Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CkpTf6OLyh6j4oDpSvhCTqT0e_0.roa
File: CkpTf6OLyh6j4oDpSvhCTqT0e_0.roa (raw, json)
Hash identifier: 8/2wqQoD5MpWWCJE70PaLuBJS/jZKuyxmgHbupN1998=
Subject key identifier: 0A:4A:53:7F:A3:8B:CA:1E:A3:E2:80:E9:4A:F8:42:4E:A4:F4:7B:FD
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191FFA54CF637C517F5D986559D355D76AB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CkpTf6OLyh6j4oDpSvhCTqT0e_0.roa
Signing time: Tue 17 Sep 2024 11:01:48 +0000
ROA not before: Tue 17 Sep 2024 11:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
45.144.173.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
94.176.214.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 12:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:a5:4c:f6:37:c5:17:f5:d9:86:55:9d:35:5d:76:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 17 11:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a4a537fa38bca1ea3e280e94af8424ea4f47bfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:2a:ab:00:f2:7f:8b:09:cf:28:ef:15:bb:
1f:58:e9:67:01:bf:92:67:74:5e:76:e4:82:d6:40:
c8:ac:7f:1d:74:41:8a:5a:10:39:a8:16:00:b1:ed:
35:8b:ae:fb:76:c5:c0:4b:5d:9b:8f:7a:d8:52:45:
ae:9a:4c:cd:90:93:4b:21:7d:f1:66:d1:90:58:a1:
aa:3d:ba:c7:6b:d8:ae:55:f3:9f:93:41:5e:5b:ca:
4e:9d:57:60:91:67:2d:18:50:ed:02:f3:6a:fe:42:
4b:48:d6:00:80:07:bf:66:df:e2:5e:64:79:c7:c4:
21:80:19:92:a4:a7:aa:05:9a:72:4f:6b:70:71:ef:
9f:d8:3b:dc:d1:40:c7:0c:bc:ec:aa:70:02:87:e9:
37:82:79:a2:c5:c9:73:ef:34:35:b5:ee:1b:71:da:
22:46:95:8b:74:36:b0:d1:51:a1:43:08:a5:73:be:
3b:74:c7:d5:c3:90:7f:4c:51:7c:3b:5a:6e:99:60:
99:eb:0d:5e:3e:6b:06:b5:bd:45:dd:d3:60:4f:b8:
02:f9:f4:de:41:71:78:99:0d:15:73:24:a6:cc:dd:
4a:00:c0:9e:04:b2:7b:2d:7c:64:5f:58:4a:d9:b6:
9b:fe:15:e7:02:26:a4:34:fa:0a:7b:d1:88:90:33:
4d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4A:53:7F:A3:8B:CA:1E:A3:E2:80:E9:4A:F8:42:4E:A4:F4:7B:FD
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CkpTf6OLyh6j4oDpSvhCTqT0e_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
45.144.173.0/24
89.34.106.0/24
91.132.51.0/24
93.114.183.0/24
94.176.214.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:50:bc:c9:11:b7:8a:65:dd:b5:95:aa:c6:b8:6d:d3:df:64:
2e:99:36:e8:27:2e:0d:cf:8e:2f:c0:f3:e4:92:45:a5:c5:87:
e0:c9:a7:f4:24:08:c2:66:8f:8d:1d:e4:75:88:d8:55:61:0d:
d9:ad:ca:30:a1:d9:e2:c6:e4:a7:25:68:e3:04:cb:96:bf:4a:
d3:38:14:ee:c3:95:00:c3:ec:7c:fc:23:ee:f3:9a:37:26:50:
71:3b:00:cb:11:cc:73:a9:f4:5e:b0:c1:5e:ac:e7:0a:97:17:
40:63:e5:1f:71:e4:a4:c6:ac:79:86:64:b4:43:36:f7:68:af:
c3:fc:28:5e:16:a5:0a:74:8a:22:eb:ab:3d:9b:f8:6e:7b:81:
f5:25:ba:26:b2:24:96:64:68:6d:db:a1:fe:c7:75:8a:b0:69:
75:74:2f:c0:8d:e9:89:89:0f:f5:31:c0:ca:cb:22:21:a4:9b:
0d:16:b1:32:b9:36:41:78:39:e6:da:3c:4d:0e:98:23:55:d0:
94:9d:d7:a7:e1:14:c6:c1:c9:40:e2:aa:be:83:2a:c8:29:d0:
d5:46:f3:3b:f7:08:e3:41:8e:bb:f5:dc:02:d2:54:9c:5d:4f:
d3:06:43:8d:ca:b5:71:2f:90:5f:3b:25:be:14:14:fb:1d:36:
19:2f:33:ce
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZH/pUz2N8UX9dmGVZ01XXarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTE3MTEwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTRhNTM3ZmEzOGJjYTFlYTNlMjgwZTk0YWY4NDI0ZWE0ZjQ3YmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryEqqwDyf4sJzyjvFbsfWOlnAb+S
Z3ReduSC1kDIrH8ddEGKWhA5qBYAse01i677dsXAS12bj3rYUkWumkzNkJNLIX3x
ZtGQWKGqPbrHa9iuVfOfk0FeW8pOnVdgkWctGFDtAvNq/kJLSNYAgAe/Zt/iXmR5
x8QhgBmSpKeqBZpyT2twce+f2Dvc0UDHDLzsqnACh+k3gnmixclz7zQ1te4bcdoi
RpWLdDaw0VGhQwilc747dMfVw5B/TFF8O1pumWCZ6w1ePmsGtb1F3dNgT7gC+fTe
QXF4mQ0VcySmzN1KAMCeBLJ7LXxkX1hK2bab/hXnAiakNPoKe9GIkDNNRwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFApKU3+ji8oeo+KA6Ur4Qk6k9Hv9MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQ2twVGY2T0x5aDZqNG9EcFN2aENUcVQwZV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYe2AwQA
LZCtAwQAWSJqAwQAW4QzAwQAXXK3AwQAXrDWAwQA2RMEMA0GCSqGSIb3DQEBCwUA
A4IBAQBbULzJEbeKZd21larGuG3T32QumTboJy4Nz44vwPPkkkWlxYfgyaf0JAjC
Zo+NHeR1iNhVYQ3ZrcowodnixuSnJWjjBMuWv0rTOBTuw5UAw+x8/CPu85o3JlBx
OwDLEcxzqfResMFerOcKlxdAY+UfceSkxqx5hmS0Qzb3aK/D/CheFqUKdIoi66s9
m/hue4H1JbomsiSWZGht26H+x3WKsGl1dC/AjemJiQ/1McDKyyIhpJsNFrEyuTZB
eDnm2jxNDpgjVdCUnden4RTGwclA4qq+gyrIKdDVRvM79wjjQY679dwC0lScXU/T
BkONyrVxL5BfOyW+FBT7HTYZLzPO
-----END CERTIFICATE-----
Generated at Wed Sep 18 15:59:07 2024 by rpki-client on console-fra.rpki-client.org