Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5hBNlwG4lVM8x9nbenn-rWoPMXU.roa
File: 5hBNlwG4lVM8x9nbenn-rWoPMXU.roa (raw, json)
Hash identifier: fiek0cOzH1LHjSLqpXTwAyaMcxX/37PyzeKArzhm3jI=
Subject key identifier: E6:10:4D:97:01:B8:95:53:3C:C7:D9:DB:7A:79:FE:AD:6A:0F:31:75
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193F97D9C82CC1E25FBADBDC454A9C7BD09
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5hBNlwG4lVM8x9nbenn-rWoPMXU.roa
Signing time: Tue 24 Dec 2024 16:26:19 +0000
ROA not before: Tue 24 Dec 2024 16:26:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
193.228.139.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 15:46:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f9:7d:9c:82:cc:1e:25:fb:ad:bd:c4:54:a9:c7:bd:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 24 16:26:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6104d9701b895533cc7d9db7a79fead6a0f3175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:61:35:8c:d5:f4:4d:bd:e1:0e:39:9b:70:fc:
94:b4:a2:cd:6c:d1:12:40:d6:c5:e2:75:3a:24:9a:
1a:7c:06:4a:4d:72:36:cc:bd:0c:26:85:61:f3:ea:
f7:c7:f5:93:51:aa:99:c0:e1:88:92:70:11:52:eb:
8a:02:74:dd:18:7a:4b:d1:2d:37:25:44:65:0f:31:
09:c2:63:9c:d2:8e:84:9e:e4:e0:2f:76:fa:d2:a2:
13:fb:f8:e5:e0:e9:b1:f5:c3:78:c1:98:eb:54:37:
66:e2:f9:11:ba:91:c8:33:b9:6a:77:4c:59:0b:91:
a7:88:61:38:d1:39:ba:d8:b9:9d:8c:42:42:b0:00:
02:4e:37:6f:bc:67:0a:27:ff:f0:20:27:d5:29:55:
b7:5b:7d:cf:a1:51:17:9d:e7:4c:7a:9a:5d:f4:41:
c6:61:01:b8:c0:1b:21:ae:6c:a8:88:1c:f9:f9:db:
10:fb:1a:5b:71:0c:71:c3:5b:d8:a0:1f:93:24:47:
6b:5d:28:34:46:43:34:80:d5:6a:39:80:a9:fe:da:
d1:0b:69:a1:0d:aa:af:86:fb:55:0b:c4:cd:0c:64:
1a:bc:fd:e1:2f:fe:6f:75:06:21:e6:e6:08:b2:d3:
55:df:81:0f:b7:61:db:b9:b7:ba:4e:00:db:99:15:
b2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:10:4D:97:01:B8:95:53:3C:C7:D9:DB:7A:79:FE:AD:6A:0F:31:75
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5hBNlwG4lVM8x9nbenn-rWoPMXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.35.130.0/24
93.114.183.0/24
185.212.119.0/24
185.254.66.0/24
193.228.139.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:3e:1c:e2:8e:c0:4f:0b:78:3e:f5:a3:05:cc:71:f1:44:41:
08:de:8e:84:84:a5:41:ab:37:30:ac:6b:a9:86:e8:10:de:99:
c0:04:76:9c:5c:85:2f:3e:21:3f:93:20:63:f3:0c:5f:8d:ed:
dc:8f:ff:f0:ad:01:7a:4d:66:54:2f:96:e7:ff:c9:d8:de:78:
db:e8:d7:83:c8:94:9b:37:53:d4:2c:04:fd:1d:af:e6:61:8e:
15:d7:60:92:0d:f9:fd:6e:d4:e6:10:12:0c:26:ab:c5:b8:71:
89:14:01:2d:a4:5a:d9:88:11:75:66:5e:49:9c:11:ac:eb:d0:
8b:cb:21:05:28:fe:72:95:b4:90:ca:64:9f:da:39:a1:0c:ed:
58:6b:e4:dd:cd:d5:46:7a:15:4a:74:e4:58:e6:81:33:f5:49:
31:ec:63:21:9f:8b:d0:4c:9b:4f:ae:58:8d:d1:69:85:24:63:
fc:34:62:1d:ac:49:61:cd:7f:0e:d6:ca:da:05:de:50:92:5e:
36:f9:df:b2:f7:f2:2b:c0:cb:82:eb:77:d2:aa:18:25:18:d4:
81:aa:17:b5:9b:ec:dd:88:6d:d9:26:ed:8e:57:ad:33:da:03:
58:80:6e:5b:c3:ba:4f:7e:a2:86:58:bb:e4:0a:68:62:2b:40:
30:92:14:06
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZP5fZyCzB4l+629xFSpx70JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjI0MTYyNjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjEwNGQ5NzAxYjg5NTUzM2NjN2Q5ZGI3YTc5ZmVhZDZhMGYzMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WE1jNX0Tb3hDjmbcPyUtKLNbNES
QNbF4nU6JJoafAZKTXI2zL0MJoVh8+r3x/WTUaqZwOGIknARUuuKAnTdGHpL0S03
JURlDzEJwmOc0o6EnuTgL3b60qIT+/jl4Omx9cN4wZjrVDdm4vkRupHIM7lqd0xZ
C5GniGE40Tm62LmdjEJCsAACTjdvvGcKJ//wICfVKVW3W33PoVEXnedMeppd9EHG
YQG4wBshrmyoiBz5+dsQ+xpbcQxxw1vYoB+TJEdrXSg0RkM0gNVqOYCp/trRC2mh
DaqvhvtVC8TNDGQavP3hL/5vdQYh5uYIstNV34EPt2Hbube6TgDbmRWydwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOYQTZcBuJVTPMfZ23p5/q1qDzF1MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNWhCTmx3RzRsVk04eDluYmVubi1yV29QTVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAWSOCAwQAXXK3AwQAudR3AwQAuf5CAwQAweSLAwQAw1hZMA0GCSqGSIb3
DQEBCwUAA4IBAQBMPhzijsBPC3g+9aMFzHHxREEI3o6EhKVBqzcwrGuphugQ3pnA
BHacXIUvPiE/kyBj8wxfje3cj//wrQF6TWZUL5bn/8nY3njb6NeDyJSbN1PULAT9
Ha/mYY4V12CSDfn9btTmEBIMJqvFuHGJFAEtpFrZiBF1Zl5JnBGs69CLyyEFKP5y
lbSQymSf2jmhDO1Ya+TdzdVGehVKdORY5oEz9Ukx7GMhn4vQTJtPrliN0WmFJGP8
NGIdrElhzX8O1sraBd5Qkl42+d+y9/IrwMuC63fSqhglGNSBqhe1m+zdiG3ZJu2O
V60z2gNYgG5bw7pPfqKGWLvkCmhiK0AwkhQG
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:44 2025 by rpki-client