Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3KIf2rp4QxRNIVPnuFusf0hOACE.roa
File: 3KIf2rp4QxRNIVPnuFusf0hOACE.roa (raw, json)
Hash identifier: 96oX27YLqatRIkHEGslKUyK75MrhJnfe2TWPCtNrhFY=
Subject key identifier: DC:A2:1F:DA:BA:78:43:14:4D:21:53:E7:B8:5B:AC:7F:48:4E:00:21
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018E7940F9BDE727D203683BE06E14F74747
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3KIf2rp4QxRNIVPnuFusf0hOACE.roa
Signing time: Tue 26 Mar 2024 05:34:45 +0000
ROA not before: Tue 26 Mar 2024 05:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.87.120.0/24 maxlen: 24
45.88.12.0/24 maxlen: 24
45.88.14.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
93.115.104.0/24 maxlen: 24
93.115.105.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
93.119.154.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:35:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:40:f9:bd:e7:27:d2:03:68:3b:e0:6e:14:f7:47:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 26 05:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dca21fdaba7843144d2153e7b85bac7f484e0021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c6:4a:90:db:fa:22:14:fb:cb:0e:53:85:3b:
38:c0:6e:89:26:4a:b6:8e:61:53:34:8f:b1:5c:9b:
0a:cd:c4:8d:64:77:00:b1:be:d1:11:e8:16:69:b1:
64:0f:0d:56:fd:fc:f7:23:0f:30:a9:aa:49:76:56:
3d:35:6a:1c:4e:58:e1:cc:92:03:39:80:a1:7f:16:
95:d7:ae:d8:40:e4:09:31:0d:46:90:fa:f1:e2:21:
10:dd:84:b0:ac:f7:02:88:d9:d7:f4:c8:16:b4:e0:
a4:99:2a:cc:5b:2f:7e:b7:52:a4:15:51:1c:10:bb:
79:c8:da:f6:1a:eb:3a:03:07:c5:c7:b1:6b:5e:53:
84:78:45:e5:1a:72:54:e3:a5:03:9a:98:9c:20:81:
8c:fc:b5:d3:7c:d1:c0:26:58:6f:50:a1:64:27:e7:
b7:b3:44:5d:57:87:74:8b:7b:75:bb:b1:a2:80:45:
99:86:48:a7:75:b6:42:5b:73:f1:5a:45:82:47:a7:
34:ed:b7:77:66:b1:fc:15:91:a8:4f:68:14:c6:19:
5a:36:26:f3:ac:ed:74:14:40:4f:59:8c:c8:17:41:
ec:c2:ac:fc:fe:98:50:e7:7c:27:ca:3a:1e:09:fd:
f0:1c:ef:e3:0a:58:c7:1f:67:d4:b4:ef:5a:e4:f5:
09:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A2:1F:DA:BA:78:43:14:4D:21:53:E7:B8:5B:AC:7F:48:4E:00:21
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3KIf2rp4QxRNIVPnuFusf0hOACE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.120.0/24
45.88.12.0/24
45.88.14.0/23
62.192.152.0/24
77.81.100.0/24
77.81.182.0/24
79.110.227.0/24
89.40.36.0/24
89.45.35.0/24
93.115.104.0/22
93.118.36.0/24
93.119.154.0/24
176.223.188.0/24
185.212.119.0/24
188.215.31.0/24
188.241.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:1a:9d:ed:f2:2b:02:6f:17:37:79:d3:5b:47:e9:6a:d7:18:
1f:9b:57:be:b0:14:16:f9:0b:b3:34:51:8e:ff:ab:ab:b3:8e:
ce:57:1f:96:1f:93:ea:a0:b0:71:71:73:f1:70:bc:91:32:55:
ba:64:9b:97:0e:cd:31:f4:90:a3:6c:e8:49:e6:69:91:6f:74:
dd:dd:05:3b:98:3b:58:7a:bb:e6:93:fe:47:35:1f:87:cf:89:
e6:9f:6d:74:d3:ee:bd:83:c3:63:b0:27:00:2c:b5:7c:de:8c:
dc:41:3e:71:4a:a7:62:6c:86:7d:e4:bc:2e:b5:3f:fb:e0:16:
b7:f1:bb:c7:9a:c3:2a:ea:95:b4:3e:1a:56:2f:95:9d:ff:98:
dc:6c:c0:58:f2:d5:c1:81:69:d6:70:3d:8e:da:bb:04:53:6b:
4e:8e:76:a6:a4:04:d9:de:4e:07:f6:f2:ec:d3:a1:e8:de:dd:
15:7e:4f:bd:10:4b:c2:03:07:39:64:0f:1c:24:a2:2b:1d:4a:
df:fe:10:d5:01:78:e4:4f:dd:6f:2e:1d:03:e1:22:59:96:97:
6d:6e:0e:97:d0:b0:e7:71:40:d0:c3:1e:a7:ab:ec:82:a1:df:
3c:e3:1e:02:fd:ce:9d:a4:cf:da:e9:58:57:db:04:1c:e6:48:
66:fe:e6:c8
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY55QPm95yfSA2g74G4U90dHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzI2MDUzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2EyMWZkYWJhNzg0MzE0NGQyMTUzZTdiODViYWM3ZjQ4NGUwMDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8ZKkNv6IhT7yw5ThTs4wG6JJkq2
jmFTNI+xXJsKzcSNZHcAsb7REegWabFkDw1W/fz3Iw8wqapJdlY9NWocTljhzJID
OYChfxaV167YQOQJMQ1GkPrx4iEQ3YSwrPcCiNnX9MgWtOCkmSrMWy9+t1KkFVEc
ELt5yNr2Gus6AwfFx7FrXlOEeEXlGnJU46UDmpicIIGM/LXTfNHAJlhvUKFkJ+e3
s0RdV4d0i3t1u7GigEWZhkindbZCW3PxWkWCR6c07bd3ZrH8FZGoT2gUxhlaNibz
rO10FEBPWYzIF0Hswqz8/phQ53wnyjoeCf3wHO/jCljHH2fUtO9a5PUJrQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFNyiH9q6eEMUTSFT57hbrH9ITgAhMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM0tJZjJycDRReFJOSVZQbnVGdXNmMGhPQUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALVd4AwQA
LVgMAwQBLVgOAwQAPsCYAwQATVFkAwQATVG2AwQAT27jAwQAWSgkAwQAWS0jAwQC
XXNoAwQAXXYkAwQAXXeaAwQAsN+8AwQAudR3AwQAvNcfAwQAvPHdMA0GCSqGSIb3
DQEBCwUAA4IBAQCMGp3t8isCbxc3edNbR+lq1xgfm1e+sBQW+QuzNFGO/6urs47O
Vx+WH5PqoLBxcXPxcLyRMlW6ZJuXDs0x9JCjbOhJ5mmRb3Td3QU7mDtYervmk/5H
NR+Hz4nmn2100+69g8NjsCcALLV83ozcQT5xSqdibIZ95LwutT/74Ba38bvHmsMq
6pW0PhpWL5Wd/5jcbMBY8tXBgWnWcD2O2rsEU2tOjnampATZ3k4H9vLs06Ho3t0V
fk+9EEvCAwc5ZA8cJKIrHUrf/hDVAXjkT91vLh0D4SJZlpdtbg6X0LDncUDQwx6n
q+yCod884x4C/c6dpM/a6VhX2wQc5khm/ubI
-----END CERTIFICATE-----
Generated at Tue Mar 18 00:52:07 2025 by rpki-client