:f1:8e:4e:05:ec:0d:d9:9c:ed:e7:26:
54:a8:12:37:c1:44:9c:48:79:e3:1a:3b:20:d0:e2:
f3:32:94:f2:e7:5a:ed:be:dc:83:f3:54:bb:4d:ea:
44:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:80:AC:02:AA:99:1E:90:2F:12:DE:E9:3E:01:73:A9:CE:82:18:44
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2oCsAqqZHpAvEt7pPgFzqc6CGEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
185.254.66.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a5:21:32:07:0a:77:8b:ca:43:ea:11:43:b5:e1:35:e2:9b:
60:25:8c:cc:b3:bc:90:ab:bf:2c:53:b8:f7:a8:1a:7e:41:d9:
84:09:52:79:09:bf:32:27:76:2e:53:b3:72:2b:c6:74:5e:c2:
56:50:c5:e3:23:97:78:9b:0f:00:b6:21:33:dd:c1:16:9f:64:
94:e3:f9:f6:f2:13:c6:22:b2:be:34:36:9e:b2:72:7f:fd:76:
46:ba:d5:24:43:9d:af:13:83:79:f2:16:2d:29:28:6c:63:78:
bd:37:41:fe:83:a4:b1:1e:50:70:c0:6c:b3:5c:f8:c7:ad:0d:
24:dd:40:38:88:0f:ab:6c:1e:96:99:70:aa:dd:b6:5d:63:a7:
66:92:e9:68:d8:f5:ea:1a:f6:93:ca:2b:15:3c:03:d8:f7:96:
32:70:d5:37:9f:ea:b2:20:1e:d7:d9:22:39:f8:ca:ba:1a:e4:
77:bd:ae:d7:6a:af:ef:1f:68:10:bf:43:2e:19:45:c5:4e:ba:
d7:0f:3a:aa:a4:8a:80:d8:9f:89:c2:89:dc:5b:66:43:d9:6f:
d2:1b:64:4f:16:02:b6:ed:fb:e5:62:e0:52:ef:43:98:3e:c4:
40:38:b0:f4:bf:7b:6c:bb:27:85:d6:2f:83:6f:4c:aa:02:6a:
e0:bc:b0:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZST15SemF4jcQc1TIaF1yhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTIzMTU0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTgwYWMwMmFhOTkxZTkwMmYxMmRlZTkzZTAxNzNhOWNlODIxODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1ElD2fWSNyaNqVFM3vApJAbV6p+
mDR8n80UDxthOado6fRG1b7s2Wqfb5wsuu47y+sw5XWTRIummB8Pmjj232Lh4X9N
GVVyZP90efjS+4Dzsu2jSg3LBeDuNejomKfhxEb99Mx++7bK4078TBETUqZomD46
rsGOnn6VBdteMV1j0iAzASJ4TGIV5IpZP4rSPIx81rjLi0tVv30LPHuayYRx5NHt
qibpP8u+yZCcTjwl02f1YC3AYvGSX7miw7zYb6WCnu8cRr/3Jc0jqT+SuUxUj9E3
8Y5OBewN2Zzt5yZUqBI3wUScSHnjGjsg0OLzMpTy51rtvtyD81S7TepE+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqArAKqmR6QLxLe6T4Bc6nOghhEMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMm9Dc0FxcVpIcEF2RXQ3cFBnRnpxYzZDR0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYe2AwQA
WSJqAwQAXXK3AwQAuf5CAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQAQpSEyBwp3
i8pD6hFDteE14ptgJYzMs7yQq78sU7j3qBp+QdmECVJ5Cb8yJ3YuU7NyK8Z0XsJW
UMXjI5d4mw8AtiEz3cEWn2SU4/n28hPGIrK+NDaesnJ//XZGutUkQ52vE4N58hYt
KShsY3i9N0H+g6SxHlBwwGyzXPjHrQ0k3UA4iA+rbB6WmXCq3bZdY6dmkulo2PXq
GvaTyisVPAPY95YycNU3n+qyIB7X2SI5+Mq6GuR3va7Xaq/vH2gQv0MuGUXFTrrX
DzqqpIqA2J+JwoncW2ZD2W/SG2RPFgK27fvlYuBS70OYPsRAOLD0v3tsuyeF1i+D
b0yqAmrgvLBL
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:42 2025 by rpki-client