Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KZZfBAqBvSBbXfgR_w7ida9i1jU.roa
File: KZZfBAqBvSBbXfgR_w7ida9i1jU.roa (raw, json)
Hash identifier: 7cuOMxO7mDtJXKVgrSYlu0kEE65ptqZLww6xVFaBXN8=
Subject key identifier: 29:96:5F:04:0A:81:BD:20:5B:5D:F8:11:FF:0E:E2:75:AF:62:D6:35
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191A25B5E97D4DA53E02B063E9E54FACA9A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KZZfBAqBvSBbXfgR_w7ida9i1jU.roa
Signing time: Fri 30 Aug 2024 08:16:22 +0000
ROA not before: Fri 30 Aug 2024 08:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:5b:5e:97:d4:da:53:e0:2b:06:3e:9e:54:fa:ca:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 30 08:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29965f040a81bd205b5df811ff0ee275af62d635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:67:16:2e:4e:27:eb:14:10:08:76:30:e7:3a:
94:1e:02:22:fd:a6:89:fa:95:a7:3d:a0:e3:46:b2:
93:69:83:0d:38:8a:b3:ff:66:13:6a:41:bd:99:62:
e2:91:cc:6c:d6:c9:e2:63:fa:1d:dc:d8:bb:63:55:
cb:17:d8:38:30:d3:11:5b:53:56:40:b6:69:2f:48:
ed:2b:ce:e3:32:f9:c4:03:66:fc:01:fd:f6:08:31:
51:88:1f:f3:76:c7:de:6c:11:5c:d8:59:51:e2:8b:
e8:54:37:43:7b:a1:7f:25:d7:22:74:6e:26:54:f4:
36:26:64:d0:37:06:04:90:6b:74:7c:0b:ad:49:22:
46:4b:f7:df:60:fe:c6:94:ef:14:a2:fd:c9:e4:c1:
cb:ac:08:c3:53:8c:82:27:c0:5d:09:62:8c:97:be:
8d:e8:3f:a9:99:7d:1f:de:16:61:c5:11:e7:04:f7:
e3:68:68:ec:3c:46:30:55:da:50:1b:e7:2a:5d:4b:
46:f3:76:99:89:3c:19:d3:03:d2:5b:97:50:77:39:
0f:db:56:8c:7f:99:d8:ff:6e:7d:13:01:4b:9d:ac:
e6:38:b0:43:2a:6f:2e:bd:3f:04:6b:00:11:fa:cc:
67:a5:ee:35:c0:7d:87:fb:05:d1:fc:83:a0:b9:be:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:5F:04:0A:81:BD:20:5B:5D:F8:11:FF:0E:E2:75:AF:62:D6:35
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/KZZfBAqBvSBbXfgR_w7ida9i1jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.40.70.0/24
93.114.183.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
56:01:92:cc:ee:38:09:16:b5:27:fa:cb:e2:12:95:3a:b5:ad:
10:d8:b5:28:cd:4b:5a:67:d4:5b:85:f2:e5:a5:62:e9:ff:a2:
b4:c0:4a:a4:09:8d:91:67:ff:4b:0c:38:84:41:f7:3f:1f:f7:
91:e9:87:f4:5a:6d:01:3b:87:ce:25:10:b7:de:cc:aa:73:79:
2f:5e:19:c9:05:0b:19:4e:0b:37:8d:60:cc:0a:ec:61:34:ac:
0f:66:5a:d1:0d:15:26:64:e6:4e:18:a5:07:6b:d2:a8:7f:f2:
e3:18:f1:ef:cb:bc:91:50:96:2f:48:01:c2:c1:31:e3:2f:14:
a3:8d:59:c2:c0:50:b2:7d:7e:30:34:8e:6c:88:a7:34:43:2b:
8a:1b:a9:30:c7:73:69:66:68:a9:78:00:07:9d:1d:ba:25:74:
b9:42:2d:bd:9e:9f:28:63:a6:f0:1b:21:2a:1f:93:93:03:d9:
11:98:61:9c:c4:ec:83:94:6b:93:df:27:a8:fb:13:1f:f8:c5:
c1:aa:27:cf:80:33:a7:b0:50:b4:ba:3e:8a:24:ae:ea:93:df:
e2:d9:59:16:25:3b:0f:90:02:cd:4e:46:66:fb:92:1c:c7:87:
96:34:4e:aa:17:30:8b:37:09:25:9d:57:15:cb:e3:29:82:e0:
6e:f8:f4:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZGiW16X1NpT4CsGPp5U+sqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwODMwMDgxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk2NWYwNDBhODFiZDIwNWI1ZGY4MTFmZjBlZTI3NWFmNjJkNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGcWLk4n6xQQCHYw5zqUHgIi/aaJ
+pWnPaDjRrKTaYMNOIqz/2YTakG9mWLikcxs1sniY/od3Ni7Y1XLF9g4MNMRW1NW
QLZpL0jtK87jMvnEA2b8Af32CDFRiB/zdsfebBFc2FlR4ovoVDdDe6F/JdcidG4m
VPQ2JmTQNwYEkGt0fAutSSJGS/ffYP7GlO8Uov3J5MHLrAjDU4yCJ8BdCWKMl76N
6D+pmX0f3hZhxRHnBPfjaGjsPEYwVdpQG+cqXUtG83aZiTwZ0wPSW5dQdzkP21aM
f5nY/259EwFLnazmOLBDKm8uvT8EawAR+sxnpe41wH2H+wXR/IOgub5IrwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCmWXwQKgb0gW134Ef8O4nWvYtY1MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS1paZkJBcUJ2U0JiWGZnUl93N2lkYTlpMWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYe2AwQA
WSJqAwQAWShGAwQAXXK3AwQAvNBnAwQA2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQBW
AZLM7jgJFrUn+sviEpU6ta0Q2LUozUtaZ9RbhfLlpWLp/6K0wEqkCY2RZ/9LDDiE
Qfc/H/eR6Yf0Wm0BO4fOJRC33syqc3kvXhnJBQsZTgs3jWDMCuxhNKwPZlrRDRUm
ZOZOGKUHa9Kof/LjGPHvy7yRUJYvSAHCwTHjLxSjjVnCwFCyfX4wNI5siKc0QyuK
G6kwx3NpZmipeAAHnR26JXS5Qi29np8oY6bwGyEqH5OTA9kRmGGcxOyDlGuT3yeo
+xMf+MXBqifPgDOnsFC0uj6KJK7qk9/i2VkWJTsPkALNTkZm+5Icx4eWNE6qFzCL
NwklnVcVy+MpguBu+PR3
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:49:59 2024 by rpki-client on console-ams.rpki-client.org