Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nE1Xu6tyHaDjdsRs-8B67NU7K7o.roa
File: nE1Xu6tyHaDjdsRs-8B67NU7K7o.roa (raw, json)
Hash identifier: Qj1VLRj9EHdds/SPkq6YB93jx5AzFby5JYggMtexghc=
Subject key identifier: 9C:4D:57:BB:AB:72:1D:A0:E3:76:C4:6C:FB:C0:7A:EC:D5:3B:2B:BA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018E0F7099243E45FC39470CFAF20AD7B9C1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nE1Xu6tyHaDjdsRs-8B67NU7K7o.roa
Signing time: Tue 05 Mar 2024 16:27:01 +0000
ROA not before: Tue 05 Mar 2024 16:27:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.180.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 12:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:70:99:24:3e:45:fc:39:47:0c:fa:f2:0a:d7:b9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 5 16:27:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c4d57bbab721da0e376c46cfbc07aecd53b2bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:79:56:d3:e3:e6:40:16:0e:10:e9:31:75:ea:
c5:3a:0b:62:01:c3:96:6a:cb:b4:ab:c5:8f:ce:23:
b1:06:fe:d3:14:03:ff:af:aa:4f:b0:db:2b:a2:f7:
12:66:35:37:a5:8f:6d:3d:30:87:4c:74:20:e8:0e:
70:1f:84:9b:49:a9:af:9f:f5:61:7e:36:a0:cd:ef:
48:40:bb:95:c6:b6:cc:e8:f5:e0:99:ca:f9:87:ec:
d0:2e:c2:c2:2f:68:10:56:4c:62:de:3a:22:86:b6:
d0:df:50:0c:aa:f2:b7:aa:45:41:df:f2:4a:23:d6:
63:43:b8:9a:b8:04:ac:6e:45:c7:ae:91:d0:68:30:
e2:88:35:27:0a:2f:98:27:d0:1f:db:94:4c:4c:59:
0c:f0:68:8b:00:8a:bc:23:ba:92:ff:bb:34:a0:b8:
f9:22:9f:c3:93:fe:68:b8:76:98:c5:41:46:38:04:
51:00:fd:cd:eb:8e:77:0b:89:43:fc:84:a3:87:46:
10:af:8a:05:ac:6d:78:45:fe:e0:ef:18:60:76:cf:
8f:6f:83:7d:2b:0f:ae:01:47:0e:6e:d0:b7:b9:48:
4c:83:28:79:51:63:e1:0f:95:0c:6e:31:7a:a7:fa:
7f:6c:e3:0b:f6:02:4e:ff:6a:c6:8a:20:be:bf:c2:
6d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4D:57:BB:AB:72:1D:A0:E3:76:C4:6C:FB:C0:7A:EC:D5:3B:2B:BA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nE1Xu6tyHaDjdsRs-8B67NU7K7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.180.0/24
45.135.182.0/24
77.81.182.0/24
89.34.106.0/24
89.35.129.0/24
91.132.50.0/24
93.114.183.0/24
128.0.41.0/24
185.212.119.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
36:93:8c:ab:02:6b:33:41:db:fa:48:fe:75:e3:a3:58:39:fc:
e6:1a:e6:cc:44:6b:47:7e:1e:89:5c:a2:d2:75:a3:35:e1:f3:
83:58:52:53:ae:3b:f5:1d:54:dd:8b:b9:0f:14:0b:a5:f4:c4:
17:67:18:3d:38:f9:d7:e4:13:b3:65:51:20:f4:7f:da:81:6e:
3c:69:42:80:c0:4f:24:ae:07:d7:37:e6:f8:ba:e6:73:40:36:
97:19:07:ab:a7:ea:12:1b:a5:9b:11:ab:8c:68:19:d6:1d:c6:
99:0a:45:57:8f:0b:39:8a:b8:d5:0b:94:72:ad:e6:e7:cc:43:
ea:af:83:a9:82:1f:a4:f6:79:7c:cf:c9:6a:0f:e1:ed:7d:e8:
ca:d0:aa:80:1e:c6:09:57:02:7f:ba:8a:2a:82:8b:97:44:5e:
ec:2a:08:55:d5:d9:e3:79:78:8e:39:c2:37:b4:80:54:2c:5d:
4d:07:bf:db:df:ff:e6:f7:28:95:54:3f:07:1e:03:0b:a4:e8:
d3:50:ac:d0:b8:26:f9:27:20:70:cb:db:db:aa:14:63:b4:ef:
dd:e5:37:e9:c7:61:36:3d:34:2b:d6:ac:5c:fb:0f:1d:c5:48:
88:41:75:b7:16:4f:16:4c:76:ea:1c:39:37:d1:d6:28:c9:48:
b1:2c:7a:8a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY4PcJkkPkX8OUcM+vIK17nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzA1MTYyNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRkNTdiYmFiNzIxZGEwZTM3NmM0NmNmYmMwN2FlY2Q1M2IyYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHlW0+PmQBYOEOkxderFOgtiAcOW
asu0q8WPziOxBv7TFAP/r6pPsNsrovcSZjU3pY9tPTCHTHQg6A5wH4SbSamvn/Vh
fjagze9IQLuVxrbM6PXgmcr5h+zQLsLCL2gQVkxi3joihrbQ31AMqvK3qkVB3/JK
I9ZjQ7iauASsbkXHrpHQaDDiiDUnCi+YJ9Af25RMTFkM8GiLAIq8I7qS/7s0oLj5
Ip/Dk/5ouHaYxUFGOARRAP3N6453C4lD/ISjh0YQr4oFrG14Rf7g7xhgds+Pb4N9
Kw+uAUcObtC3uUhMgyh5UWPhD5UMbjF6p/p/bOML9gJO/2rGiiC+v8JtoQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJxNV7urch2g43bEbPvAeuzVOyu6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbkUxWHU2dHlIYURqZHNScy04QjY3TlU3SzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYe0AwQA
LYe2AwQATVG2AwQAWSJqAwQAWSOBAwQAW4QyAwQAXXK3AwQAgAApAwQAudR3AwQA
vNcfMA0GCSqGSIb3DQEBCwUAA4IBAQA2k4yrAmszQdv6SP5146NYOfzmGubMRGtH
fh6JXKLSdaM14fODWFJTrjv1HVTdi7kPFAul9MQXZxg9OPnX5BOzZVEg9H/agW48
aUKAwE8krgfXN+b4uuZzQDaXGQerp+oSG6WbEauMaBnWHcaZCkVXjws5irjVC5Ry
rebnzEPqr4Opgh+k9nl8z8lqD+HtfejK0KqAHsYJVwJ/uooqgouXRF7sKghV1dnj
eXiOOcI3tIBULF1NB7/b3//m9yiVVD8HHgMLpOjTUKzQuCb5JyBwy9vbqhRjtO/d
5Tfpx2E2PTQr1qxc+w8dxUiIQXW3Fk8WTHbqHDk30dYoyUixLHqK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org