Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/V0-z0-AmXXVKUxIaCzDjkGcudvQ.roa
File: V0-z0-AmXXVKUxIaCzDjkGcudvQ.roa (raw, json)
Hash identifier: AhnFUvLP698NXLlnF1xDy4g6z1ed6076QrZwDofi5kg=
Subject key identifier: 57:4F:B3:D3:E0:26:5D:75:4A:53:12:1A:0B:30:E3:90:67:2E:76:F4
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 018FE280DF9B22FCF2A60B923E8A25BC73A3
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/V0-z0-AmXXVKUxIaCzDjkGcudvQ.roa
Signing time: Tue 04 Jun 2024 09:07:27 +0000
ROA not before: Tue 04 Jun 2024 09:07:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.132.0/23 maxlen: 23
145.64.134.0/24 maxlen: 24
145.64.135.0/24 maxlen: 24
145.64.144.0/20 maxlen: 20
145.64.144.0/23 maxlen: 23
145.64.146.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.240.0/21 maxlen: 21
145.64.241.0/24 maxlen: 24
145.64.242.0/24 maxlen: 24
145.64.245.0/24 maxlen: 24
145.64.246.0/24 maxlen: 24
145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.248.0/24 maxlen: 24
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 21 Jun 2024 13:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:80:df:9b:22:fc:f2:a6:0b:92:3e:8a:25:bc:73:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Jun 4 09:07:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=574fb3d3e0265d754a53121a0b30e390672e76f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:8f:1e:3b:37:1a:92:4d:49:b3:e7:dc:27:
f5:19:83:c3:53:d6:6a:da:58:4c:0a:32:b4:dc:1b:
0c:f0:72:b0:1a:62:d2:30:9f:d4:3e:07:e6:c5:7b:
b9:7c:ad:d5:87:f1:84:05:1d:66:24:31:0b:ed:fb:
49:42:74:39:bb:17:b2:5b:08:d5:53:d8:78:98:b9:
30:57:2d:12:e4:08:d0:4b:b2:d2:79:28:7a:79:d1:
a4:bb:5e:33:7a:8b:56:19:ef:33:eb:82:f9:47:43:
4b:ca:35:f4:f1:5e:7d:31:48:e6:1c:21:a0:06:18:
cc:15:26:9f:db:51:df:99:47:00:94:73:a6:bd:47:
98:11:0c:e8:eb:03:cb:e5:04:19:05:08:c1:1d:a1:
d8:93:99:6e:a2:74:3a:93:44:05:ca:7f:c2:c4:d4:
0f:c7:62:62:10:5b:29:3f:16:15:95:2f:f5:4f:28:
2e:41:07:f8:c7:40:97:fd:4c:61:dc:9b:27:24:8b:
7b:b8:ed:97:fd:56:ae:ef:c0:34:68:94:38:41:2b:
80:2e:2b:37:48:dc:0a:cb:0f:9c:15:da:64:8c:38:
b1:6c:0d:51:ff:1b:a4:3d:50:3a:b2:66:a4:34:a0:
37:94:e0:e9:49:b7:ad:6c:11:75:74:a3:2d:1b:3f:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:4F:B3:D3:E0:26:5D:75:4A:53:12:1A:0B:30:E3:90:67:2E:76:F4
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/V0-z0-AmXXVKUxIaCzDjkGcudvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0/21
145.64.144.0-145.64.175.255
145.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
38:f4:c1:ce:5d:75:d3:8c:6c:33:a6:ba:7c:8f:ee:df:15:25:
91:8a:fd:0d:6c:eb:7a:9f:4d:a8:93:ad:d4:f9:0a:f7:49:df:
20:06:7f:a8:3e:ca:58:dc:77:c8:d6:e5:06:37:fc:bf:d4:10:
61:4c:63:5e:99:ca:90:36:40:e0:11:3c:cc:ed:ca:99:44:7b:
b7:4a:f9:03:ec:d0:e8:74:e4:1c:4b:4d:4e:ec:1d:e8:97:4d:
b7:33:ed:0a:f3:ff:13:f1:2f:47:ca:e0:5e:d3:b9:e3:25:75:
4e:06:56:74:10:50:2d:2f:f2:4c:30:ee:d2:fe:5a:5d:6f:0e:
1e:2d:c4:f6:b2:28:8c:6c:72:03:8f:41:a6:a8:61:99:26:9c:
eb:fa:7a:15:a5:0e:22:30:99:f8:62:d0:b7:7f:81:54:39:17:
60:35:bd:f5:d8:d1:fc:35:da:1e:cc:ee:93:5f:98:dd:c6:73:
9a:97:8a:85:cd:a9:67:f1:a9:f5:46:e0:70:8d:71:cd:06:de:
ce:2c:05:3b:e9:7e:88:9d:19:63:0b:1d:6c:80:3f:b7:d2:93:
9d:1b:43:91:34:0b:d6:11:c5:75:38:59:f8:b7:9c:7e:ec:a9:
ef:40:97:b1:14:47:51:5f:bd:6d:38:11:db:61:2e:44:c0:a9:
a9:e7:3f:d2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/igN+bIvzypguSPoolvHOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjQwNjA0MDkwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzRmYjNkM2UwMjY1ZDc1NGE1MzEyMWEwYjMwZTM5MDY3MmU3NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOOPHjs3GpJNSbPn3Cf1GYPDU9Zq
2lhMCjK03BsM8HKwGmLSMJ/UPgfmxXu5fK3Vh/GEBR1mJDEL7ftJQnQ5uxeyWwjV
U9h4mLkwVy0S5AjQS7LSeSh6edGku14zeotWGe8z64L5R0NLyjX08V59MUjmHCGg
BhjMFSaf21HfmUcAlHOmvUeYEQzo6wPL5QQZBQjBHaHYk5luonQ6k0QFyn/CxNQP
x2JiEFspPxYVlS/1TyguQQf4x0CX/Uxh3JsnJIt7uO2X/Vau78A0aJQ4QSuALis3
SNwKyw+cFdpkjDixbA1R/xukPVA6smakNKA3lODpSbetbBF1dKMtGz+CVwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFdPs9PgJl11SlMSGgsw45BnLnb0MB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvVjAtejAtQW1YWFZLVXhJYUN6RGprR2N1ZHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDkUCAMAwD
BASRQJADBASRQKADBASRQPAwDQYJKoZIhvcNAQELBQADggEBADj0wc5dddOMbDOm
unyP7t8VJZGK/Q1s63qfTaiTrdT5CvdJ3yAGf6g+yljcd8jW5QY3/L/UEGFMY16Z
ypA2QOARPMztyplEe7dK+QPs0Oh05BxLTU7sHeiXTbcz7Qrz/xPxL0fK4F7TueMl
dU4GVnQQUC0v8kww7tL+Wl1vDh4txPayKIxscgOPQaaoYZkmnOv6ehWlDiIwmfhi
0Ld/gVQ5F2A1vfXY0fw12h7M7pNfmN3Gc5qXioXNqWfxqfVG4HCNcc0G3s4sBTvp
foidGWMLHWyAP7fSk50bQ5E0C9YRxXU4Wfi3nH7sqe9Al7EUR1FfvW04EdthLkTA
qannP9I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:57 2025 by rpki-client