Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/om3YyMDHVrPbLt4vOPk3Y6VC6GA.roa
File: om3YyMDHVrPbLt4vOPk3Y6VC6GA.roa (raw, json)
Hash identifier: BmwBBLfYMc/cqVJRP6E+O5YS8MnjWwzmzrIaQi3oL+o=
Subject key identifier: A2:6D:D8:C8:C0:C7:56:B3:DB:2E:DE:2F:38:F9:37:63:A5:42:E8:60
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0190C05F604CAC452D481592EFD53E0172F1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/om3YyMDHVrPbLt4vOPk3Y6VC6GA.roa
Signing time: Wed 17 Jul 2024 11:06:34 +0000
ROA not before: Wed 17 Jul 2024 11:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.107.101.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.113.57.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jul 2024 17:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:5f:60:4c:ac:45:2d:48:15:92:ef:d5:3e:01:72:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 17 11:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a26dd8c8c0c756b3db2ede2f38f93763a542e860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b6:b4:4c:55:35:5b:d3:f4:4c:53:bf:1b:25:
7f:e9:68:ec:bb:62:08:fc:1b:ce:65:97:94:a4:77:
7b:49:1e:02:c8:d1:a5:4a:74:3c:8f:2b:3f:b3:ae:
b4:49:7d:b0:1b:cc:8d:76:33:37:c7:13:42:73:95:
42:95:bf:5d:19:51:0f:88:b6:e2:99:f2:49:82:e2:
67:50:3d:dc:72:e7:bd:f1:1d:40:0e:13:bb:32:36:
9b:b2:75:9e:57:e7:74:be:75:cc:b0:af:63:8d:7f:
84:45:25:bd:e0:32:a8:fa:19:ed:a0:cd:42:de:2f:
e6:d6:d0:a7:f9:c5:f8:40:d4:79:4e:22:40:3a:97:
63:42:b5:20:3f:55:35:3e:33:09:a1:e9:ee:cd:39:
ef:cf:d0:87:59:0e:0e:6a:c6:3b:c4:28:5c:a5:94:
9a:bb:1d:e0:0b:65:6b:89:23:6b:ed:bf:24:5d:8f:
dc:74:4c:c7:a5:a8:cf:13:26:7a:73:5e:f4:83:a9:
57:75:10:dc:44:6b:1d:b7:7e:6d:92:2d:11:12:15:
be:98:12:d1:84:c5:35:d9:98:78:52:0e:cc:53:d5:
46:18:6c:bf:37:e0:13:88:a1:c8:73:4f:37:bd:d0:
bb:69:7e:77:12:40:b4:ca:72:3f:2f:a8:38:57:92:
05:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6D:D8:C8:C0:C7:56:B3:DB:2E:DE:2F:38:F9:37:63:A5:42:E8:60
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/om3YyMDHVrPbLt4vOPk3Y6VC6GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
86.107.101.0/24
89.34.106.0/24
91.132.51.0/24
93.113.57.0/24
93.114.183.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:91:e8:a0:08:6c:a6:85:02:73:1d:ba:ae:2a:f8:13:93:18:
ed:a7:e2:06:00:46:85:75:63:f2:2a:3f:f9:f2:a6:40:9e:1b:
4b:1d:51:c7:bc:8f:dd:fa:9c:e0:22:1d:3b:6b:e7:7e:f3:91:
8d:ee:bd:7d:01:ea:f5:e2:b8:3e:11:9d:c4:20:fd:a8:fc:dd:
3c:82:32:c7:d7:3b:c4:2e:62:3b:e2:f7:c1:6f:9d:00:12:e8:
2d:19:c9:19:98:d8:cb:28:a1:61:17:ee:ca:2f:fd:fa:53:84:
9c:67:36:55:1a:27:45:0b:ae:04:aa:d9:07:48:8d:54:8d:73:
8c:07:e7:06:89:d2:84:66:12:2e:5b:ea:ee:7b:35:95:70:1f:
f5:17:2d:a1:e4:43:10:dc:b4:80:7e:a3:9a:a6:20:0f:45:0e:
13:34:e9:af:7c:9b:be:86:11:99:cc:94:a8:c8:3a:89:f4:4f:
4b:cc:c9:d3:aa:32:6a:e6:e3:09:83:51:42:40:46:3d:9d:6e:
8d:58:3c:7d:31:3e:c1:fd:e9:43:7d:8f:0a:79:04:bf:33:09:
0d:23:9b:9a:ce:a0:ac:e1:1f:b2:58:ce:56:ee:53:62:ee:b9:
b9:78:0c:72:6e:1c:0c:76:a3:f2:a0:ff:88:1d:97:65:d0:bf:
71:b9:d0:f8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZDAX2BMrEUtSBWS79U+AXLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzE3MTEwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZkZDhjOGMwYzc1NmIzZGIyZWRlMmYzOGY5Mzc2M2E1NDJlODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoba0TFU1W9P0TFO/GyV/6Wjsu2II
/BvOZZeUpHd7SR4CyNGlSnQ8jys/s660SX2wG8yNdjM3xxNCc5VClb9dGVEPiLbi
mfJJguJnUD3ccue98R1ADhO7MjabsnWeV+d0vnXMsK9jjX+ERSW94DKo+hntoM1C
3i/m1tCn+cX4QNR5TiJAOpdjQrUgP1U1PjMJoenuzTnvz9CHWQ4OasY7xChcpZSa
ux3gC2VriSNr7b8kXY/cdEzHpajPEyZ6c170g6lXdRDcRGsdt35tki0REhW+mBLR
hMU12Zh4Ug7MU9VGGGy/N+ATiKHIc083vdC7aX53EkC0ynI/L6g4V5IFTwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKJt2MjAx1az2y7eLzj5N2OlQuhgMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvb20zWXlNREhWclBiTHQ0dk9QazNZNlZDNkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
VmtlAwQAWSJqAwQAW4QzAwQAXXE5AwQAXXK3AwQAvECOAwQA2RMEMA0GCSqGSIb3
DQEBCwUAA4IBAQCOkeigCGymhQJzHbquKvgTkxjtp+IGAEaFdWPyKj/58qZAnhtL
HVHHvI/d+pzgIh07a+d+85GN7r19Aer14rg+EZ3EIP2o/N08gjLH1zvELmI74vfB
b50AEugtGckZmNjLKKFhF+7KL/36U4ScZzZVGidFC64EqtkHSI1UjXOMB+cGidKE
ZhIuW+ruezWVcB/1Fy2h5EMQ3LSAfqOapiAPRQ4TNOmvfJu+hhGZzJSoyDqJ9E9L
zMnTqjJq5uMJg1FCQEY9nW6NWDx9MT7B/elDfY8KeQS/MwkNI5uazqCs4R+yWM5W
7lNi7rm5eAxybhwMdqPyoP+IHZdl0L9xudD4
-----END CERTIFICATE-----
Generated at Thu Jul 18 20:10:51 2024 by rpki-client on console-fra.rpki-client.org