Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xGCqxeUk8jsAcYGduKUKXZWDUco.roa
File: xGCqxeUk8jsAcYGduKUKXZWDUco.roa (raw, json)
Hash identifier: fAVTVurNlEFt1VDOB7IIcPd2EoVtxmh4D8Hv+cepAf0=
Subject key identifier: C4:60:AA:C5:E5:24:F2:3B:00:71:81:9D:B8:A5:0A:5D:95:83:51:CA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193DDFECEABEAA1D30B0B0C92713B1727C6
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xGCqxeUk8jsAcYGduKUKXZWDUco.roa
Signing time: Thu 19 Dec 2024 08:18:03 +0000
ROA not before: Thu 19 Dec 2024 08:18:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
193.228.139.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 11:42:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:fe:ce:ab:ea:a1:d3:0b:0b:0c:92:71:3b:17:27:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 19 08:18:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c460aac5e524f23b0071819db8a50a5d958351ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:39:b4:1f:99:dc:9a:3e:b9:bb:a5:36:0b:88:
93:2a:f0:1d:3d:9c:7d:74:88:16:e6:b0:c0:d8:bd:
8c:8d:1d:1f:3c:5b:d0:d2:b6:f1:c1:f7:3e:98:ed:
8b:4f:d5:05:a6:c2:e7:ab:52:27:43:eb:9d:23:bf:
78:68:6a:c7:d2:40:65:6f:3f:b7:9a:9e:c7:38:07:
1f:d1:1d:c3:21:eb:04:97:5c:f7:e0:f9:ca:64:66:
57:58:06:5b:23:33:aa:fa:5c:2f:6e:b7:61:c5:7b:
fd:f6:cb:1e:da:c2:8c:e8:d7:cb:b9:f1:98:e0:11:
42:1f:44:50:63:0d:91:8c:ab:1f:f0:6e:c6:33:59:
77:d7:ab:a0:e1:c1:1d:39:6a:f3:df:04:a8:14:d3:
94:ed:4e:51:cb:5a:a3:f6:52:0c:7c:f7:bd:d6:a4:
28:a1:b0:f0:bb:e6:2c:93:a7:d4:91:4e:63:08:b1:
9e:fb:ee:de:88:da:a3:fd:b5:53:c0:84:9d:f2:4e:
ba:d5:90:dc:62:e9:b5:3d:78:f2:8c:e8:1f:a8:b2:
e5:64:78:12:be:2c:d1:0b:b9:58:ce:d0:b8:73:3e:
b4:f1:25:80:a3:2a:de:3e:c4:0e:bf:86:f8:50:1b:
f0:fb:fc:8c:d9:ae:c5:60:87:c6:00:b3:dc:86:ed:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:60:AA:C5:E5:24:F2:3B:00:71:81:9D:B8:A5:0A:5D:95:83:51:CA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xGCqxeUk8jsAcYGduKUKXZWDUco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
185.141.216.0/24
185.212.119.0/24
193.228.139.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e4:27:a8:c1:54:81:9f:42:3e:e1:11:17:a0:f7:16:48:79:
77:cc:84:a0:ad:f6:fa:00:28:e4:b3:fc:d9:45:77:fb:77:a8:
3b:7e:ae:34:c2:56:c1:74:3c:79:95:9b:0a:61:19:f9:31:12:
f1:f3:0c:36:53:ca:65:d6:17:38:6a:9f:4a:58:19:ec:29:54:
ca:52:b1:6e:04:d5:b3:b9:a3:01:e4:cd:53:4c:8b:5a:d7:53:
03:9d:20:56:2f:cc:e7:31:0b:f1:46:ec:38:03:58:ac:1e:43:
6e:83:64:91:16:83:62:f0:a8:ff:34:1a:d4:95:47:29:ca:73:
6d:b6:9b:75:3b:bb:12:01:9e:ed:44:ad:0b:7c:10:d9:76:e2:
09:7c:d9:30:1e:33:3a:82:fc:d6:d9:8d:9c:3d:7f:b9:f9:94:
34:20:d6:98:dc:6a:12:d9:1d:97:36:73:34:1e:12:c2:ba:ee:
92:74:95:ac:24:3e:9f:05:91:a0:98:76:f4:8c:f0:60:6f:ad:
85:60:0b:a6:c7:54:52:c9:80:4b:61:e3:b0:68:0d:5b:a3:3a:
cc:8b:0b:8f:3f:75:fa:63:d9:e5:17:8b:34:71:70:95:0f:41:
f6:63:35:de:d0:cd:0c:4b:35:51:c4:59:59:de:3a:15:e6:81:
de:25:5f:05
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZPd/s6r6qHTCwsMknE7FyfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjE5MDgxODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDYwYWFjNWU1MjRmMjNiMDA3MTgxOWRiOGE1MGE1ZDk1ODM1MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjm0H5ncmj65u6U2C4iTKvAdPZx9
dIgW5rDA2L2MjR0fPFvQ0rbxwfc+mO2LT9UFpsLnq1InQ+udI794aGrH0kBlbz+3
mp7HOAcf0R3DIesEl1z34PnKZGZXWAZbIzOq+lwvbrdhxXv99sse2sKM6NfLufGY
4BFCH0RQYw2RjKsf8G7GM1l316ug4cEdOWrz3wSoFNOU7U5Ry1qj9lIMfPe91qQo
obDwu+Ysk6fUkU5jCLGe++7eiNqj/bVTwISd8k661ZDcYum1PXjyjOgfqLLlZHgS
vizRC7lYztC4cz608SWAoyrePsQOv4b4UBvw+/yM2a7FYIfGALPchu00AQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMRgqsXlJPI7AHGBnbilCl2Vg1HKMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveEdDcXhlVWs4anNBY1lHZHVLVUtYWldEVWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYe2AwQA
WSJqAwQAXXK3AwQAuY3YAwQAudR3AwQAweSLAwQAw1hZMA0GCSqGSIb3DQEBCwUA
A4IBAQCW5CeowVSBn0I+4REXoPcWSHl3zISgrfb6ACjks/zZRXf7d6g7fq40wlbB
dDx5lZsKYRn5MRLx8ww2U8pl1hc4ap9KWBnsKVTKUrFuBNWzuaMB5M1TTIta11MD
nSBWL8znMQvxRuw4A1isHkNug2SRFoNi8Kj/NBrUlUcpynNttpt1O7sSAZ7tRK0L
fBDZduIJfNkwHjM6gvzW2Y2cPX+5+ZQ0INaY3GoS2R2XNnM0HhLCuu6SdJWsJD6f
BZGgmHb0jPBgb62FYAumx1RSyYBLYeOwaA1bozrMiwuPP3X6Y9nlF4s0cXCVD0H2
YzXe0M0MSzVRxFlZ3joV5oHeJV8F
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:20 2025 by rpki-client