Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ro9oa1-mjvnaWEdzLtWX70PNSc4.roa
File: ro9oa1-mjvnaWEdzLtWX70PNSc4.roa (raw, json)
Hash identifier: YMJe/T1r/CESTuk3MDpAxvLZ/Q9Bj/C3MaTT4IcJaaI=
Subject key identifier: AE:8F:68:6B:5F:A6:8E:F9:DA:58:47:73:2E:D5:97:EF:43:CD:49:CE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01906D156B69723F3E2E29BA17A9384550ED
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ro9oa1-mjvnaWEdzLtWX70PNSc4.roa
Signing time: Mon 01 Jul 2024 06:57:18 +0000
ROA not before: Mon 01 Jul 2024 06:57:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
176.223.66.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 10:19:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:15:6b:69:72:3f:3e:2e:29:ba:17:a9:38:45:50:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 1 06:57:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae8f686b5fa68ef9da5847732ed597ef43cd49ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:f2:8d:31:30:2e:7d:fb:0b:92:14:7b:42:
99:8c:9d:d6:55:84:af:e0:0b:08:25:af:ba:23:00:
0e:89:71:86:87:d6:11:bd:59:ac:c1:62:94:37:1b:
4f:6c:49:be:fb:22:b9:0c:a5:9c:8c:4a:6c:93:db:
fd:5a:2c:db:96:73:e6:ef:27:3e:4e:5d:ee:aa:2d:
7f:2a:73:56:88:fd:1f:06:13:83:c3:30:be:34:90:
b7:83:41:44:c0:bb:eb:aa:a3:54:97:4d:76:d9:f8:
5b:76:cf:eb:5f:cf:d9:ab:83:34:8f:76:19:4c:d6:
70:d3:d0:e3:53:c4:e1:65:f2:20:9b:0c:c8:e5:9b:
9c:3a:8b:ce:db:d0:7a:c5:75:40:6d:93:73:85:b3:
6f:a8:7f:72:06:ac:88:0f:d4:5f:11:48:94:93:d2:
52:eb:1b:3b:52:57:bb:15:20:28:10:23:a4:da:72:
4b:bf:fa:e0:1e:6a:30:41:ff:51:00:47:2c:ba:1c:
2e:95:52:8e:5a:d5:f2:4b:8b:36:f2:29:78:e0:05:
9a:bc:b7:2b:23:43:60:8e:a6:a3:fd:f5:c3:4a:82:
a0:31:9c:34:77:fa:57:27:a6:77:82:b3:a9:50:3f:
d6:7a:76:af:db:35:1d:56:3e:47:4e:f5:f2:16:50:
fe:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:8F:68:6B:5F:A6:8E:F9:DA:58:47:73:2E:D5:97:EF:43:CD:49:CE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ro9oa1-mjvnaWEdzLtWX70PNSc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
86.107.100.0/24
89.34.106.0/24
93.114.183.0/24
176.223.66.0/24
185.198.235.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8d:f7:10:57:89:6c:6e:dc:7e:b4:21:1f:7e:a1:e7:b1:5a:
f6:03:9b:ca:30:42:82:1f:db:bf:4f:b4:10:24:3e:08:a9:ba:
c0:0f:9c:60:e0:a3:8f:45:6a:9f:5d:2b:d6:cb:09:16:22:03:
94:f9:98:13:d3:c8:c7:a8:0a:c9:8a:cd:87:b6:a0:12:bf:d5:
74:58:3f:6d:c4:f9:ab:26:4a:37:2a:ca:5d:eb:09:cc:7d:d6:
ec:e8:88:3b:87:7a:20:26:5b:4a:ff:c4:ca:f4:e3:9d:f3:c8:
2a:e1:23:74:87:f8:bc:8d:a2:2d:e7:b7:da:d5:51:36:f9:61:
82:88:41:fc:60:93:7b:95:c8:0b:13:40:71:9e:dd:8f:87:f0:
2d:8e:35:df:05:25:96:0c:61:36:59:9c:bd:b8:3f:40:69:20:
33:ce:8b:da:16:28:e5:c7:67:c8:97:99:63:bc:8a:0f:0d:6b:
a3:de:cc:98:b2:1f:1d:8e:1d:31:59:c7:2f:48:a6:90:d4:b4:
04:ac:11:b5:79:77:dd:bb:cb:3c:92:c5:00:ea:22:71:b6:d9:
6e:1f:3c:37:0b:95:93:a5:f6:91:4f:a5:5d:12:4d:cd:32:59:
ca:bf:b8:e4:8e:e5:57:72:39:14:ba:e7:94:80:73:f0:53:a9:
b8:70:d1:88
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZBtFWtpcj8+Lim6F6k4RVDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzAxMDY1NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZThmNjg2YjVmYTY4ZWY5ZGE1ODQ3NzMyZWQ1OTdlZjQzY2Q0OWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI7yjTEwLn37C5IUe0KZjJ3WVYSv
4AsIJa+6IwAOiXGGh9YRvVmswWKUNxtPbEm++yK5DKWcjEpsk9v9WizblnPm7yc+
Tl3uqi1/KnNWiP0fBhODwzC+NJC3g0FEwLvrqqNUl0122fhbds/rX8/Zq4M0j3YZ
TNZw09DjU8ThZfIgmwzI5ZucOovO29B6xXVAbZNzhbNvqH9yBqyID9RfEUiUk9JS
6xs7Ule7FSAoECOk2nJLv/rgHmowQf9RAEcsuhwulVKOWtXyS4s28il44AWavLcr
I0Ngjqaj/fXDSoKgMZw0d/pXJ6Z3grOpUD/Wenav2zUdVj5HTvXyFlD+YQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK6PaGtfpo752lhHcy7Vl+9DzUnOMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcm85b2ExLW1qdm5hV0Vkekx0V1g3MFBOU2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
VmtkAwQAWSJqAwQAXXK3AwQAsN9CAwQAucbrAwQAvECOAwQA2RMEMA0GCSqGSIb3
DQEBCwUAA4IBAQBSjfcQV4lsbtx+tCEffqHnsVr2A5vKMEKCH9u/T7QQJD4IqbrA
D5xg4KOPRWqfXSvWywkWIgOU+ZgT08jHqArJis2HtqASv9V0WD9txPmrJko3Kspd
6wnMfdbs6Ig7h3ogJltK/8TK9OOd88gq4SN0h/i8jaIt57fa1VE2+WGCiEH8YJN7
lcgLE0Bxnt2Ph/AtjjXfBSWWDGE2WZy9uD9AaSAzzovaFijlx2fIl5ljvIoPDWuj
3syYsh8djh0xWccvSKaQ1LQErBG1eXfdu8s8ksUA6iJxttluHzw3C5WTpfaRT6Vd
Ek3NMlnKv7jkjuVXcjkUuueUgHPwU6m4cNGI
-----END CERTIFICATE-----
Generated at Tue Jul 2 12:56:00 2024 by rpki-client on console-ams.rpki-client.org