Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RnXQqOFDgzScrqRnQi_QTqWA0DA.roa
File: RnXQqOFDgzScrqRnQi_QTqWA0DA.roa (raw, json)
Hash identifier: i53ixWEOvt57ZXc54GHU4PKA2iED1WYMY44ddsQ1yb0=
Subject key identifier: 46:75:D0:A8:E1:43:83:34:9C:AE:A4:67:42:2F:D0:4E:A5:80:D0:30
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01905D05C9D92C5D15F0611005AEE4E2B9A9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RnXQqOFDgzScrqRnQi_QTqWA0DA.roa
Signing time: Fri 28 Jun 2024 04:06:18 +0000
ROA not before: Fri 28 Jun 2024 04:06:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 06:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:05:c9:d9:2c:5d:15:f0:61:10:05:ae:e4:e2:b9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 28 04:06:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4675d0a8e14383349caea467422fd04ea580d030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b8:31:b5:7b:32:6f:5a:7c:28:49:22:aa:28:
20:a3:3b:a0:4b:de:7e:63:88:ac:12:02:f9:8b:d6:
f3:d0:b8:32:fe:7d:d5:90:b8:b4:d3:60:63:c1:e6:
58:ca:62:91:b1:9a:16:7f:d3:b2:ba:6e:dd:46:bb:
da:18:ba:1d:96:f2:55:3b:e2:b7:28:16:be:18:cf:
ed:d8:cc:07:48:ca:d1:b0:ba:29:34:14:7b:31:11:
ce:4e:ae:c5:0d:c8:e7:e5:8c:74:90:70:aa:90:e0:
ae:48:c9:d7:4e:ee:fe:ca:5f:db:ca:51:39:13:a6:
05:c8:02:3d:2b:e0:13:04:b6:64:e0:24:3f:41:e7:
cb:b1:d8:b8:ff:8b:7a:62:b7:e9:cf:bc:34:d5:d2:
c1:87:b7:6e:0c:8d:4f:ed:45:f4:4b:59:5e:d1:ea:
1a:da:86:73:ab:46:83:4f:64:3e:7f:2f:80:38:c9:
63:6a:4e:88:6c:82:07:50:df:65:f7:b8:5f:18:bf:
95:ec:4d:31:65:03:87:a2:bd:96:31:6f:16:f9:ab:
78:d2:08:14:8a:1c:70:25:92:c5:bd:09:18:6c:4b:
fc:82:0a:ef:74:7c:31:a5:8a:a5:15:8d:51:d6:c0:
03:8a:e1:05:9e:78:1a:97:d5:40:46:eb:70:46:0a:
0a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:75:D0:A8:E1:43:83:34:9C:AE:A4:67:42:2F:D0:4E:A5:80:D0:30
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RnXQqOFDgzScrqRnQi_QTqWA0DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
86.107.100.0/24
89.34.106.0/24
93.114.183.0/24
176.223.66.0/24
185.198.235.0/24
188.64.142.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
35:41:51:a6:e4:58:e4:f6:b3:33:9c:65:c7:23:47:7d:da:f1:
1c:66:63:d5:eb:c1:0d:fe:a8:cf:5e:7d:3d:b1:70:d0:b3:19:
e4:4b:fb:fa:84:2d:ae:b4:0c:60:b7:8f:5a:6f:dc:5c:77:1b:
7a:7f:7b:9c:46:13:c0:1c:72:89:9d:d1:ff:c1:34:01:70:ab:
a5:29:08:ce:2c:41:ec:8b:15:8c:a6:b2:ad:b2:c4:78:1e:b9:
5f:c6:be:ef:42:6f:b1:28:6c:95:8a:4e:e4:93:6f:dd:74:f1:
5b:52:b3:99:e6:e5:b2:bb:00:00:8e:a3:c4:d5:cb:81:e7:82:
0e:d4:f7:f5:20:2d:ad:c0:d1:ab:9d:54:ff:50:13:28:98:0b:
70:62:39:a2:23:05:3e:cc:40:69:74:a2:5e:20:95:ab:fc:9a:
6b:fb:d5:81:96:4f:b0:e2:88:cd:f6:b2:52:98:7a:c0:5e:e9:
0c:45:cb:3a:f4:9f:06:d8:eb:6a:cc:f7:b2:0a:95:9e:63:7f:
a1:64:79:12:04:db:d3:da:73:bd:fd:fc:4c:6d:bc:7c:ad:ff:
9f:6f:2b:92:24:fe:89:01:37:29:26:1a:a6:65:07:70:7c:b7:
82:1d:5d:c3:f1:9c:d2:d9:85:50:40:66:d1:3a:a8:f7:9b:3b:
ba:e4:eb:91
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZBdBcnZLF0V8GEQBa7k4rmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjI4MDQwNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc1ZDBhOGUxNDM4MzM0OWNhZWE0Njc0MjJmZDA0ZWE1ODBkMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrgxtXsyb1p8KEkiqiggozugS95+
Y4isEgL5i9bz0Lgy/n3VkLi002BjweZYymKRsZoWf9Oyum7dRrvaGLodlvJVO+K3
KBa+GM/t2MwHSMrRsLopNBR7MRHOTq7FDcjn5Yx0kHCqkOCuSMnXTu7+yl/bylE5
E6YFyAI9K+ATBLZk4CQ/QefLsdi4/4t6Yrfpz7w01dLBh7duDI1P7UX0S1le0eoa
2oZzq0aDT2Q+fy+AOMljak6IbIIHUN9l97hfGL+V7E0xZQOHor2WMW8W+at40ggU
ihxwJZLFvQkYbEv8ggrvdHwxpYqlFY1R1sADiuEFnngal9VARutwRgoK9QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEZ10KjhQ4M0nK6kZ0Iv0E6lgNAwMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUm5YUXFPRkRnelNjcnFSblFpX1FUcVdBMERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLYe2AwQA
VmtkAwQAWSJqAwQAXXK3AwQAsN9CAwQAucbrAwQAvECOAwQAvNBnAwQA2RMEMA0G
CSqGSIb3DQEBCwUAA4IBAQA1QVGm5Fjk9rMznGXHI0d92vEcZmPV68EN/qjPXn09
sXDQsxnkS/v6hC2utAxgt49ab9xcdxt6f3ucRhPAHHKJndH/wTQBcKulKQjOLEHs
ixWMprKtssR4Hrlfxr7vQm+xKGyVik7kk2/ddPFbUrOZ5uWyuwAAjqPE1cuB54IO
1Pf1IC2twNGrnVT/UBMomAtwYjmiIwU+zEBpdKJeIJWr/Jpr+9WBlk+w4ojN9rJS
mHrAXukMRcs69J8G2OtqzPeyCpWeY3+hZHkSBNvT2nO9/fxMbbx8rf+fbyuSJP6J
ATcpJhqmZQdwfLeCHV3D8ZzS2YVQQGbROqj3mzu65OuR
-----END CERTIFICATE-----
Generated at Mon Jul 1 09:08:13 2024 by rpki-client on console-fra.rpki-client.org