Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQR0_r6utnpCAye2QMOxmn97-c8.roa
File: rQR0_r6utnpCAye2QMOxmn97-c8.roa (raw, json)
Hash identifier: 87I5GVq964KBn2tlKU3vEnXyCFFjwo+oOCAE4WtyGZM=
Subject key identifier: AD:04:74:FE:BE:AE:B6:7A:42:03:27:B6:40:C3:B1:9A:7F:7B:F9:CF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01937631B7CE865744AF12DBDE0A32EFB2E2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQR0_r6utnpCAye2QMOxmn97-c8.roa
Signing time: Fri 29 Nov 2024 04:33:10 +0000
ROA not before: Fri 29 Nov 2024 04:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 15:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:31:b7:ce:86:57:44:af:12:db:de:0a:32:ef:b2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 29 04:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0474febeaeb67a420327b640c3b19a7f7bf9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d9:3d:03:c8:12:6f:fc:13:5f:98:ee:7a:6a:
26:75:e5:81:99:c7:a6:5a:d4:7a:76:c0:fb:b0:7c:
f0:a3:08:eb:98:b2:2f:7e:9b:5e:cc:80:80:17:67:
b2:cb:2c:84:42:dc:6a:5d:fa:e3:b0:af:82:68:09:
e5:a8:6e:8c:e3:58:b6:96:31:c6:88:67:45:5d:9b:
dc:7b:f8:2a:9c:1d:df:17:d8:20:41:d4:b3:93:67:
02:c4:ac:35:45:db:29:a7:b4:1b:1b:c9:48:ad:c3:
e2:45:75:eb:e3:0f:02:40:ab:74:9b:40:cf:59:7d:
dc:91:77:3f:57:3d:29:fe:45:46:85:52:cf:9c:ea:
78:31:85:7d:c6:8d:be:bd:73:e5:c5:7f:6c:ff:e7:
fb:61:23:43:a1:37:b0:47:09:3c:ed:77:f5:08:2d:
77:63:f6:25:b1:70:12:f5:73:9f:71:29:d8:49:08:
43:11:e2:fc:5c:b5:f5:4d:19:f5:a4:c5:dd:4b:d7:
4c:4c:a7:3d:27:8a:0b:1c:68:b9:00:a0:81:9b:04:
00:53:ba:ec:28:34:d7:78:e9:84:b5:40:a7:c8:00:
9d:0b:73:0f:ce:0f:65:80:72:c5:2a:11:56:ee:c0:
39:a4:a1:bc:57:69:40:36:74:92:44:3d:f6:7d:52:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:04:74:FE:BE:AE:B6:7A:42:03:27:B6:40:C3:B1:9A:7F:7B:F9:CF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQR0_r6utnpCAye2QMOxmn97-c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
89.34.219.0/24
93.114.183.0/24
185.198.235.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
67:9e:29:20:a2:0d:43:52:a3:12:09:61:74:6d:ed:6b:44:a4:
57:3a:72:de:eb:d6:9b:c9:a1:48:52:ce:89:f4:e0:1d:da:15:
4d:fb:e1:f7:c6:f9:f9:4f:c8:b7:d6:82:34:54:75:4d:b5:eb:
61:5a:f2:17:bd:de:2e:d1:fe:99:13:1f:46:f9:10:98:c8:ef:
8c:30:f5:e7:9c:f5:c3:06:b6:02:c0:30:89:a2:fd:3b:71:c8:
6f:50:24:c8:14:a2:aa:a2:86:77:ab:71:c0:ea:25:e8:5e:ce:
6f:c2:59:1b:46:0b:1a:18:a7:54:3b:1f:91:6e:cf:1d:9a:79:
0a:4d:2d:d1:6e:02:6a:fd:ce:02:ff:50:7f:e1:e0:d0:15:53:
0b:f9:b1:0a:b8:51:03:c5:30:65:c0:02:8d:d8:e0:c2:49:92:
6d:be:2c:b5:77:69:e8:c5:a2:f7:b5:bd:1b:44:7a:3b:f2:ec:
af:05:73:79:09:c8:aa:c0:93:c8:dd:ad:14:be:0a:d7:85:d7:
2e:0c:2f:e2:b1:c6:e4:75:f7:77:b9:3a:15:30:14:66:b1:bc:
b2:dd:b8:22:c8:c0:06:c5:16:7e:9f:9f:64:5f:88:1e:35:f0:
4b:55:37:a6:63:c0:0f:f4:bf:1e:84:d9:84:11:1e:a0:77:d2:
22:26:f7:18
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZN2MbfOhldErxLb3goy77LiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTI5MDQzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA0NzRmZWJlYWViNjdhNDIwMzI3YjY0MGMzYjE5YTdmN2JmOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tk9A8gSb/wTX5juemomdeWBmcem
WtR6dsD7sHzwowjrmLIvfptezICAF2eyyyyEQtxqXfrjsK+CaAnlqG6M41i2ljHG
iGdFXZvce/gqnB3fF9ggQdSzk2cCxKw1Rdspp7QbG8lIrcPiRXXr4w8CQKt0m0DP
WX3ckXc/Vz0p/kVGhVLPnOp4MYV9xo2+vXPlxX9s/+f7YSNDoTewRwk87Xf1CC13
Y/YlsXAS9XOfcSnYSQhDEeL8XLX1TRn1pMXdS9dMTKc9J4oLHGi5AKCBmwQAU7rs
KDTXeOmEtUCnyACdC3MPzg9lgHLFKhFW7sA5pKG8V2lANnSSRD32fVLKuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK0EdP6+rrZ6QgMntkDDsZp/e/nPMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvclFSMF9yNnV0bnBDQXllMlFNT3htbjk3LWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYe2AwQA
WSJqAwQAWSLbAwQAXXK3AwQAucbrAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQBn
nikgog1DUqMSCWF0be1rRKRXOnLe69abyaFIUs6J9OAd2hVN++H3xvn5T8i31oI0
VHVNtethWvIXvd4u0f6ZEx9G+RCYyO+MMPXnnPXDBrYCwDCJov07cchvUCTIFKKq
ooZ3q3HA6iXoXs5vwlkbRgsaGKdUOx+Rbs8dmnkKTS3RbgJq/c4C/1B/4eDQFVML
+bEKuFEDxTBlwAKN2ODCSZJtviy1d2noxaL3tb0bRHo78uyvBXN5CciqwJPI3a0U
vgrXhdcuDC/iscbkdfd3uToVMBRmsbyy3bgiyMAGxRZ+n59kX4geNfBLVTemY8AP
9L8ehNmEER6gd9IiJvcY
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:45 2025 by rpki-client