Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/n67lGKq01k7r0RHO3xLIDvrMFKQ.roa
File: n67lGKq01k7r0RHO3xLIDvrMFKQ.roa (raw, json)
Hash identifier: +Bz7Z31UV01JSZY0CAHHkkG+Jx1cH34YcE23wsrJB/I=
Subject key identifier: 9F:AE:E5:18:AA:B4:D6:4E:EB:D1:11:CE:DF:12:C8:0E:FA:CC:14:A4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019399252AEFBE00B15154A2E2F56600C277
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/n67lGKq01k7r0RHO3xLIDvrMFKQ.roa
Signing time: Thu 05 Dec 2024 23:26:10 +0000
ROA not before: Thu 05 Dec 2024 23:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 931
IP address blocks: 45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:99:25:2a:ef:be:00:b1:51:54:a2:e2:f5:66:00:c2:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 5 23:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9faee518aab4d64eebd111cedf12c80efacc14a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:64:51:04:a3:91:df:fc:e2:05:0a:38:68:6c:
26:29:da:5f:ae:04:51:f9:92:5c:ba:1e:05:ca:26:
54:b8:0e:f2:f4:4d:4f:30:07:9c:21:6d:05:15:1b:
10:38:a8:c3:6d:ca:0c:d0:09:1b:8f:17:cd:59:0c:
45:2a:96:80:2f:0e:5c:cc:40:65:3a:61:ef:4a:eb:
40:22:84:b6:69:c8:f3:04:9d:12:56:11:19:0f:37:
ab:39:5a:8b:15:6c:38:38:b5:1f:1e:3d:c6:f4:07:
e1:18:2f:7b:52:b9:20:98:51:62:f6:b0:3a:db:56:
ef:ed:bb:6d:8a:36:bd:f9:04:d8:74:22:bd:28:0d:
9d:97:b6:82:36:57:03:07:41:7d:b0:bd:da:65:63:
eb:7a:d2:7d:17:69:c0:38:21:ac:3f:30:9b:93:05:
75:a3:7d:40:e6:7c:b6:2e:2e:e6:9e:ee:11:fa:86:
f4:a8:00:77:05:e0:f7:e2:16:d7:94:a9:f8:04:5f:
11:73:10:57:67:4f:04:61:e1:96:55:8b:f2:9a:89:
ca:a1:ab:ba:c1:39:04:60:6c:3a:06:03:90:6b:7d:
80:23:45:c3:ce:61:a3:7a:03:a9:12:70:69:5d:85:
32:72:43:af:86:22:40:39:a8:1d:6b:60:2f:00:c3:
c9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AE:E5:18:AA:B4:D6:4E:EB:D1:11:CE:DF:12:C8:0E:FA:CC:14:A4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/n67lGKq01k7r0RHO3xLIDvrMFKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
70:d9:61:f8:9b:d4:89:87:b9:da:20:c3:ff:3f:fc:cf:13:ad:
44:a6:3d:df:a9:b5:47:a7:62:de:d5:f8:cd:bc:73:0a:1b:95:
e7:32:70:32:76:82:74:d0:5f:b2:bd:82:ad:ad:7f:d6:a9:c1:
95:3b:b9:e3:a4:41:de:7a:21:ec:fa:82:38:82:44:59:b3:6a:
52:15:bf:00:44:13:39:8c:ea:4d:22:78:a8:f5:52:26:59:ba:
2d:b2:6a:c9:62:a2:f2:0a:35:2a:e1:ca:a3:7d:04:07:e0:57:
f3:d1:e1:4c:eb:50:29:db:ab:47:16:8c:c6:94:14:8a:e1:ca:
d8:04:40:b5:3b:78:ad:7d:46:8a:f6:a7:0f:8f:1f:f9:d7:7e:
38:e1:51:93:da:db:be:04:9e:41:d8:fc:7b:81:cc:f4:21:2c:
67:f6:d7:ae:dc:a4:95:5e:73:1e:03:ed:e4:e3:4a:2a:f3:a0:
27:36:b1:1e:23:ed:f2:0d:d2:9a:24:aa:aa:ee:ad:87:32:26:
6b:09:1b:6e:9a:0e:29:76:8d:24:2d:87:5c:c2:05:7d:56:54:
e5:e5:5b:1c:d6:e3:ee:a7:ca:4f:82:95:95:1a:a5:c3:f0:34:
01:35:ea:67:e0:1c:19:45:57:7d:27:65:36:df:cf:69:ca:67:
af:90:68:59
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZOZJSrvvgCxUVSi4vVmAMJ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMjA1MjMyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFlZTUxOGFhYjRkNjRlZWJkMTExY2VkZjEyYzgwZWZhY2MxNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGRRBKOR3/ziBQo4aGwmKdpfrgRR
+ZJcuh4FyiZUuA7y9E1PMAecIW0FFRsQOKjDbcoM0AkbjxfNWQxFKpaALw5czEBl
OmHvSutAIoS2acjzBJ0SVhEZDzerOVqLFWw4OLUfHj3G9AfhGC97UrkgmFFi9rA6
21bv7bttija9+QTYdCK9KA2dl7aCNlcDB0F9sL3aZWPretJ9F2nAOCGsPzCbkwV1
o31A5ny2Li7mnu4R+ob0qAB3BeD34hbXlKn4BF8RcxBXZ08EYeGWVYvymonKoau6
wTkEYGw6BgOQa32AI0XDzmGjegOpEnBpXYUyckOvhiJAOagda2AvAMPJNwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ+u5RiqtNZO69ERzt8SyA76zBSkMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbjY3bEdLcTAxazdyMFJITzN4TElEdnJNRktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLYsGAwQC
sq3sMAwDBAGyrfIDBAOyrfADBAK8/RwwDQYJKoZIhvcNAQELBQADggEBAHDZYfib
1ImHudogw/8//M8TrUSmPd+ptUenYt7V+M28cwoblecycDJ2gnTQX7K9gq2tf9ap
wZU7ueOkQd56Iez6gjiCRFmzalIVvwBEEzmM6k0ieKj1UiZZui2yasliovIKNSrh
yqN9BAfgV/PR4UzrUCnbq0cWjMaUFIrhytgEQLU7eK19Ror2pw+PH/nXfjjhUZPa
274EnkHY/HuBzPQhLGf2167cpJVecx4D7eTjSirzoCc2sR4j7fIN0pokqqrurYcy
JmsJG26aDil2jSQth1zCBX1WVOXlWxzW4+6nyk+ClZUapcPwNAE16mfgHBlFV30n
ZTbfz2nKZ6+QaFk=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:54:24 2025 by rpki-client