Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/SoXWwZsxo5TlI3m6BF1VkzEbVyU.roa
File: SoXWwZsxo5TlI3m6BF1VkzEbVyU.roa (raw, json)
Hash identifier: NkZiMfHb5pUWHPPdnGpOSrLLkfPCnmafqMZ/Fer9iZ4=
Subject key identifier: 4A:85:D6:C1:9B:31:A3:94:E5:23:79:BA:04:5D:55:93:31:1B:57:25
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 018E188F3237A8929D69CAB52EEC40657A33
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/SoXWwZsxo5TlI3m6BF1VkzEbVyU.roa
Signing time: Thu 07 Mar 2024 10:57:01 +0000
ROA not before: Thu 07 Mar 2024 10:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57391
IP address blocks: 45.140.28.0/23 maxlen: 23
45.140.30.0/23 maxlen: 23
185.46.0.0/23 maxlen: 23
185.46.2.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 08 Mar 2024 06:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:8f:32:37:a8:92:9d:69:ca:b5:2e:ec:40:65:7a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Mar 7 10:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a85d6c19b31a394e52379ba045d5593311b5725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:22:b7:0f:b6:97:7a:29:9d:15:b8:37:24:08:
60:05:df:f8:a6:9a:8c:21:c3:08:44:57:34:ad:92:
d1:d5:8e:23:c3:27:85:58:44:14:6d:be:94:28:7c:
86:76:84:be:32:86:e8:ba:5d:69:bd:ac:35:d7:21:
7d:6d:86:ae:05:b8:5b:ab:b7:61:03:c3:c2:02:10:
62:99:c3:dd:bb:d1:ac:70:ff:d2:05:20:54:00:e7:
7b:20:db:2e:13:f4:32:4b:f1:9b:e6:7c:78:4a:e2:
91:77:48:87:a2:d1:d6:a9:eb:6a:fc:9b:78:2b:9d:
e3:7d:ab:a8:4c:ad:0b:53:98:27:85:e2:e0:39:14:
aa:56:f3:bf:5b:a2:60:88:3d:88:0e:cd:ed:ab:57:
22:e8:6e:8d:bb:04:c0:fb:d1:41:93:09:4d:97:0f:
09:22:b3:0a:ff:5e:11:e0:29:14:86:1e:70:31:5a:
c2:88:84:de:c8:b3:d9:c1:87:a3:02:0b:c2:fd:3b:
c4:7b:58:bf:31:1a:a1:c3:3a:05:84:d0:7b:4c:f6:
a2:9c:ce:2a:9e:12:74:27:19:51:12:53:60:0c:d0:
a2:a6:30:9c:81:ac:00:34:15:cb:39:a6:90:6e:b1:
8f:5c:4b:90:b8:bd:6c:a3:da:48:74:29:59:75:01:
da:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:85:D6:C1:9B:31:A3:94:E5:23:79:BA:04:5D:55:93:31:1B:57:25
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/SoXWwZsxo5TlI3m6BF1VkzEbVyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.28.0/22
185.46.0.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:00:23:b7:15:2e:c7:a3:81:d6:60:ba:66:04:08:df:a6:59:
c9:f2:50:a7:31:05:02:8b:0c:ec:01:e5:ea:aa:c5:f8:69:fe:
2e:0a:99:b9:fe:70:0c:06:bc:84:11:f3:c5:dd:8a:08:c8:7a:
56:11:ee:f2:a8:bf:c0:89:54:af:98:72:4c:68:b2:31:79:93:
8e:1f:99:d8:61:4c:7b:17:c1:e6:f5:27:c1:60:08:e1:4f:7d:
1c:f7:1a:86:04:a4:9f:07:c9:c8:a4:b5:4f:94:b2:1f:0a:0e:
93:93:45:5f:2d:40:57:61:4b:b4:24:c9:78:db:5b:09:56:b2:
7f:f8:da:ef:09:6d:0b:06:5d:dc:0e:b3:3c:c8:1e:49:0f:20:
a4:8c:07:f1:3f:88:aa:51:21:20:9d:8a:ab:c2:ea:f7:37:16:
2b:a5:6f:13:0c:30:cf:27:43:a6:88:8d:95:eb:80:ad:bb:d6:
5e:99:66:b9:ce:0f:8e:5d:78:45:d1:b5:37:c3:55:a4:99:b6:
f0:ea:bc:a3:95:e8:9d:f7:14:2d:43:1d:25:5d:7d:5b:2f:87:
6c:43:66:e0:4e:ab:f9:dc:38:6a:80:99:a6:c4:40:43:ac:8a:
06:03:1a:4f:18:71:87:b5:78:9f:58:d6:32:01:ec:c9:95:ce:
74:16:14:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4YjzI3qJKdacq1LuxAZXozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjQwMzA3MTA1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg1ZDZjMTliMzFhMzk0ZTUyMzc5YmEwNDVkNTU5MzMxMWI1NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyK3D7aXeimdFbg3JAhgBd/4ppqM
IcMIRFc0rZLR1Y4jwyeFWEQUbb6UKHyGdoS+Moboul1pvaw11yF9bYauBbhbq7dh
A8PCAhBimcPdu9GscP/SBSBUAOd7INsuE/QyS/Gb5nx4SuKRd0iHotHWqetq/Jt4
K53jfauoTK0LU5gnheLgORSqVvO/W6JgiD2IDs3tq1ci6G6NuwTA+9FBkwlNlw8J
IrMK/14R4CkUhh5wMVrCiITeyLPZwYejAgvC/TvEe1i/MRqhwzoFhNB7TPainM4q
nhJ0JxlRElNgDNCipjCcgawANBXLOaaQbrGPXEuQuL1so9pIdClZdQHawQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEqF1sGbMaOU5SN5ugRdVZMxG1clMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvU29YV3dac3hvNVRsSTNtNkJGMVZrekViVnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYwcAwQC
uS4AMA0GCSqGSIb3DQEBCwUAA4IBAQDPACO3FS7Ho4HWYLpmBAjfplnJ8lCnMQUC
iwzsAeXqqsX4af4uCpm5/nAMBryEEfPF3YoIyHpWEe7yqL/AiVSvmHJMaLIxeZOO
H5nYYUx7F8Hm9SfBYAjhT30c9xqGBKSfB8nIpLVPlLIfCg6Tk0VfLUBXYUu0JMl4
21sJVrJ/+NrvCW0LBl3cDrM8yB5JDyCkjAfxP4iqUSEgnYqrwur3NxYrpW8TDDDP
J0OmiI2V64Ctu9ZemWa5zg+OXXhF0bU3w1Wkmbbw6ryjleid9xQtQx0lXX1bL4ds
Q2bgTqv53DhqgJmmxEBDrIoGAxpPGHGHtXifWNYyAezJlc50FhR5
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:58:01 2025 by rpki-client