Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/g0a3wjexlzDSR8Or8u9IlIbphYo.roa
File: g0a3wjexlzDSR8Or8u9IlIbphYo.roa (raw, json)
Hash identifier: 4AuAFSM/DNnRimxLvaD/fLA0BGKGM+4Gj/d7yr8XKWw=
Subject key identifier: 83:46:B7:C2:37:B1:97:30:D2:47:C3:AB:F2:EF:48:94:86:E9:85:8A
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 01909DC0284ECE263A72C3D506E70768D1B4
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/g0a3wjexlzDSR8Or8u9IlIbphYo.roa
Signing time: Wed 10 Jul 2024 17:45:34 +0000
ROA not before: Wed 10 Jul 2024 17:45:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.132.0/23 maxlen: 23
145.64.134.0/24 maxlen: 24
145.64.135.0/24 maxlen: 24
145.64.136.0/22 maxlen: 22
145.64.140.0/22 maxlen: 22
145.64.144.0/20 maxlen: 20
145.64.144.0/23 maxlen: 23
145.64.146.0/24 maxlen: 24
145.64.147.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.240.0/21 maxlen: 21
145.64.240.0/22 maxlen: 22
145.64.241.0/24 maxlen: 24
145.64.242.0/24 maxlen: 24
145.64.244.0/22 maxlen: 22
145.64.245.0/24 maxlen: 24
145.64.246.0/24 maxlen: 24
145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.248.0/24 maxlen: 24
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Jul 2024 14:25:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:c0:28:4e:ce:26:3a:72:c3:d5:06:e7:07:68:d1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Jul 10 17:45:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8346b7c237b19730d247c3abf2ef489486e9858a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d3:39:d8:be:41:d3:5c:00:6c:35:af:19:b7:
94:e3:50:ed:48:6c:28:96:95:01:7e:56:f7:d5:83:
a7:c7:02:e6:5b:7f:62:31:ff:d4:ba:ae:76:c1:44:
9b:e9:74:1c:31:03:78:07:d3:46:81:ec:53:51:bd:
93:a8:05:1d:f4:a0:b3:73:31:88:21:93:b0:18:d5:
a0:13:2c:68:0b:2d:2f:30:49:a8:e7:8a:50:3b:d6:
da:72:7a:1a:5f:27:eb:30:56:e1:9d:78:82:9d:29:
3e:a6:0b:e4:b1:97:c8:0e:c0:1a:1b:27:83:e1:74:
df:1d:94:d6:c1:07:1a:a7:cf:b1:5a:81:e1:ac:99:
58:0c:97:5c:da:4c:78:ec:18:26:b7:b6:b1:1b:1b:
49:07:49:a8:36:f7:0d:44:f5:0c:2a:ef:ba:e8:9f:
ac:d1:10:cc:55:e2:3f:6e:5f:c1:c2:ff:c4:af:9f:
6b:ea:f8:08:40:cb:4f:c7:78:15:85:b1:0f:b8:bf:
3e:b2:8c:28:93:6b:8e:c6:da:10:9a:66:8d:23:c3:
d4:77:33:a6:66:d4:73:56:4a:a1:19:5e:00:6e:3f:
85:b5:d9:a3:44:12:de:8e:36:2b:b9:24:1f:1a:ce:
ef:e4:2f:a6:c2:e5:a9:b8:c4:cc:a7:eb:30:a6:54:
04:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:46:B7:C2:37:B1:97:30:D2:47:C3:AB:F2:EF:48:94:86:E9:85:8A
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/g0a3wjexlzDSR8Or8u9IlIbphYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0-145.64.175.255
145.64.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a3:cf:81:c8:80:60:8f:f1:e6:11:bc:27:ae:73:6b:23:72:1d:
d1:32:95:79:d4:5c:09:21:aa:71:13:65:a7:6c:53:36:6a:e5:
99:cb:b8:e6:a3:76:e7:f4:ea:8b:f4:f0:44:a2:83:4a:19:d1:
99:19:cc:ed:0c:c7:13:fa:9f:59:c1:9a:d2:b8:4b:27:f1:cc:
d1:58:6c:ca:d3:1d:c0:cf:b9:ac:04:c0:90:9b:45:bd:3b:be:
cf:59:16:91:9c:2b:6a:3e:8b:e1:b0:c4:c5:89:ba:87:a3:8f:
78:10:f4:8e:32:ad:9b:3c:63:01:3e:32:46:9c:4b:15:b8:40:
1f:0a:12:c0:77:fd:86:93:e7:18:2f:fc:b8:da:68:5d:6d:74:
97:bd:35:29:bf:8c:5d:db:59:4d:12:7c:8a:13:29:6a:c9:96:
4c:6d:2b:ea:27:ee:8f:77:40:09:3a:c0:6a:3a:fd:c2:f2:f1:
52:be:78:48:cc:ef:c8:1c:51:e5:85:d1:bc:e4:4f:5a:b1:2f:
a6:32:fd:25:2a:93:19:58:38:e6:36:e8:62:b7:85:09:46:9a:
42:d8:4c:15:5b:07:3e:ae:db:37:54:29:bd:ca:d6:0b:81:41:
59:42:f3:7d:40:0d:c5:71:98:0f:1d:16:a5:0b:15:6b:a1:fa:
7b:c6:52:f3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZCdwChOziY6csPVBucHaNG0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjQwNzEwMTc0NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ2YjdjMjM3YjE5NzMwZDI0N2MzYWJmMmVmNDg5NDg2ZTk4NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtM52L5B01wAbDWvGbeU41DtSGwo
lpUBflb31YOnxwLmW39iMf/Uuq52wUSb6XQcMQN4B9NGgexTUb2TqAUd9KCzczGI
IZOwGNWgEyxoCy0vMEmo54pQO9bacnoaXyfrMFbhnXiCnSk+pgvksZfIDsAaGyeD
4XTfHZTWwQcap8+xWoHhrJlYDJdc2kx47Bgmt7axGxtJB0moNvcNRPUMKu+66J+s
0RDMVeI/bl/Bwv/Er59r6vgIQMtPx3gVhbEPuL8+sowok2uOxtoQmmaNI8PUdzOm
ZtRzVkqhGV4Abj+FtdmjRBLejjYruSQfGs7v5C+mwuWpuMTMp+swplQE0QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFINGt8I3sZcw0kfDq/LvSJSG6YWKMB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvZzBhM3dqZXhsekRTUjhPcjh1OUlsSWJwaFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeRQIAD
BASRQKADBASRQPAwDQYJKoZIhvcNAQELBQADggEBAKPPgciAYI/x5hG8J65zayNy
HdEylXnUXAkhqnETZadsUzZq5ZnLuOajduf06ov08ESig0oZ0ZkZzO0MxxP6n1nB
mtK4SyfxzNFYbMrTHcDPuawEwJCbRb07vs9ZFpGcK2o+i+GwxMWJuoejj3gQ9I4y
rZs8YwE+MkacSxW4QB8KEsB3/YaT5xgv/LjaaF1tdJe9NSm/jF3bWU0SfIoTKWrJ
lkxtK+on7o93QAk6wGo6/cLy8VK+eEjM78gcUeWF0bzkT1qxL6Yy/SUqkxlYOOY2
6GK3hQlGmkLYTBVbBz6u2zdUKb3K1guBQVlC831ADcVxmA8dFqULFWuh+nvGUvM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:07 2025 by rpki-client