Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/nVOQFgjIpZvjNbkuD6gHs6Px1J8.roa
File: nVOQFgjIpZvjNbkuD6gHs6Px1J8.roa (raw, json)
Hash identifier: wtHXDlsoGBe21yuT9xDd6aIcjLo3Y5ogpPN1loeUOf8=
Subject key identifier: 9D:53:90:16:08:C8:A5:9B:E3:35:B9:2E:0F:A8:07:B3:A3:F1:D4:9F
Certificate issuer: /CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Certificate serial: 018D366AE5C10C9241CD38C4B6AD328D044A
Authority key identifier: B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/nVOQFgjIpZvjNbkuD6gHs6Px1J8.roa
Signing time: Tue 23 Jan 2024 13:03:11 +0000
ROA not before: Tue 23 Jan 2024 13:03:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208948
IP address blocks: 45.134.132.0/24 maxlen: 29
45.134.133.0/24 maxlen: 29
45.134.134.0/24 maxlen: 29
45.134.135.0/24 maxlen: 30
2a0d:d9c0::/32 maxlen: 64
2a0d:d9c3::/32 maxlen: 64
2a0d:d9c4::/32 maxlen: 64
2a0d:d9c5::/32 maxlen: 64
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:6a:e5:c1:0c:92:41:cd:38:c4:b6:ad:32:8d:04:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e4f734fde71ac421957f27c8499496f4440d7c
Validity
Not Before: Jan 23 13:03:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d53901608c8a59be335b92e0fa807b3a3f1d49f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:00:66:c5:7e:62:d9:31:5b:27:40:a0:9a:64:
01:75:2b:bd:8f:41:62:51:8a:f1:c6:f6:ad:40:fd:
bd:69:a3:f5:95:87:51:2b:a3:50:f1:10:2f:51:d3:
8c:de:78:7e:3d:48:7c:4c:43:e1:03:36:03:7c:a0:
bc:76:52:84:4a:28:46:6e:df:82:3c:d9:1b:53:f5:
ee:19:8a:3a:18:95:48:e1:49:10:b0:25:d0:dc:15:
b6:32:05:48:e6:50:53:e3:b7:f4:26:0c:65:4f:e2:
18:b6:31:08:ae:af:dd:d8:53:25:91:e4:8a:2d:fe:
86:f4:5b:d7:b2:d2:b1:0d:ad:19:c9:82:6a:3f:08:
05:fd:05:41:26:49:6a:29:b6:21:8b:d0:89:a7:34:
d1:92:aa:3e:7f:8f:b3:96:ed:3a:b9:a2:dc:22:81:
70:e6:b9:2a:dc:44:51:c9:64:94:84:22:01:f3:7b:
f0:a7:72:d3:a0:19:0f:fd:47:3f:17:76:17:76:26:
1f:bf:39:8f:fa:58:ec:2f:83:8b:fe:c0:79:df:1c:
3a:7a:f3:7a:60:41:fe:d7:b9:aa:f2:37:b8:55:c5:
fb:91:9a:16:86:0c:fd:35:6b:1a:b9:5f:32:3b:09:
32:71:c8:04:67:1c:8c:fa:ef:04:48:a3:0c:17:3f:
00:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:53:90:16:08:C8:A5:9B:E3:35:B9:2E:0F:A8:07:B3:A3:F1:D4:9F
X509v3 Authority Key Identifier:
keyid:B8:E4:F7:34:FD:E7:1A:C4:21:95:7F:27:C8:49:94:96:F4:44:0D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOT3NP3nGsQhlX8nyEmUlvREDXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/nVOQFgjIpZvjNbkuD6gHs6Px1J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/28eeb6-eb48-4ff8-8741-bcfe3ad387ce/1/uOT3NP3nGsQhlX8nyEmUlvREDXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.132.0/22
IPv6:
2a0d:d9c0::/32
2a0d:d9c3::-2a0d:d9c5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:f9:cf:f1:a1:0b:aa:68:d3:9d:9f:59:d0:4c:7e:12:66:95:
30:fe:0f:d3:a8:72:90:44:73:c5:e4:51:cc:14:57:49:0c:b6:
09:09:d3:85:e8:13:d4:6c:7c:a7:ad:17:5a:0c:79:18:2c:7d:
40:9a:95:c5:fe:38:a4:97:25:31:06:1f:39:63:29:38:06:d3:
4d:29:48:e7:85:a2:18:ef:d4:26:4f:da:c0:1c:8d:ba:ce:34:
7e:fe:51:a8:71:17:2b:10:38:b6:57:4a:86:c0:f1:27:48:93:
07:bb:68:87:e5:00:8d:a8:27:ff:d6:22:bb:89:ac:4b:dc:27:
a5:ea:44:ce:2a:1d:a7:c7:1b:6b:eb:7f:b8:9e:9e:65:d4:a0:
39:94:95:11:d7:0c:8c:93:6b:eb:d6:65:9b:1f:8f:d9:e5:f0:
29:50:21:00:c5:4a:11:4b:63:77:57:19:f7:2a:75:0b:64:63:
38:12:a0:c6:fc:7c:92:e1:d9:41:cf:13:1e:09:a7:87:57:1b:
9e:20:55:a4:b3:a7:ba:10:3d:f9:80:55:35:14:09:fe:53:dc:
50:a4:31:71:a4:f5:bf:62:10:e8:34:16:a0:62:44:36:1e:2f:
00:84:8b:b9:cb:ea:11:bb:2a:16:f2:4b:54:cd:2c:f9:cb:e1:
b8:e5:be:96
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY02auXBDJJBzTjEtq0yjQRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTRmNzM0ZmRlNzFhYzQyMTk1N2YyN2M4NDk5NDk2ZjQ0
NDBkN2MwHhcNMjQwMTIzMTMwMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUzOTAxNjA4YzhhNTliZTMzNWI5MmUwZmE4MDdiM2EzZjFkNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigBmxX5i2TFbJ0CgmmQBdSu9j0Fi
UYrxxvatQP29aaP1lYdRK6NQ8RAvUdOM3nh+PUh8TEPhAzYDfKC8dlKESihGbt+C
PNkbU/XuGYo6GJVI4UkQsCXQ3BW2MgVI5lBT47f0JgxlT+IYtjEIrq/d2FMlkeSK
Lf6G9FvXstKxDa0ZyYJqPwgF/QVBJklqKbYhi9CJpzTRkqo+f4+zlu06uaLcIoFw
5rkq3ERRyWSUhCIB83vwp3LToBkP/Uc/F3YXdiYfvzmP+ljsL4OL/sB53xw6evN6
YEH+17mq8je4VcX7kZoWhgz9NWsauV8yOwkyccgEZxyM+u8ESKMMFz8A8QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJ1TkBYIyKWb4zW5Lg+oB7Oj8dSfMB8GA1UdIwQY
MBaAFLjk9zT95xrEIZV/J8hJlJb0RA18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEt
YmNmZTNhZDM4N2NlLzEvblZPUUZnaklwWnZqTmJrdUQ2Z0hzNlB4MUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yOGVlYjYtZWI0OC00ZmY4LTg3NDEtYmNmZTNhZDM4N2Nl
LzEvdU9UM05QM25Hc1FobFg4bnlFbVVsdlJFRFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQCLYaEMB0E
AgACMBcDBQAqDdnAMA4DBQAqDdnDAwUBKg3ZxDANBgkqhkiG9w0BAQsFAAOCAQEA
BPnP8aELqmjTnZ9Z0Ex+EmaVMP4P06hykERzxeRRzBRXSQy2CQnThegT1Gx8p60X
Wgx5GCx9QJqVxf44pJclMQYfOWMpOAbTTSlI54WiGO/UJk/awByNus40fv5RqHEX
KxA4tldKhsDxJ0iTB7toh+UAjagn/9Yiu4msS9wnpepEziodp8cba+t/uJ6eZdSg
OZSVEdcMjJNr69Zlmx+P2eXwKVAhAMVKEUtjd1cZ9yp1C2RjOBKgxvx8kuHZQc8T
Hgmnh1cbniBVpLOnuhA9+YBVNRQJ/lPcUKQxcaT1v2IQ6DQWoGJENh4vAISLucvq
EbsqFvJLVM0s+cvhuOW+lg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:59 2025 by rpki-client