Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lkMOukJ-wsiCgLvuWdf0Jq4blqQ.roa
File: lkMOukJ-wsiCgLvuWdf0Jq4blqQ.roa (raw, json)
Hash identifier: eATmSOSa9pEsYpf++wMnW7rynS2fe4tLcFqgUZ0i4bU=
Subject key identifier: 96:43:0E:BA:42:7E:C2:C8:82:80:BB:EE:59:D7:F4:26:AE:1B:96:A4
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018E65A60E5F9A9A7098C917CC9B773311C9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lkMOukJ-wsiCgLvuWdf0Jq4blqQ.roa
Signing time: Fri 22 Mar 2024 10:12:45 +0000
ROA not before: Fri 22 Mar 2024 10:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.180.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.90.74.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 12:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:a6:0e:5f:9a:9a:70:98:c9:17:cc:9b:77:33:11:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 22 10:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96430eba427ec2c88280bbee59d7f426ae1b96a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f5:41:ab:69:09:5a:31:6a:33:ba:57:c5:4c:
84:99:95:27:66:51:25:67:8a:f1:61:63:a7:5e:4d:
02:27:32:84:d2:28:20:6a:7a:67:3e:6a:54:9e:20:
1d:5d:d8:e3:b0:2a:aa:6c:8f:0c:3b:f7:b1:64:be:
25:70:d6:83:cb:ca:8e:04:67:12:f5:a4:d6:8b:66:
a9:e6:4c:a4:ed:ba:f4:76:85:bb:df:89:92:03:fc:
dd:69:00:b6:cc:c5:89:b9:29:25:2d:63:90:2e:a4:
12:22:e9:0d:0b:5b:61:e0:79:83:1d:b5:a6:06:87:
34:f4:79:92:82:70:ce:1e:f9:97:91:0e:7f:7d:0c:
d1:b5:c5:67:34:95:22:76:ea:49:02:3c:11:e6:69:
be:ad:bd:4a:3a:83:d4:2c:dc:cf:40:1f:51:99:b8:
8a:0d:e5:c4:33:46:a0:2e:73:f8:1f:a1:53:40:12:
47:fb:24:9a:fd:35:35:50:ca:47:e2:50:a4:eb:09:
fc:ac:8a:ec:48:2b:2c:f2:24:4f:81:14:b4:2f:f3:
8e:11:1a:13:15:e9:c4:3f:d8:1e:4d:87:bf:53:bc:
a4:dc:66:22:87:b6:d9:64:9f:c4:80:99:fe:f5:29:
96:38:65:93:aa:fd:43:9e:54:b6:24:48:04:9e:3c:
19:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:43:0E:BA:42:7E:C2:C8:82:80:BB:EE:59:D7:F4:26:AE:1B:96:A4
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/lkMOukJ-wsiCgLvuWdf0Jq4blqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.180.0/24
45.135.182.0/23
89.34.106.0/24
93.90.74.0/24
93.114.183.0/24
Signature Algorithm: sha256WithRSAEncryption
66:96:05:e4:e0:6c:47:c2:54:7e:f7:29:ec:06:c1:a5:16:09:
ce:df:bb:0b:83:b6:46:e4:7b:9d:8b:b8:64:72:bd:03:38:1f:
d6:ba:5e:e9:2b:69:1a:06:56:51:ba:2c:3a:4a:e7:b5:15:0f:
f6:ac:76:dc:8e:f4:70:6a:46:28:b2:d8:60:97:00:c0:6e:b3:
6a:8a:8a:90:f3:5a:d3:64:e5:4c:07:0f:95:58:83:4c:09:19:
0c:5a:ac:b2:f8:f8:e5:41:15:92:93:72:e1:e5:f6:9d:bc:07:
03:b6:6a:f9:b4:97:d3:36:db:56:e6:d4:19:b2:f7:8c:3e:fc:
29:da:2e:90:a2:00:79:c4:a9:6f:3c:f4:b7:d3:bb:5f:09:bd:
ac:c2:dd:59:3d:c6:64:b9:7c:8e:49:92:f2:d8:ae:db:02:bb:
17:af:ad:a3:79:6a:be:69:0a:b9:5e:74:3f:dc:7d:1e:c1:57:
ec:35:e3:68:08:fa:4d:19:fd:1c:20:12:5f:b7:06:c9:c5:b4:
6f:03:f8:d9:b8:9a:96:5c:84:65:57:15:69:34:19:4e:17:b3:
b7:1b:9b:4b:3d:89:ed:b2:d5:82:39:61:46:6a:e1:15:ee:6d:
5f:fb:85:88:d5:e3:85:3b:ca:78:65:50:a7:49:ac:c6:18:5a:
ca:ba:c5:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5lpg5fmppwmMkXzJt3MxHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzIyMTAxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQzMGViYTQyN2VjMmM4ODI4MGJiZWU1OWQ3ZjQyNmFlMWI5NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/VBq2kJWjFqM7pXxUyEmZUnZlEl
Z4rxYWOnXk0CJzKE0igganpnPmpUniAdXdjjsCqqbI8MO/exZL4lcNaDy8qOBGcS
9aTWi2ap5kyk7br0doW734mSA/zdaQC2zMWJuSklLWOQLqQSIukNC1th4HmDHbWm
Boc09HmSgnDOHvmXkQ5/fQzRtcVnNJUidupJAjwR5mm+rb1KOoPULNzPQB9RmbiK
DeXEM0agLnP4H6FTQBJH+ySa/TU1UMpH4lCk6wn8rIrsSCss8iRPgRS0L/OOERoT
FenEP9geTYe/U7yk3GYih7bZZJ/EgJn+9SmWOGWTqv1DnlS2JEgEnjwZnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJZDDrpCfsLIgoC77lnX9CauG5akMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbGtNT3VrSi13c2lDZ0x2dVdkZjBKcTRibHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYe0AwQB
LYe2AwQAWSJqAwQAXVpKAwQAXXK3MA0GCSqGSIb3DQEBCwUAA4IBAQBmlgXk4GxH
wlR+9ynsBsGlFgnO37sLg7ZG5Hudi7hkcr0DOB/Wul7pK2kaBlZRuiw6Sue1FQ/2
rHbcjvRwakYosthglwDAbrNqioqQ81rTZOVMBw+VWINMCRkMWqyy+PjlQRWSk3Lh
5fadvAcDtmr5tJfTNttW5tQZsveMPvwp2i6QogB5xKlvPPS307tfCb2swt1ZPcZk
uXyOSZLy2K7bArsXr62jeWq+aQq5XnQ/3H0ewVfsNeNoCPpNGf0cIBJftwbJxbRv
A/jZuJqWXIRlVxVpNBlOF7O3G5tLPYntstWCOWFGauEV7m1f+4WI1eOFO8p4ZVCn
SazGGFrKusX3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org