Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cfj6u29wK7qsTJJ7asYcbuezmEQ.roa
File: cfj6u29wK7qsTJJ7asYcbuezmEQ.roa (raw, json)
Hash identifier: orXEGngy7C+E8VOzPDTnLFIDj63ur5sFYqTtGW7zyLo=
Subject key identifier: 71:F8:FA:BB:6F:70:2B:BA:AC:4C:92:7B:6A:C6:1C:6E:E7:B3:98:44
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 019341371857A0FED2C215A122978087FB3B
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cfj6u29wK7qsTJJ7asYcbuezmEQ.roa
Signing time: Mon 18 Nov 2024 21:39:09 +0000
ROA not before: Mon 18 Nov 2024 21:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204666
IP address blocks: 45.153.192.0/22 maxlen: 24
45.153.194.0/24 maxlen: 24
45.153.195.0/24 maxlen: 24
185.188.101.0/24 maxlen: 24
185.188.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:41:37:18:57:a0:fe:d2:c2:15:a1:22:97:80:87:fb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Nov 18 21:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f8fabb6f702bbaac4c927b6ac61c6ee7b39844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:b6:25:e6:d1:26:13:0e:d2:d3:15:a2:c6:
38:90:f0:39:31:3c:3b:14:9a:8f:fe:71:e3:a6:0a:
dd:bd:79:ea:1b:c5:9f:40:fd:bf:b3:07:03:63:ed:
66:aa:bc:53:66:45:ee:a8:de:e1:0b:4b:a1:56:4b:
96:7a:20:a1:09:be:74:1a:e5:c1:0e:09:a4:2a:1a:
93:4f:73:6a:ac:fe:39:b4:b0:71:c8:84:e0:78:33:
06:6f:33:ff:44:c8:35:19:87:5e:be:78:80:e9:e8:
d8:d8:e0:95:a4:51:1f:2a:f0:4f:f1:e1:6d:1d:9c:
f5:1d:65:ef:cc:4e:e0:35:47:c1:be:b8:79:84:85:
e9:99:c8:52:9e:b8:3a:85:b8:67:20:2b:e9:44:ba:
93:2e:09:12:86:65:00:2e:2b:1b:4b:5b:1c:a0:9b:
33:29:dc:12:95:e2:26:b6:01:e1:fb:2d:9c:4b:5a:
07:11:52:cb:ab:9a:9c:b3:f4:b7:d0:f5:ad:06:55:
fc:e2:d4:54:14:cc:87:2e:d4:41:aa:b0:06:5c:35:
11:2b:21:94:59:b3:33:f3:28:70:b2:7a:39:ac:c0:
43:36:de:8a:c2:e6:8a:d4:ca:a1:69:7c:3b:b7:38:
9e:cc:e9:de:cf:da:4b:84:bf:fd:41:bc:fc:f9:18:
84:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F8:FA:BB:6F:70:2B:BA:AC:4C:92:7B:6A:C6:1C:6E:E7:B3:98:44
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/cfj6u29wK7qsTJJ7asYcbuezmEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.192.0/22
185.188.101.0/24
185.188.103.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ed:13:c7:34:8f:6d:eb:78:27:ad:10:d9:9c:1b:01:44:24:
69:58:07:90:15:dc:9d:dd:19:5d:70:61:b8:10:e4:ea:3c:28:
a1:e1:7c:3f:bb:68:7d:e1:f4:43:7d:e5:99:52:64:3b:12:4d:
15:fd:d6:19:69:83:38:dc:76:9b:bf:72:be:ef:5c:ea:40:fb:
c4:5a:fa:0b:46:78:28:e2:e2:49:0b:d4:4e:8e:1e:36:56:a8:
a5:91:4c:b7:ad:7e:4d:b6:94:94:c6:f2:73:69:cc:07:23:c1:
35:f5:a4:6a:71:8d:75:aa:63:df:e0:c3:37:a0:3b:ed:51:1d:
ad:36:80:b1:4a:9b:42:18:bc:89:14:43:6a:15:40:1d:fe:6d:
f6:fe:8b:05:bb:40:5e:a0:49:f8:f8:aa:50:1d:83:cd:1c:fe:
07:a2:70:58:62:55:90:84:dd:df:cc:b8:40:08:af:24:d2:11:
d1:1d:38:4d:98:d6:78:26:60:68:c8:6f:d7:66:b6:a7:5e:da:
10:23:1f:5f:94:d4:10:b7:45:54:e7:4e:c7:1b:86:90:42:19:
f5:66:02:e4:15:40:2b:2d:7e:30:35:84:71:a4:7e:c2:dc:82:
93:5b:a9:59:ed:3f:e8:59:37:df:11:2c:30:a4:29:6c:4d:ba:
ae:2c:23:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNBNxhXoP7SwhWhIpeAh/s7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQxMTE4MjEzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY4ZmFiYjZmNzAyYmJhYWM0YzkyN2I2YWM2MWM2ZWU3YjM5ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR62JebRJhMO0tMVosY4kPA5MTw7
FJqP/nHjpgrdvXnqG8WfQP2/swcDY+1mqrxTZkXuqN7hC0uhVkuWeiChCb50GuXB
DgmkKhqTT3NqrP45tLBxyITgeDMGbzP/RMg1GYdevniA6ejY2OCVpFEfKvBP8eFt
HZz1HWXvzE7gNUfBvrh5hIXpmchSnrg6hbhnICvpRLqTLgkShmUALisbS1scoJsz
KdwSleImtgHh+y2cS1oHEVLLq5qcs/S30PWtBlX84tRUFMyHLtRBqrAGXDURKyGU
WbMz8yhwsno5rMBDNt6KwuaK1MqhaXw7tziezOnez9pLhL/9Qbz8+RiETQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHH4+rtvcCu6rEySe2rGHG7ns5hEMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvY2ZqNnUyOXdLN3FzVEpKN2FzWWNidWV6bUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZnAAwQA
ubxlAwQAubxnMA0GCSqGSIb3DQEBCwUAA4IBAQBH7RPHNI9t63gnrRDZnBsBRCRp
WAeQFdyd3RldcGG4EOTqPCih4Xw/u2h94fRDfeWZUmQ7Ek0V/dYZaYM43Habv3K+
71zqQPvEWvoLRngo4uJJC9ROjh42VqilkUy3rX5NtpSUxvJzacwHI8E19aRqcY11
qmPf4MM3oDvtUR2tNoCxSptCGLyJFENqFUAd/m32/osFu0BeoEn4+KpQHYPNHP4H
onBYYlWQhN3fzLhACK8k0hHRHThNmNZ4JmBoyG/XZranXtoQIx9flNQQt0VU507H
G4aQQhn1ZgLkFUArLX4wNYRxpH7C3IKTW6lZ7T/oWTffESwwpClsTbquLCP4
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:34:40 2025 by rpki-client