Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nUTl_ojTj0nGtIa8RjSgw45LxN8.roa
File: nUTl_ojTj0nGtIa8RjSgw45LxN8.roa (raw, json)
Hash identifier: kQvgXrWSKQ21FHfMMgy14WjlV9YRRmjqqpns18UK/uY=
Subject key identifier: 9D:44:E5:FE:88:D3:8F:49:C6:B4:86:BC:46:34:A0:C3:8E:4B:C4:DF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019469EADAC0D2BBB060F22FA2104B8C24E0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nUTl_ojTj0nGtIa8RjSgw45LxN8.roa
Signing time: Wed 15 Jan 2025 12:23:06 +0000
ROA not before: Wed 15 Jan 2025 12:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
103.245.231.0/24 maxlen: 24
185.34.101.0/24 maxlen: 24
185.254.66.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
212.192.16.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 16 Jan 2025 08:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:ea:da:c0:d2:bb:b0:60:f2:2f:a2:10:4b:8c:24:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 15 12:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d44e5fe88d38f49c6b486bc4634a0c38e4bc4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a1:a3:19:a9:7b:c5:d8:22:5f:9a:a3:6a:fb:
2d:80:ea:86:67:15:32:25:65:6e:3b:30:c3:dd:7a:
ad:00:fc:f7:a2:3e:15:7c:90:9a:da:d7:0b:f9:a5:
0a:ef:88:9a:1c:1e:14:40:91:15:59:42:1f:ac:dc:
72:38:92:cc:fb:5e:f0:d1:1c:2a:0e:a6:92:5f:d7:
1d:69:ec:4c:3c:b8:ec:89:dc:5f:73:35:7b:17:ba:
79:fd:c0:6f:bd:52:12:0d:12:0b:fb:e7:bb:86:ec:
1f:0a:b7:7c:fd:d6:6f:1b:c1:17:52:f3:18:c4:ce:
ab:1c:c2:49:2b:86:16:50:73:d0:92:f3:18:70:f9:
ba:c0:db:b0:a3:f1:93:a1:a3:ae:5f:7f:6a:91:12:
2f:e5:96:79:8f:8a:ae:a7:95:7b:a4:31:c0:a4:0a:
57:46:e5:c5:2f:96:7f:62:fd:4f:2b:0c:a5:7c:c6:
d3:a5:ae:e6:3c:ee:28:50:8c:7c:33:95:fc:ab:a5:
36:32:d4:83:a6:85:f6:38:57:ac:b6:48:12:f9:d2:
9c:b8:15:b3:31:cd:6d:51:0b:f1:5c:18:1f:10:72:
61:52:54:97:56:55:37:32:86:44:ea:67:12:72:c5:
8b:0b:bf:33:1a:7e:79:ab:74:ad:49:68:85:ff:53:
ec:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:44:E5:FE:88:D3:8F:49:C6:B4:86:BC:46:34:A0:C3:8E:4B:C4:DF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nUTl_ojTj0nGtIa8RjSgw45LxN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
103.245.231.0/24
185.34.101.0/24
185.254.66.0/24
195.88.89.0/24
212.192.16.0/22
Signature Algorithm: sha256WithRSAEncryption
24:c2:c8:6b:27:8e:4e:b8:82:c8:dc:c0:59:96:79:6d:ba:e6:
1e:8b:67:8c:e2:16:b5:b6:f7:d6:5f:5c:16:c3:dc:7f:96:ed:
50:2d:dc:fe:d7:1f:52:9f:36:8b:82:63:3a:f6:1e:90:f7:ae:
03:e8:f1:63:ca:92:00:a7:14:ac:a6:22:4d:b1:d3:90:45:0f:
a0:87:db:05:18:94:62:ab:78:28:dc:d7:ba:cd:21:5e:bc:5d:
c7:af:3a:f3:40:22:10:0d:47:5a:84:46:96:d9:ab:82:1f:c8:
21:47:9a:d8:ae:6e:43:27:65:69:4f:25:ac:1c:60:9f:bc:bd:
df:61:0f:79:64:73:22:17:93:08:a5:51:dc:94:d1:08:7c:36:
08:08:b0:68:5f:5a:c3:2b:18:e5:49:75:65:d5:1b:a4:71:38:
34:af:1a:74:bb:1f:27:38:b5:87:d6:98:7e:16:8c:22:3d:bc:
ed:73:e2:64:1c:63:bb:aa:4b:97:c2:b4:c5:2d:2b:d5:82:12:
c5:9b:c1:e6:c3:7c:33:b1:f1:95:e2:7e:61:40:fb:ca:27:18:
85:ba:e6:ae:4f:11:b7:52:e5:d1:6c:e2:28:1e:37:00:4e:21:
e3:32:30:05:90:3d:fe:3f:ac:ab:49:8a:2a:7f:45:eb:13:54:
d2:0f:97:eb
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZRp6trA0ruwYPIvohBLjCTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTE1MTIyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQ0ZTVmZTg4ZDM4ZjQ5YzZiNDg2YmM0NjM0YTBjMzhlNGJjNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnaGjGal7xdgiX5qjavstgOqGZxUy
JWVuOzDD3XqtAPz3oj4VfJCa2tcL+aUK74iaHB4UQJEVWUIfrNxyOJLM+17w0Rwq
DqaSX9cdaexMPLjsidxfczV7F7p5/cBvvVISDRIL++e7huwfCrd8/dZvG8EXUvMY
xM6rHMJJK4YWUHPQkvMYcPm6wNuwo/GToaOuX39qkRIv5ZZ5j4qup5V7pDHApApX
RuXFL5Z/Yv1PKwylfMbTpa7mPO4oUIx8M5X8q6U2MtSDpoX2OFestkgS+dKcuBWz
Mc1tUQvxXBgfEHJhUlSXVlU3MoZE6mcScsWLC78zGn55q3StSWiF/1PsXQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJ1E5f6I049JxrSGvEY0oMOOS8TfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvblVUbF9valRqMG5HdElhOFJqU2d3NDVMeE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAXXK3AwQAZ/XnAwQAuSJlAwQAuf5CAwQAw1hZAwQC1MAQMA0GCSqGSIb3
DQEBCwUAA4IBAQAkwshrJ45OuILI3MBZlnltuuYei2eM4ha1tvfWX1wWw9x/lu1Q
Ldz+1x9SnzaLgmM69h6Q964D6PFjypIApxSspiJNsdOQRQ+gh9sFGJRiq3go3Ne6
zSFevF3HrzrzQCIQDUdahEaW2auCH8ghR5rYrm5DJ2VpTyWsHGCfvL3fYQ95ZHMi
F5MIpVHclNEIfDYICLBoX1rDKxjlSXVl1RukcTg0rxp0ux8nOLWH1ph+FowiPbzt
c+JkHGO7qkuXwrTFLSvVghLFm8Hmw3wzsfGV4n5hQPvKJxiFuuauTxG3UuXRbOIo
HjcATiHjMjAFkD3+P6yrSYoqf0XrE1TSD5fr
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:47 2025 by rpki-client