Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z0kXTPx-N5bP2X3D40teKT8mvIo.roa
File: Z0kXTPx-N5bP2X3D40teKT8mvIo.roa (raw, json)
Hash identifier: JHAxRStCdTlwVPwh1bRzX3rzCPoEGzbPiv+OXiiMYrM=
Subject key identifier: 67:49:17:4C:FC:7E:37:96:CF:D9:7D:C3:E3:4B:5E:29:3F:26:BC:8A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01926FEF624738F1E5DD581376734C463373
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z0kXTPx-N5bP2X3D40teKT8mvIo.roa
Signing time: Wed 09 Oct 2024 06:20:12 +0000
ROA not before: Wed 09 Oct 2024 06:20:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.113.255.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
185.141.218.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 15:14:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6f:ef:62:47:38:f1:e5:dd:58:13:76:73:4c:46:33:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 9 06:20:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6749174cfc7e3796cfd97dc3e34b5e293f26bc8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:71:8d:df:c2:e8:ca:78:7d:87:54:6d:58:
cf:42:8d:e7:15:26:b6:3c:58:b0:71:c4:7a:7d:87:
53:fd:90:72:f1:b8:59:de:44:90:66:cb:a1:3c:0e:
26:b9:74:5d:fa:1b:0b:39:e9:71:19:00:10:9f:fc:
5b:23:02:16:69:1f:5b:c9:af:cf:b3:f6:d5:ce:5c:
27:b2:50:ee:4b:37:ef:28:b5:98:18:4e:77:bf:a2:
b5:9a:47:92:f9:bc:0c:fa:1b:14:5c:dd:e1:df:b7:
0a:6e:d5:c1:82:78:57:73:60:75:2c:e9:a0:af:94:
f0:32:ed:1e:93:4f:cd:4a:73:d9:11:89:ae:8e:8d:
4c:f3:a3:db:51:86:a8:f9:51:1a:4c:7d:66:3a:bd:
2f:3e:e8:73:3f:b2:c7:54:dc:9a:f4:0f:0f:dc:6a:
d3:ee:91:44:1d:e0:4b:d2:ac:fe:60:43:ff:af:3b:
d6:9f:72:08:fe:bb:5f:d6:71:a0:03:2c:97:57:d9:
1e:2d:56:ff:2f:ba:ca:2d:12:8c:4a:ba:d4:4a:2b:
73:99:d6:73:00:3b:aa:81:c7:f0:36:d7:1a:f7:fe:
78:6e:89:c5:dd:a8:51:0f:b7:b2:5e:45:5c:cf:f2:
02:bc:2f:d4:5d:6d:03:32:97:95:7a:f4:76:5c:8f:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:49:17:4C:FC:7E:37:96:CF:D9:7D:C3:E3:4B:5E:29:3F:26:BC:8A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Z0kXTPx-N5bP2X3D40teKT8mvIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
91.132.51.0/24
93.113.255.0/24
93.114.183.0/24
94.177.51.0/24
185.141.218.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:f0:08:c0:1f:f4:8a:2a:41:04:ba:fb:c9:5a:6e:db:6b:f7:
c0:62:c2:82:21:b6:da:ad:da:47:4b:2d:a4:01:40:d8:40:37:
9c:8d:86:f6:4f:ea:6e:9e:26:67:2d:26:db:0c:e7:4e:f9:d4:
84:35:d6:62:f6:4a:fb:ba:a2:e3:07:0a:c7:af:ec:98:c2:4a:
0a:f8:f8:80:6d:0c:4b:1e:06:67:26:ee:f0:2e:fe:67:e3:0b:
83:55:3d:2d:4f:9f:f0:ac:76:fd:11:0a:2a:1b:f3:2b:57:fb:
3e:a7:bc:ba:3a:ff:60:8f:09:47:79:bf:d1:f3:56:3c:43:f0:
8c:76:10:62:9b:83:db:ba:a2:7e:f5:00:4d:64:f1:97:63:44:
42:58:d5:4d:16:30:29:06:2f:36:b6:ba:9a:dd:22:69:86:9e:
eb:b1:1f:74:89:20:4a:30:89:62:1e:2b:c8:d9:73:ba:96:06:
7b:8b:a3:89:f0:3a:5a:21:0a:b0:0a:43:01:19:fc:12:6d:a6:
a3:cb:b3:c9:d0:ab:5b:04:f5:a8:f6:21:6d:c8:64:c2:a6:38:
85:d2:98:d4:f4:20:5e:33:a1:2c:c8:b6:8f:1f:19:3e:45:c5:
d8:29:e8:bc:3b:03:b9:2a:76:c3:20:d1:aa:53:bb:fd:c8:e9:
e8:bc:6a:22
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZJv72JHOPHl3VgTdnNMRjNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMDA5MDYyMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ5MTc0Y2ZjN2UzNzk2Y2ZkOTdkYzNlMzRiNWUyOTNmMjZiYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq71xjd/C6Mp4fYdUbVjPQo3nFSa2
PFiwccR6fYdT/ZBy8bhZ3kSQZsuhPA4muXRd+hsLOelxGQAQn/xbIwIWaR9bya/P
s/bVzlwnslDuSzfvKLWYGE53v6K1mkeS+bwM+hsUXN3h37cKbtXBgnhXc2B1LOmg
r5TwMu0ek0/NSnPZEYmujo1M86PbUYao+VEaTH1mOr0vPuhzP7LHVNya9A8P3GrT
7pFEHeBL0qz+YEP/rzvWn3II/rtf1nGgAyyXV9keLVb/L7rKLRKMSrrUSitzmdZz
ADuqgcfwNtca9/54bonF3ahRD7eyXkVcz/ICvC/UXW0DMpeVevR2XI/zEwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGdJF0z8fjeWz9l9w+NLXik/JryKMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWjBrWFRQeC1ONWJQMlgzRDQwdGVLVDhtdklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAW4QzAwQAXXH/AwQAXXK3AwQAXrEzAwQAuY3aAwQAvECOMA0GCSqGSIb3
DQEBCwUAA4IBAQAN8AjAH/SKKkEEuvvJWm7ba/fAYsKCIbbardpHSy2kAUDYQDec
jYb2T+puniZnLSbbDOdO+dSENdZi9kr7uqLjBwrHr+yYwkoK+PiAbQxLHgZnJu7w
Lv5n4wuDVT0tT5/wrHb9EQoqG/MrV/s+p7y6Ov9gjwlHeb/R81Y8Q/CMdhBim4Pb
uqJ+9QBNZPGXY0RCWNVNFjApBi82trqa3SJphp7rsR90iSBKMIliHivI2XO6lgZ7
i6OJ8DpaIQqwCkMBGfwSbaajy7PJ0KtbBPWo9iFtyGTCpjiF0pjU9CBeM6EsyLaP
Hxk+RcXYKei8OwO5KnbDINGqU7v9yOnovGoi
-----END CERTIFICATE-----
Generated at Wed Oct 9 19:11:14 2024 by rpki-client on console-ams.rpki-client.org