Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OZx7mI5Va031Js0yR3mGG1NiaMA.roa
File: OZx7mI5Va031Js0yR3mGG1NiaMA.roa (raw, json)
Hash identifier: tIcWvPlcBR6Ee5DtCa7pHC4KrngFVJsByZF7hGPnG9c=
Subject key identifier: 39:9C:7B:98:8E:55:6B:4D:F5:26:CD:32:47:79:86:1B:53:62:68:C0
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0190BB27C34E839EC511125D07C4E8A5041A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OZx7mI5Va031Js0yR3mGG1NiaMA.roa
Signing time: Tue 16 Jul 2024 10:47:43 +0000
ROA not before: Tue 16 Jul 2024 10:47:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.107.101.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.113.57.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 04:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:27:c3:4e:83:9e:c5:11:12:5d:07:c4:e8:a5:04:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 16 10:47:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=399c7b988e556b4df526cd324779861b536268c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:64:95:8e:0a:a8:6d:ef:5a:95:f8:14:4c:de:
70:c8:37:20:3b:3c:ac:b6:48:50:85:d5:36:80:53:
d5:a3:3d:d2:5a:46:8f:e2:1c:67:05:3d:0c:01:49:
78:66:15:36:4e:03:9a:7c:b6:cc:34:73:3c:a1:68:
ae:e8:cc:c9:1f:35:cf:d2:55:de:d9:67:aa:16:9c:
a3:04:69:fe:17:a4:93:2d:8d:83:87:b0:98:00:a3:
d2:8b:e2:ae:63:ec:00:0f:fb:8a:d1:76:08:54:f7:
ee:5e:56:9b:f9:4a:9f:8d:86:5d:73:c9:95:a5:b5:
e5:df:b9:8d:43:79:60:63:1c:80:a3:64:a1:f6:9e:
13:63:c5:cd:f9:a0:c3:2e:c6:32:55:ea:97:be:fd:
69:b2:6b:79:4c:31:1c:94:c4:17:f1:db:6f:af:8e:
9e:be:db:d0:da:40:d0:d0:ff:d9:6b:fc:7f:a8:96:
7a:fc:50:89:e6:58:d0:d6:d9:d8:a6:f1:d4:a3:54:
ee:15:37:e9:a1:1a:5e:cf:34:9c:44:50:f3:4e:81:
e3:70:28:f3:a7:03:43:76:07:df:61:bc:4f:b8:b4:
7b:b3:d7:e4:a7:8d:c6:42:22:b4:78:02:45:cb:0b:
c3:2d:80:ca:e1:db:f9:98:e3:b5:7b:25:5b:37:aa:
2a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9C:7B:98:8E:55:6B:4D:F5:26:CD:32:47:79:86:1B:53:62:68:C0
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/OZx7mI5Va031Js0yR3mGG1NiaMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
86.107.101.0/24
89.34.106.0/24
91.132.51.0/24
93.113.57.0/24
93.114.183.0/24
185.198.235.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
95:76:84:d4:42:30:c5:54:dc:ae:7f:03:06:3d:b4:a0:04:ab:
8b:15:de:e7:f9:b9:95:c4:44:6c:58:5a:de:49:95:98:f3:c9:
e9:33:a2:b0:fe:7f:56:dc:b7:ae:db:81:b1:f9:bc:f8:cd:2e:
8f:4a:76:15:29:d3:31:12:e9:77:2c:d3:28:d9:6b:6a:75:62:
4c:e2:63:9c:92:7e:a2:42:f5:59:dd:3c:26:ab:c0:33:3c:63:
e0:4e:dd:99:c0:ad:3c:a2:16:69:37:fe:9b:fa:6f:62:36:04:
66:f0:3a:02:6e:54:fe:3d:e5:7f:f8:fb:60:47:41:0e:36:91:
2a:b0:09:6f:96:0f:f3:ab:a0:0e:89:fb:22:ea:07:e2:0e:a0:
e1:c2:2f:b0:2b:5a:94:c0:1b:b6:f7:2c:56:b0:1c:f9:2e:0a:
f6:ce:ca:d8:92:8b:1f:6f:c8:9b:0c:a9:19:49:ce:37:3e:3d:
37:93:31:da:4d:75:6f:e7:55:26:6f:35:e3:3c:da:8f:30:a0:
5b:24:45:6e:f5:76:53:2f:e5:f8:9d:23:b9:ac:14:17:e6:2f:
ea:7f:f0:fd:50:5e:bc:59:51:5b:01:9f:74:d6:b6:15:47:d7:
f7:21:de:cb:8a:16:92:37:98:07:89:e8:2a:d9:b0:03:6a:4e:
00:64:d6:63
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZC7J8NOg57FERJdB8TopQQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzE2MTA0NzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTljN2I5ODhlNTU2YjRkZjUyNmNkMzI0Nzc5ODYxYjUzNjI2OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGSVjgqobe9alfgUTN5wyDcgOzys
tkhQhdU2gFPVoz3SWkaP4hxnBT0MAUl4ZhU2TgOafLbMNHM8oWiu6MzJHzXP0lXe
2WeqFpyjBGn+F6STLY2Dh7CYAKPSi+KuY+wAD/uK0XYIVPfuXlab+UqfjYZdc8mV
pbXl37mNQ3lgYxyAo2Sh9p4TY8XN+aDDLsYyVeqXvv1psmt5TDEclMQX8dtvr46e
vtvQ2kDQ0P/Za/x/qJZ6/FCJ5ljQ1tnYpvHUo1TuFTfpoRpezzScRFDzToHjcCjz
pwNDdgffYbxPuLR7s9fkp43GQiK0eAJFywvDLYDK4dv5mOO1eyVbN6oq8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDmce5iOVWtN9SbNMkd5hhtTYmjAMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvT1p4N21JNVZhMDMxSnMweVIzbUdHMU5pYU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYe2AwQA
VmtlAwQAWSJqAwQAW4QzAwQAXXE5AwQAXXK3AwQAucbrAwQAvECOAwQA2RMEMA0G
CSqGSIb3DQEBCwUAA4IBAQCVdoTUQjDFVNyufwMGPbSgBKuLFd7n+bmVxERsWFre
SZWY88npM6Kw/n9W3Leu24Gx+bz4zS6PSnYVKdMxEul3LNMo2WtqdWJM4mOckn6i
QvVZ3Twmq8AzPGPgTt2ZwK08ohZpN/6b+m9iNgRm8DoCblT+PeV/+PtgR0EONpEq
sAlvlg/zq6AOifsi6gfiDqDhwi+wK1qUwBu29yxWsBz5Lgr2zsrYkosfb8ibDKkZ
Sc43Pj03kzHaTXVv51UmbzXjPNqPMKBbJEVu9XZTL+X4nSO5rBQX5i/qf/D9UF68
WVFbAZ901rYVR9f3Id7LihaSN5gHiegq2bADak4AZNZj
-----END CERTIFICATE-----
Generated at Wed Jul 17 06:41:59 2024 by rpki-client on console-ams.rpki-client.org