Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3gNa9z-ikxAwdtgpgvOHPcjjkU8.roa
File: 3gNa9z-ikxAwdtgpgvOHPcjjkU8.roa (raw, json)
Hash identifier: 49tpmDlPih4pYlmSvtH+OK8G2Nv8coalfT/vQg3YWRA=
Subject key identifier: DE:03:5A:F7:3F:A2:93:10:30:76:D8:29:82:F3:87:3D:C8:E3:91:4F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01920505B8A946F5A35093DC3B5F7A47B0C7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3gNa9z-ikxAwdtgpgvOHPcjjkU8.roa
Signing time: Wed 18 Sep 2024 12:05:13 +0000
ROA not before: Wed 18 Sep 2024 12:05:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
45.144.173.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
94.176.214.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 09:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:05:b8:a9:46:f5:a3:50:93:dc:3b:5f:7a:47:b0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 18 12:05:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de035af73fa293103076d82982f3873dc8e3914f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5e:2c:c5:14:cb:b9:df:c2:b4:99:16:28:82:
77:80:95:47:0a:f6:22:50:36:58:fd:68:2f:17:6e:
64:94:97:3a:ab:5f:e6:67:d1:45:7c:ec:42:bf:8f:
df:90:e0:45:af:42:86:26:a9:e4:3f:4f:80:25:cf:
c3:4d:7b:fa:bf:7b:f4:75:34:77:53:b3:65:5a:ff:
55:b0:f0:88:9d:0d:a6:fe:56:d5:0d:9a:8d:5b:6e:
1b:8f:7b:ed:87:7c:27:13:3c:de:e3:92:b0:10:0b:
72:19:5f:b4:b2:05:94:c6:ac:31:a2:c1:7e:ec:5e:
bd:84:d3:0f:cc:0c:f9:ea:de:c7:39:b7:c9:6b:99:
33:32:72:e8:10:86:3e:2d:43:98:3e:89:56:85:f9:
cb:5f:b9:33:27:2e:a4:9a:85:63:06:99:1b:54:25:
54:2a:90:af:b2:8c:43:6f:7e:12:06:c4:2f:03:59:
c4:16:b6:0d:e5:d6:09:c8:31:c6:1e:63:8f:a3:d4:
ce:20:98:ec:0a:30:7e:e7:5e:2c:b2:b0:6a:13:fc:
77:1c:29:e1:48:44:3d:38:b7:15:3b:bc:b0:fd:cb:
ca:98:21:55:be:79:58:ef:bd:da:b5:27:3a:3b:68:
d2:5a:a9:c5:d3:3d:6f:9a:57:c7:0a:d9:37:42:69:
ea:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:03:5A:F7:3F:A2:93:10:30:76:D8:29:82:F3:87:3D:C8:E3:91:4F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/3gNa9z-ikxAwdtgpgvOHPcjjkU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
45.144.173.0/24
77.81.100.0/24
89.34.106.0/24
91.132.51.0/24
93.114.183.0/24
94.176.214.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ce:94:69:29:97:cd:53:d4:7b:7d:f6:ca:06:7b:a5:b3:15:
e0:41:28:6c:10:de:2f:ad:33:ad:de:a1:e1:22:ef:16:a2:ae:
08:8f:8a:1e:2f:c7:45:00:32:b3:2d:4b:0d:49:4e:56:88:fd:
c0:a8:bf:8e:24:ab:20:6c:2c:25:43:47:5a:10:f9:a7:2f:99:
78:65:f4:e8:09:4b:eb:67:3b:9f:81:7c:4a:d4:23:35:20:e9:
83:da:df:00:41:a1:13:da:18:0e:17:21:d2:70:45:b3:d4:f0:
1f:a7:d6:93:e5:82:e5:b1:6e:6e:dc:8c:4e:bb:ed:0b:56:3e:
c9:93:f1:2b:bf:9c:6a:05:f8:c7:f6:7f:54:ab:55:d0:08:3e:
58:1a:54:a6:68:c8:2e:92:32:4d:81:d4:38:93:2c:0b:d9:53:
a9:4b:51:15:cc:7d:76:3e:cd:ff:c7:de:4a:1a:d8:51:c9:d3:
ff:b2:3c:92:cb:04:69:29:12:90:dd:60:13:19:54:4d:54:bb:
8f:21:5a:a1:cd:5e:43:75:84:c5:f7:eb:26:be:25:22:b7:fd:
1d:e9:b9:0e:9f:b3:11:a1:05:66:7c:a5:be:5b:6a:5d:e0:21:
09:16:20:bb:6a:4d:ab:4c:c2:04:57:a5:91:c7:10:67:71:8f:
27:17:77:7e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZIFBbipRvWjUJPcO196R7DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTE4MTIwNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAzNWFmNzNmYTI5MzEwMzA3NmQ4Mjk4MmYzODczZGM4ZTM5MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl4sxRTLud/CtJkWKIJ3gJVHCvYi
UDZY/WgvF25klJc6q1/mZ9FFfOxCv4/fkOBFr0KGJqnkP0+AJc/DTXv6v3v0dTR3
U7NlWv9VsPCInQ2m/lbVDZqNW24bj3vth3wnEzze45KwEAtyGV+0sgWUxqwxosF+
7F69hNMPzAz56t7HObfJa5kzMnLoEIY+LUOYPolWhfnLX7kzJy6kmoVjBpkbVCVU
KpCvsoxDb34SBsQvA1nEFrYN5dYJyDHGHmOPo9TOIJjsCjB+514ssrBqE/x3HCnh
SEQ9OLcVO7yw/cvKmCFVvnlY773atSc6O2jSWqnF0z1vmlfHCtk3QmnqNQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN4DWvc/opMQMHbYKYLzhz3I45FPMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvM2dOYTl6LWlreEF3ZHRncGd2T0hQY2pqa1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYe2AwQA
LZCtAwQATVFkAwQAWSJqAwQAW4QzAwQAXXK3AwQAXrDWAwQAvECOAwQA2RMEMA0G
CSqGSIb3DQEBCwUAA4IBAQBrzpRpKZfNU9R7ffbKBnulsxXgQShsEN4vrTOt3qHh
Iu8Woq4Ij4oeL8dFADKzLUsNSU5WiP3AqL+OJKsgbCwlQ0daEPmnL5l4ZfToCUvr
ZzufgXxK1CM1IOmD2t8AQaET2hgOFyHScEWz1PAfp9aT5YLlsW5u3IxOu+0LVj7J
k/Erv5xqBfjH9n9Uq1XQCD5YGlSmaMgukjJNgdQ4kywL2VOpS1EVzH12Ps3/x95K
GthRydP/sjySywRpKRKQ3WATGVRNVLuPIVqhzV5DdYTF9+smviUit/0d6bkOn7MR
oQVmfKW+W2pd4CEJFiC7ak2rTMIEV6WRxxBncY8nF3d+
-----END CERTIFICATE-----
Generated at Thu Sep 26 12:31:00 2024 by rpki-client on console-fra.rpki-client.org