Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/id-cfcFKTqw7kq78_-k18Z0EfIA.roa
File: id-cfcFKTqw7kq78_-k18Z0EfIA.roa (raw, json)
Hash identifier: PozC7F5pmSUmlMarWM01dvsIEGl99sIbw6KGp8m92po=
Subject key identifier: 89:DF:9C:7D:C1:4A:4E:AC:3B:92:AE:FC:FF:E9:35:F1:9D:04:7C:80
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0195030117C0CACCE30491BB99E0C0E616DE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/id-cfcFKTqw7kq78_-k18Z0EfIA.roa
Signing time: Fri 14 Feb 2025 05:49:18 +0000
ROA not before: Fri 14 Feb 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 09:11:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:01:17:c0:ca:cc:e3:04:91:bb:99:e0:c0:e6:16:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89df9c7dc14a4eac3b92aefcffe935f19d047c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e6:7f:b3:26:e0:21:d3:f4:d7:4e:2c:bf:f5:
74:00:ee:1c:7d:e4:f4:41:44:cc:20:4c:e6:6c:dd:
2f:b9:83:42:63:fe:d0:21:de:c8:af:65:64:22:7b:
bc:0f:e5:e7:57:7e:7e:da:64:e0:10:12:b3:46:ec:
6a:3e:fa:c6:b4:05:24:53:20:eb:53:70:d1:e9:23:
76:b6:1d:53:06:8a:75:6d:8c:f1:1c:39:76:ec:8a:
0a:3e:12:3d:4e:84:c1:93:1f:bb:93:30:b2:d2:a6:
31:e1:b5:66:fe:44:b9:87:45:fd:98:c2:65:a2:4e:
7c:6c:f3:b0:5e:e6:65:bf:70:d0:08:6d:07:87:b3:
db:92:a1:7a:a8:2a:10:98:37:ea:18:e1:c9:92:24:
18:74:e6:e1:58:d0:43:bf:b5:75:92:55:65:9a:b3:
be:a1:04:45:18:b3:f6:77:c1:3a:90:8d:6b:d8:87:
c4:49:02:81:bd:cd:d9:2e:68:7f:6a:15:71:3f:65:
20:ad:21:2f:5d:46:b2:8b:3c:8a:89:ad:65:6b:b5:
f9:4b:3e:b6:19:e7:59:23:e0:50:d2:51:8c:5f:80:
42:ad:d2:b6:f0:89:36:82:00:2c:7c:64:90:df:33:
c4:8f:43:12:64:15:64:ff:41:0b:97:1d:fa:bb:62:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DF:9C:7D:C1:4A:4E:AC:3B:92:AE:FC:FF:E9:35:F1:9D:04:7C:80
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/id-cfcFKTqw7kq78_-k18Z0EfIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
193.124.36.0/24
Signature Algorithm: sha256WithRSAEncryption
26:66:4c:16:f2:6a:30:c8:6a:d6:df:d6:ac:d3:e1:b8:8e:a0:
9a:93:97:c8:64:1b:6d:59:08:9a:eb:8c:54:db:9b:ff:c2:c1:
8b:7e:52:1e:e0:b4:99:b0:4e:f3:c9:99:9e:05:4f:79:d1:f9:
89:eb:c1:55:87:a5:e1:bf:a4:a3:8f:a6:76:b7:6c:c7:e8:8f:
44:43:38:2e:55:48:59:41:9a:6b:04:24:58:72:af:47:aa:57:
bf:b3:1b:52:0f:a1:3a:bf:ae:e5:3e:5d:d7:6b:64:ad:ae:cc:
35:82:ce:95:f4:04:8b:ae:fa:3d:a9:f3:c7:05:c0:a5:7e:f3:
55:bb:2c:47:93:84:03:1d:c9:05:3b:06:69:4b:b4:c0:a7:11:
41:d5:86:00:5a:b4:74:8b:4e:8c:41:21:09:ac:3a:56:e4:23:
9c:9b:2e:3f:5e:a6:b9:5b:88:1e:7a:5e:48:8e:53:22:ae:65:
dc:cf:7d:e0:d2:df:3c:19:1c:01:ed:63:6f:8e:4b:ec:07:09:
e5:2c:28:9b:92:e8:fb:c0:26:c0:1d:00:5e:36:7f:fa:32:21:
ac:fd:8f:33:3f:6c:6a:bd:a9:c8:60:2c:ba:77:ea:63:a7:b8:
69:d9:ba:c1:54:a9:12:16:78:bd:81:18:26:b0:7e:2a:cf:dc:
d5:5d:fd:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUDARfAyszjBJG7meDA5hbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjE0MDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRmOWM3ZGMxNGE0ZWFjM2I5MmFlZmNmZmU5MzVmMTlkMDQ3YzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+Z/sybgIdP0104sv/V0AO4cfeT0
QUTMIEzmbN0vuYNCY/7QId7Ir2VkInu8D+XnV35+2mTgEBKzRuxqPvrGtAUkUyDr
U3DR6SN2th1TBop1bYzxHDl27IoKPhI9ToTBkx+7kzCy0qYx4bVm/kS5h0X9mMJl
ok58bPOwXuZlv3DQCG0Hh7PbkqF6qCoQmDfqGOHJkiQYdObhWNBDv7V1klVlmrO+
oQRFGLP2d8E6kI1r2IfESQKBvc3ZLmh/ahVxP2UgrSEvXUayizyKia1la7X5Sz62
GedZI+BQ0lGMX4BCrdK28Ik2ggAsfGSQ3zPEj0MSZBVk/0ELlx36u2LiBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFInfnH3BSk6sO5Ku/P/pNfGdBHyAMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaWQtY2ZjRktUcXc3a3E3OF8tazE4WjBFZklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYe2AwQA
WSJqAwQAXXK3AwQAwXwkMA0GCSqGSIb3DQEBCwUAA4IBAQAmZkwW8mowyGrW39as
0+G4jqCak5fIZBttWQia64xU25v/wsGLflIe4LSZsE7zyZmeBU950fmJ68FVh6Xh
v6Sjj6Z2t2zH6I9EQzguVUhZQZprBCRYcq9Hqle/sxtSD6E6v67lPl3Xa2Strsw1
gs6V9ASLrvo9qfPHBcClfvNVuyxHk4QDHckFOwZpS7TApxFB1YYAWrR0i06MQSEJ
rDpW5COcmy4/Xqa5W4geel5IjlMirmXcz33g0t88GRwB7WNvjkvsBwnlLCibkuj7
wCbAHQBeNn/6MiGs/Y8zP2xqvanIYCy6d+pjp7hp2brBVKkSFni9gRgmsH4qz9zV
Xf0i
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:02:39 2025 by rpki-client