Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5YV8tm3QQc_GHYyoD5zu7q9axss.roa
File: 5YV8tm3QQc_GHYyoD5zu7q9axss.roa (raw, json)
Hash identifier: F/cWZ0eI6dos6liwm6IfYDNdduiSTKaJfTakMujLWLk=
Subject key identifier: E5:85:7C:B6:6D:D0:41:CF:C6:1D:8C:A8:0F:9C:EE:EE:AF:5A:C6:CB
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01943AC2317FB3174D1FE5FA154FE8B23ABC
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5YV8tm3QQc_GHYyoD5zu7q9axss.roa
Signing time: Mon 06 Jan 2025 08:36:32 +0000
ROA not before: Mon 06 Jan 2025 08:36:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
103.245.229.0/24 maxlen: 24
185.34.101.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 17:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3a:c2:31:7f:b3:17:4d:1f:e5:fa:15:4f:e8:b2:3a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 6 08:36:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5857cb66dd041cfc61d8ca80f9ceeeeaf5ac6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a9:56:fd:3b:60:f3:6a:67:42:80:22:76:56:
bd:c7:6b:c7:e9:c2:6d:45:b3:dc:8b:79:b8:61:40:
95:aa:95:c8:11:44:27:7e:64:d3:d8:17:d0:16:98:
3c:79:6b:80:c5:d9:1a:75:f4:8c:8c:f1:6e:2b:1f:
2e:e6:26:b1:4d:07:3a:06:71:fe:a8:1a:e2:95:7c:
b9:f8:7a:af:81:19:b3:76:f6:45:80:ae:f3:91:00:
85:5f:24:b7:7f:36:ad:a6:86:2e:b1:1e:0a:b3:48:
1f:91:de:36:4f:86:b7:e6:f8:6a:0b:58:36:b6:08:
eb:6c:f4:5a:de:7d:10:9a:e3:fa:60:3f:ec:dc:30:
20:ef:ef:49:9a:48:16:ea:e6:53:1d:c9:eb:ba:75:
8d:e1:72:0f:75:bd:fd:c3:62:80:e0:4e:aa:55:86:
54:7a:62:01:25:78:fb:86:48:07:3f:1d:c5:62:7c:
e0:b1:54:da:de:6d:05:8e:25:1d:52:90:52:23:00:
54:1a:e9:49:db:ca:b3:f5:a9:e6:60:bb:74:91:a5:
82:f4:43:92:16:76:f7:e8:7b:f2:be:dc:88:c3:34:
43:0f:eb:fb:e2:fa:94:fa:4b:e9:ff:87:49:e5:de:
19:be:71:87:f1:2e:57:95:ba:33:84:0a:13:95:20:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:85:7C:B6:6D:D0:41:CF:C6:1D:8C:A8:0F:9C:EE:EE:AF:5A:C6:CB
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5YV8tm3QQc_GHYyoD5zu7q9axss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
103.245.228.0/23
185.34.101.0/24
185.254.66.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b9:8a:d7:44:6e:e2:da:21:b5:c8:1c:bc:81:46:c2:63:b2:
74:25:9e:2a:06:e8:dd:0e:e4:53:3a:3e:29:25:da:91:d8:44:
f7:ce:ea:29:7b:6d:29:e3:97:a7:d9:14:54:33:ff:32:2f:eb:
8c:26:46:70:cd:0f:2c:07:ed:c0:a1:9d:ba:8b:dc:a7:0e:e9:
b6:13:a1:e5:39:37:48:84:0c:a5:a0:c9:a4:c7:0b:e4:ea:7d:
a4:1b:a8:d2:98:56:68:79:0a:74:4f:b9:ae:bc:3d:7f:fd:b4:
5a:85:11:ba:cc:e3:ee:f1:01:da:0d:63:53:94:70:35:ce:0d:
70:b4:84:84:96:ae:b2:dc:dd:d6:bf:b4:92:2f:d1:91:5a:b4:
a6:bb:c4:81:55:23:ea:55:94:58:2e:45:e9:10:31:02:c5:51:
ef:34:ab:0a:ed:9c:3d:2b:0a:e9:00:1e:64:78:27:59:2a:b0:
37:1c:e2:a5:d9:5e:7b:6b:ca:85:78:e4:4e:2d:02:cd:7b:8c:
f3:34:cd:34:4d:4e:95:46:89:d4:10:25:6f:3e:07:72:23:aa:
95:eb:69:75:e4:54:f9:f4:ab:83:a2:71:bf:dc:0c:84:ef:28:
8d:4d:c2:91:ae:1a:ce:86:c7:8a:f9:e9:ea:87:97:7e:bb:03:
7c:b4:fb:5c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQ6wjF/sxdNH+X6FU/osjq8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTA2MDgzNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg1N2NiNjZkZDA0MWNmYzYxZDhjYTgwZjljZWVlZWFmNWFjNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qlW/Ttg82pnQoAidla9x2vH6cJt
RbPci3m4YUCVqpXIEUQnfmTT2BfQFpg8eWuAxdkadfSMjPFuKx8u5iaxTQc6BnH+
qBrilXy5+HqvgRmzdvZFgK7zkQCFXyS3fzatpoYusR4Ks0gfkd42T4a35vhqC1g2
tgjrbPRa3n0QmuP6YD/s3DAg7+9JmkgW6uZTHcnrunWN4XIPdb39w2KA4E6qVYZU
emIBJXj7hkgHPx3FYnzgsVTa3m0FjiUdUpBSIwBUGulJ28qz9anmYLt0kaWC9EOS
Fnb36HvyvtyIwzRDD+v74vqU+kvp/4dJ5d4ZvnGH8S5XlbozhAoTlSCU+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOWFfLZt0EHPxh2MqA+c7u6vWsbLMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNVlWOHRtM1FRY19HSFl5b0Q1enU3cTlheHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYe2AwQA
WSJqAwQAXXK3AwQBZ/XkAwQAuSJlAwQAuf5CAwQAw1hZMA0GCSqGSIb3DQEBCwUA
A4IBAQBNuYrXRG7i2iG1yBy8gUbCY7J0JZ4qBujdDuRTOj4pJdqR2ET3zuope20p
45en2RRUM/8yL+uMJkZwzQ8sB+3AoZ26i9ynDum2E6HlOTdIhAyloMmkxwvk6n2k
G6jSmFZoeQp0T7muvD1//bRahRG6zOPu8QHaDWNTlHA1zg1wtISElq6y3N3Wv7SS
L9GRWrSmu8SBVSPqVZRYLkXpEDECxVHvNKsK7Zw9KwrpAB5keCdZKrA3HOKl2V57
a8qFeOROLQLNe4zzNM00TU6VRonUECVvPgdyI6qV62l15FT59KuDonG/3AyE7yiN
TcKRrhrOhseK+enqh5d+uwN8tPtc
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:41 2025 by rpki-client