Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k-0jhLvLq180UV6uo7ZB7Nq83X4.roa
File: k-0jhLvLq180UV6uo7ZB7Nq83X4.roa (raw, json)
Hash identifier: 3QaXF7v3RrRjBkAc2X7L7DevpVOEZkjs9Fqaohl6XRo=
Subject key identifier: 93:ED:23:84:BB:CB:AB:5F:34:51:5E:AE:A3:B6:41:EC:DA:BC:DD:7E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019422F8D00DFF37252EA85DA2A81D8DA243
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k-0jhLvLq180UV6uo7ZB7Nq83X4.roa
Signing time: Wed 01 Jan 2025 17:45:19 +0000
ROA not before: Wed 01 Jan 2025 17:45:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 06:57:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:f8:d0:0d:ff:37:25:2e:a8:5d:a2:a8:1d:8d:a2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 1 17:45:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93ed2384bbcbab5f34515eaea3b641ecdabcdd7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ca:59:84:92:58:0a:9a:f2:be:ca:41:66:cb:
a7:2f:f3:fb:7a:86:33:d7:17:b1:26:4d:1d:9d:f4:
97:1a:bd:29:ee:9d:93:7d:9d:a2:6a:c3:02:d3:82:
e3:4d:f6:39:fd:1c:3c:ad:6f:80:5b:54:31:09:fa:
8f:30:d9:b2:62:a7:c4:13:20:8c:8f:87:07:14:3a:
29:09:35:2d:a7:38:af:40:9c:0c:0f:6c:e8:e3:d7:
e5:64:9b:af:42:6e:e5:8a:15:d2:b6:46:3a:e5:fa:
34:0a:e2:9d:42:2e:7b:2d:20:f9:9b:bf:49:28:70:
32:1b:ce:74:53:8a:f2:4b:13:f0:d9:b3:b7:1c:f3:
f1:e9:64:e9:01:dc:b0:11:07:bd:a0:db:59:1a:3b:
ac:13:76:72:ef:af:c7:da:f0:2c:9e:c1:97:ed:2a:
52:27:1b:73:92:a2:3b:db:77:e6:60:6c:59:a8:80:
e7:1c:6b:5c:cb:80:d0:a2:56:14:07:17:a5:58:81:
6b:2e:79:ff:9f:0e:9c:91:9f:29:a7:84:f9:42:50:
2a:54:56:ad:4c:3e:22:35:cf:e5:6c:b8:ef:92:a9:
b3:89:f3:a1:d6:a5:54:40:4b:04:95:68:43:a5:c4:
a8:ab:c7:9e:8a:02:3d:8b:b2:71:63:a7:94:8c:05:
17:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:ED:23:84:BB:CB:AB:5F:34:51:5E:AE:A3:B6:41:EC:DA:BC:DD:7E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k-0jhLvLq180UV6uo7ZB7Nq83X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.35.130.0/24
93.114.183.0/24
185.254.66.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b6:42:55:ac:be:90:d5:35:f4:ff:7d:52:a4:1c:f4:98:08:
10:48:ad:11:ba:48:a7:5f:81:c6:af:9e:74:d6:83:2b:0f:ca:
28:f7:42:f6:c0:26:0d:d1:5b:e8:c6:fd:55:c2:a2:0d:3a:a2:
eb:85:af:0d:8d:a3:d8:1e:89:8f:90:68:87:f7:b4:12:10:0a:
c9:ae:d8:cc:98:c4:e1:33:6c:bd:6f:47:ee:ab:4c:7a:dd:f9:
fc:c2:cd:47:c6:7a:00:22:93:06:1e:d7:35:fd:eb:58:f4:61:
db:f8:14:72:fb:ed:6a:37:54:41:42:4f:a8:76:e1:64:6d:ad:
a5:e2:49:54:e9:c0:b3:4a:be:81:1b:c2:81:b5:3d:d4:1f:fa:
98:c0:b0:6b:28:49:33:35:06:6c:62:b5:cb:3f:3e:31:4b:23:
26:6e:17:ab:80:29:ac:fa:cb:8a:f6:93:ca:0d:c1:a3:ba:e7:
76:69:8e:d5:b8:d5:26:54:6c:ab:40:28:bc:2c:1c:14:69:b9:
9d:d6:f3:6f:bd:12:22:07:8e:5a:82:9c:b9:fe:6d:de:7b:f9:
f8:c0:5f:77:f5:94:87:b8:6b:02:6e:87:3c:97:ed:4a:ec:ed:
f6:3f:08:c5:92:7e:41:7c:2c:17:e0:1e:f6:4b:25:26:5f:fb:
ba:0a:68:bd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQi+NAN/zclLqhdoqgdjaJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAxMTc0NTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2VkMjM4NGJiY2JhYjVmMzQ1MTVlYWVhM2I2NDFlY2RhYmNkZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8pZhJJYCpryvspBZsunL/P7eoYz
1xexJk0dnfSXGr0p7p2TfZ2iasMC04LjTfY5/Rw8rW+AW1QxCfqPMNmyYqfEEyCM
j4cHFDopCTUtpzivQJwMD2zo49flZJuvQm7lihXStkY65fo0CuKdQi57LSD5m79J
KHAyG850U4rySxPw2bO3HPPx6WTpAdywEQe9oNtZGjusE3Zy76/H2vAsnsGX7SpS
JxtzkqI723fmYGxZqIDnHGtcy4DQolYUBxelWIFrLnn/nw6ckZ8pp4T5QlAqVFat
TD4iNc/lbLjvkqmzifOh1qVUQEsElWhDpcSoq8eeigI9i7JxY6eUjAUXFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJPtI4S7y6tfNFFerqO2QezavN1+MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvay0wamhMdkxxMTgwVVY2dW83WkI3TnE4M1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYe2AwQA
WSJqAwQAWSOCAwQAXXK3AwQAuf5CAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQAa
tkJVrL6Q1TX0/31SpBz0mAgQSK0RukinX4HGr5501oMrD8oo90L2wCYN0Vvoxv1V
wqINOqLrha8NjaPYHomPkGiH97QSEArJrtjMmMThM2y9b0fuq0x63fn8ws1HxnoA
IpMGHtc1/etY9GHb+BRy++1qN1RBQk+oduFkba2l4klU6cCzSr6BG8KBtT3UH/qY
wLBrKEkzNQZsYrXLPz4xSyMmbhergCms+suK9pPKDcGjuud2aY7VuNUmVGyrQCi8
LBwUabmd1vNvvRIiB45agpy5/m3ee/n4wF939ZSHuGsCboc8l+1K7O32PwjFkn5B
fCwX4B72SyUmX/u6Cmi9
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:18 2025 by rpki-client