Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/n1hfUR8neIzk9jOPZVZ-brqVMcI.roa
File: n1hfUR8neIzk9jOPZVZ-brqVMcI.roa (raw, json)
Hash identifier: mK8SEbjTgDtbgOjfQrSdHwrVBKTvNWy/NSydHUsabkw=
Subject key identifier: 9F:58:5F:51:1F:27:78:8C:E4:F6:33:8F:65:56:7E:6E:BA:95:31:C2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193583D42DB0BD7E66C7A0F9F9C47D5664C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/n1hfUR8neIzk9jOPZVZ-brqVMcI.roa
Signing time: Sat 23 Nov 2024 08:57:10 +0000
ROA not before: Sat 23 Nov 2024 08:57:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.87.121.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Nov 2024 11:55:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:58:3d:42:db:0b:d7:e6:6c:7a:0f:9f:9c:47:d5:66:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 23 08:57:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f585f511f27788ce4f6338f65567e6eba9531c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:04:f4:14:47:4d:d7:16:d6:c8:40:ba:37:a6:
a1:a1:e2:d0:5a:70:dc:f1:8b:69:5b:ed:f4:f4:2f:
c1:c0:85:85:20:e0:a1:8c:b1:15:0c:b2:17:90:50:
e0:b6:da:45:60:50:87:86:c9:c0:56:31:98:9b:85:
37:b9:47:cb:1f:47:28:d4:7c:43:f4:51:1d:e3:c8:
5e:43:b5:7e:99:02:28:2a:f0:0f:a2:27:77:87:cd:
65:98:f3:34:1c:6f:7f:12:3e:b7:f1:9b:01:98:fa:
f9:37:5c:dd:1d:82:4c:32:03:d6:7a:53:91:03:6c:
71:1a:23:c6:94:74:4b:15:57:bd:2c:67:27:5a:52:
f2:ea:bd:23:86:b1:bd:4a:d4:2a:5e:ea:49:cb:9b:
27:9a:07:5a:c3:71:34:33:d9:ae:3b:a2:6e:bd:53:
c1:0e:7d:d2:2f:e0:12:4c:ce:dc:8a:ce:53:1e:54:
ce:50:18:26:99:46:d1:b6:42:d0:52:82:2a:fa:ea:
0d:1d:b9:ea:b0:dd:23:e7:87:e2:8d:5a:f2:7e:c5:
15:46:37:e1:dd:a6:c6:cf:36:2b:6b:9b:0b:2c:fb:
2b:84:a5:44:2b:35:6b:ec:95:8a:82:e8:1e:de:f2:
04:98:2e:74:9a:c9:08:45:0f:5f:52:a7:ad:cc:d0:
83:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:58:5F:51:1F:27:78:8C:E4:F6:33:8F:65:56:7E:6E:BA:95:31:C2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/n1hfUR8neIzk9jOPZVZ-brqVMcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.121.0/24
45.135.182.0/23
89.34.106.0/24
89.34.219.0/24
89.35.130.0/24
93.114.183.0/24
185.141.216.0/24
185.198.235.0/24
185.254.66.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
17:18:e8:a2:9f:56:94:7c:e0:0a:7c:ac:18:47:86:ba:bc:b0:
1a:30:ef:e0:1b:5a:8c:c3:93:d1:eb:5d:0c:0b:a5:26:e8:29:
12:ec:e5:a2:f6:d5:90:3c:e2:1f:7e:a6:f2:b8:74:bc:f3:c3:
73:ef:1d:6a:50:05:9e:21:a1:ee:23:42:80:9f:fd:df:95:80:
c2:e5:b6:b1:79:e4:2a:2b:5b:39:19:e0:9c:bc:4b:f8:cb:a9:
b9:24:00:11:87:31:b7:2e:91:4f:9e:e5:82:c1:0d:26:1a:4e:
77:8c:94:a7:36:e6:f6:cc:e8:bc:c4:0c:96:4a:a2:68:f4:35:
63:12:48:0f:38:32:8d:31:fe:d4:72:c5:90:1b:1a:90:71:8e:
b9:fa:5f:af:e6:79:40:10:46:d9:f0:91:85:9d:74:fa:28:2c:
18:a5:87:5a:a0:85:f2:dd:f7:26:30:a3:a8:90:87:a1:c3:ba:
cf:56:cf:d7:bd:44:f1:48:37:da:93:f3:30:c6:ab:59:3f:db:
1b:a8:94:ec:b8:52:d9:47:9f:66:13:bb:87:39:ac:bf:c9:cd:
82:cc:27:e6:84:ae:3e:0f:83:99:c9:12:bb:59:8f:e2:6a:11:
64:d3:fa:a4:73:1b:2d:58:56:a5:6f:07:b8:47:c2:8d:c5:11:
12:a1:b5:ba
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNYPULbC9fmbHoPn5xH1WZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTIzMDg1NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjU4NWY1MTFmMjc3ODhjZTRmNjMzOGY2NTU2N2U2ZWJhOTUzMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQT0FEdN1xbWyEC6N6ahoeLQWnDc
8YtpW+309C/BwIWFIOChjLEVDLIXkFDgttpFYFCHhsnAVjGYm4U3uUfLH0co1HxD
9FEd48heQ7V+mQIoKvAPoid3h81lmPM0HG9/Ej638ZsBmPr5N1zdHYJMMgPWelOR
A2xxGiPGlHRLFVe9LGcnWlLy6r0jhrG9StQqXupJy5snmgdaw3E0M9muO6JuvVPB
Dn3SL+ASTM7cis5THlTOUBgmmUbRtkLQUoIq+uoNHbnqsN0j54fijVryfsUVRjfh
3abGzzYra5sLLPsrhKVEKzVr7JWKguge3vIEmC50mskIRQ9fUqetzNCD4wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ9YX1EfJ3iM5PYzj2VWfm66lTHCMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbjFoZlVSOG5lSXprOWpPUFpWWi1icnFWTWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVd5AwQB
LYe2AwQAWSJqAwQAWSLbAwQAWSOCAwQAXXK3AwQAuY3YAwQAucbrAwQAuf5CAwQA
vECOMA0GCSqGSIb3DQEBCwUAA4IBAQAXGOiin1aUfOAKfKwYR4a6vLAaMO/gG1qM
w5PR610MC6Um6CkS7OWi9tWQPOIffqbyuHS888Nz7x1qUAWeIaHuI0KAn/3flYDC
5baxeeQqK1s5GeCcvEv4y6m5JAARhzG3LpFPnuWCwQ0mGk53jJSnNub2zOi8xAyW
SqJo9DVjEkgPODKNMf7UcsWQGxqQcY65+l+v5nlAEEbZ8JGFnXT6KCwYpYdaoIXy
3fcmMKOokIehw7rPVs/XvUTxSDfak/MwxqtZP9sbqJTsuFLZR59mE7uHOay/yc2C
zCfmhK4+D4OZyRK7WY/iahFk0/qkcxstWFalbwe4R8KNxRESobW6
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:23 2025 by rpki-client