Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/I8XaGsoAMf1ly1OnELdY6-_zAow.roa
File: I8XaGsoAMf1ly1OnELdY6-_zAow.roa (raw, json)
Hash identifier: 6b5HNs80+d2R0IZ0IvbUUlxWzuA3Cqu1eVU606/iKqo=
Subject key identifier: 23:C5:DA:1A:CA:00:31:FD:65:CB:53:A7:10:B7:58:EB:EF:F3:02:8C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0192F15DFC8C7CA8D86A402117CA55C5D6DE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/I8XaGsoAMf1ly1OnELdY6-_zAow.roa
Signing time: Sun 03 Nov 2024 09:32:01 +0000
ROA not before: Sun 03 Nov 2024 09:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.228.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 13:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f1:5d:fc:8c:7c:a8:d8:6a:40:21:17:ca:55:c5:d6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 3 09:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23c5da1aca0031fd65cb53a710b758ebeff3028c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:68:8d:e9:2e:4a:79:af:e4:aa:8f:e6:a7:e6:
35:3e:08:64:25:f1:30:52:af:f4:97:94:eb:0c:6a:
86:ca:9a:2f:44:d1:13:84:e9:11:8d:96:70:98:c6:
8e:05:48:04:4f:62:7d:aa:c8:27:cc:90:4d:a2:5d:
d9:d6:d8:97:4d:7e:bc:9d:4e:fa:bf:2e:21:8c:fe:
00:f9:b3:0e:4a:46:fd:cd:b4:ca:e6:a0:55:81:99:
63:d3:b3:1e:1d:10:28:0f:6a:59:0c:1b:99:cf:24:
3d:3d:09:1b:c0:3e:d8:97:6a:cf:b2:f7:b6:ad:0d:
f1:ed:60:6a:a0:ec:08:51:19:0b:16:24:41:87:c3:
df:39:88:64:15:12:76:80:17:5a:18:d0:b5:5a:3a:
ec:bc:62:59:9d:8a:b1:91:09:b8:83:63:0f:7b:c3:
e2:ff:43:61:9c:3d:7d:bc:b9:77:d5:cb:a1:23:b5:
d4:9e:6c:e6:70:70:62:89:1b:3f:5c:64:da:3c:2b:
86:ed:9d:8e:a4:99:a9:bb:4e:6d:a0:92:5b:dc:4c:
be:14:41:61:35:57:44:62:e5:8e:e4:a5:43:94:d3:
a4:55:f3:ed:05:e7:30:a0:93:54:bb:ce:1f:3f:78:
6b:70:d0:17:c9:ed:30:54:d2:38:d5:ae:92:d6:3f:
af:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C5:DA:1A:CA:00:31:FD:65:CB:53:A7:10:B7:58:EB:EF:F3:02:8C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/I8XaGsoAMf1ly1OnELdY6-_zAow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
103.245.228.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
19:34:cc:76:78:29:cf:98:09:09:72:88:36:8e:e9:ab:3d:d1:
f2:a5:b0:28:aa:83:13:47:cb:b7:3d:80:7c:6f:6d:49:f4:72:
1d:73:2f:30:b3:f5:48:91:1d:01:9e:d3:41:ef:21:90:c5:3f:
47:6a:79:c8:77:ee:d9:e8:b0:52:3a:1e:52:1f:c0:fe:b6:31:
ca:e3:6d:6a:fe:29:8b:8a:ec:3d:77:0c:6c:67:46:fe:08:00:
17:41:ea:1c:53:04:3d:3c:a6:bc:af:43:b8:60:e7:26:5f:66:
d6:cb:78:d7:b7:07:f5:e2:94:95:1f:d9:3d:69:2d:f0:7f:29:
75:1e:5e:12:00:84:0b:1d:ef:2b:d2:cb:7a:df:82:72:c7:51:
8b:54:9a:6f:4f:9f:2d:3e:4c:1c:1a:4e:58:eb:22:0b:fb:f2:
bf:9f:57:c6:36:d6:70:47:3d:f4:f6:ca:bc:5c:fa:99:4d:e0:
e0:7a:1b:20:f2:89:5d:b7:1d:d1:b9:56:f4:19:13:9e:82:9c:
8a:fe:0a:07:2d:97:85:c3:50:c7:0d:84:9c:ab:3a:f9:e7:8f:
1e:68:d1:87:80:9f:23:9c:67:37:b2:33:6b:1c:2d:53:87:f9:
b2:bd:47:b8:ca:b0:f8:78:9b:cd:a1:da:95:c7:75:8e:3c:a0:
5c:01:fa:9e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLxXfyMfKjYakAhF8pVxdbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTAzMDkzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M1ZGExYWNhMDAzMWZkNjVjYjUzYTcxMGI3NThlYmVmZjMwMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2iN6S5Kea/kqo/mp+Y1PghkJfEw
Uq/0l5TrDGqGypovRNEThOkRjZZwmMaOBUgET2J9qsgnzJBNol3Z1tiXTX68nU76
vy4hjP4A+bMOSkb9zbTK5qBVgZlj07MeHRAoD2pZDBuZzyQ9PQkbwD7Yl2rPsve2
rQ3x7WBqoOwIURkLFiRBh8PfOYhkFRJ2gBdaGNC1WjrsvGJZnYqxkQm4g2MPe8Pi
/0NhnD19vLl31cuhI7XUnmzmcHBiiRs/XGTaPCuG7Z2OpJmpu05toJJb3Ey+FEFh
NVdEYuWO5KVDlNOkVfPtBecwoJNUu84fP3hrcNAXye0wVNI41a6S1j+vVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCPF2hrKADH9ZctTpxC3WOvv8wKMMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSThYYUdzb0FNZjFseTFPbkVMZFk2LV96QW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYe2AwQA
WSJqAwQAXXK3AwQAZ/XkAwQAvECOMA0GCSqGSIb3DQEBCwUAA4IBAQAZNMx2eCnP
mAkJcog2jumrPdHypbAoqoMTR8u3PYB8b21J9HIdcy8ws/VIkR0BntNB7yGQxT9H
annId+7Z6LBSOh5SH8D+tjHK421q/imLiuw9dwxsZ0b+CAAXQeocUwQ9PKa8r0O4
YOcmX2bWy3jXtwf14pSVH9k9aS3wfyl1Hl4SAIQLHe8r0st634Jyx1GLVJpvT58t
PkwcGk5Y6yIL+/K/n1fGNtZwRz309sq8XPqZTeDgehsg8oldtx3RuVb0GROegpyK
/goHLZeFw1DHDYScqzr5548eaNGHgJ8jnGc3sjNrHC1Th/myvUe4yrD4eJvNodqV
x3WOPKBcAfqe
-----END CERTIFICATE-----
Generated at Mon Nov 4 14:58:13 2024 by rpki-client on console-fra.rpki-client.org