Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/n9XKNTAaOquh_eiVD_R4yLVWF40.roa
File: n9XKNTAaOquh_eiVD_R4yLVWF40.roa (raw, json)
Hash identifier: 0r4nqPco/8NMD0RAcZ2juRfsi8OYl2D7ywoj1EzHcHw=
Subject key identifier: 9F:D5:CA:35:30:1A:3A:AB:A1:FD:E8:95:0F:F4:78:C8:B5:56:17:8D
Certificate issuer: /CN=8c6eadb8659bc734dccb29f638421036bb922e36
Certificate serial: 01901866518912D77811C296E30B21F33D62
Authority key identifier: 8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/n9XKNTAaOquh_eiVD_R4yLVWF40.roa
Signing time: Fri 14 Jun 2024 20:17:57 +0000
ROA not before: Fri 14 Jun 2024 20:17:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200781
IP address blocks: 45.13.124.0/22 maxlen: 22
45.13.124.0/23 maxlen: 23
45.13.126.0/23 maxlen: 23
45.13.126.0/24 maxlen: 24
185.96.40.0/22 maxlen: 22
185.96.40.0/23 maxlen: 23
185.96.42.0/23 maxlen: 23
2a03:fd80::/29 maxlen: 29
2a03:fd80::/32 maxlen: 32
2a03:fd83::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 07:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:18:66:51:89:12:d7:78:11:c2:96:e3:0b:21:f3:3d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c6eadb8659bc734dccb29f638421036bb922e36
Validity
Not Before: Jun 14 20:17:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fd5ca35301a3aaba1fde8950ff478c8b556178d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b2:29:25:56:b5:5c:c0:bf:4b:f7:0a:a9:95:
ef:8e:9b:e6:7d:ef:16:02:0a:e2:68:fb:e4:2a:5c:
7b:54:38:a0:40:91:da:02:19:5c:d9:b3:e5:88:be:
80:2f:b8:bf:6b:ec:3a:ed:70:82:1f:2e:bc:2a:b5:
6f:e0:73:39:c6:76:ba:7b:36:f7:8f:5e:ed:79:0a:
c2:b7:00:ec:42:e9:5a:e5:62:e4:c3:a9:18:79:ff:
95:30:4a:c9:0f:67:96:fb:47:02:10:46:e3:9c:aa:
be:59:72:97:2f:50:e0:4f:09:24:2c:7c:ea:04:8a:
c3:1b:99:58:49:53:39:5e:98:ed:20:4c:0c:d7:ed:
77:1c:ae:43:3c:64:b9:7b:c8:93:05:bf:c3:d9:13:
f2:44:87:57:48:c3:0b:8d:be:19:5f:07:cb:f4:6d:
8c:83:f6:3f:7e:6b:6a:4f:22:4b:e9:fb:3d:fa:59:
f2:52:db:2f:62:9b:8b:1f:a8:72:e5:0a:08:b9:91:
49:8d:0e:a9:27:c1:5f:15:5e:89:3c:a1:f5:80:76:
1c:7c:2f:7d:f5:52:a3:8b:9b:01:9e:91:9f:15:dc:
54:01:e6:a4:3a:fa:9e:ec:f3:d7:ef:e7:c4:19:f9:
f4:4f:00:45:1c:91:bf:08:22:91:56:bd:2b:6a:ee:
88:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D5:CA:35:30:1A:3A:AB:A1:FD:E8:95:0F:F4:78:C8:B5:56:17:8D
X509v3 Authority Key Identifier:
keyid:8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/n9XKNTAaOquh_eiVD_R4yLVWF40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/jG6tuGWbxzTcyyn2OEIQNruSLjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.124.0/22
185.96.40.0/22
IPv6:
2a03:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
1a:3c:92:34:25:cb:3a:08:c9:5a:c0:e9:af:60:de:83:99:0d:
f0:ac:5f:2f:ac:b7:f5:38:ab:b2:b5:39:9c:3f:65:08:f1:7c:
da:36:89:ee:d0:78:1b:a1:a1:9c:31:08:37:ad:0c:45:b0:b8:
77:3a:64:75:59:74:14:56:dd:49:34:d9:16:38:7f:50:5a:07:
c2:ad:52:00:6f:f9:7d:a4:02:0f:5b:93:30:25:06:64:54:7b:
a2:be:bf:21:e8:81:14:60:72:c3:8c:49:44:05:cc:76:1b:1a:
31:64:2b:90:c5:b7:b5:be:a7:4c:ac:ed:16:9d:eb:f3:65:dd:
3a:64:0b:dd:bf:0a:b5:e6:fe:90:04:0c:f8:08:5e:7b:bc:8d:
55:f3:c0:1b:80:2f:b7:34:e6:d4:91:50:87:18:67:ee:41:ef:
81:83:48:df:9a:a9:4e:bb:24:22:fb:bb:7a:a3:e7:c5:72:c8:
ab:59:c9:83:91:29:bd:ab:6d:06:fd:53:c0:ea:76:f9:de:80:
46:e8:ed:b4:db:14:1f:0d:c1:db:59:70:eb:6f:8c:85:74:7e:
78:54:71:8f:9b:ba:91:83:83:ec:7a:a0:ff:f9:58:2f:c4:e1:
c5:97:8e:8b:7c:9a:50:59:3d:fa:8b:94:25:24:d4:3d:59:26:
b2:84:97:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZAYZlGJEtd4EcKW4wsh8z1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNmVhZGI4NjU5YmM3MzRkY2NiMjlmNjM4NDIxMDM2YmI5
MjJlMzYwHhcNMjQwNjE0MjAxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQ1Y2EzNTMwMWEzYWFiYTFmZGU4OTUwZmY0NzhjOGI1NTYxNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrIpJVa1XMC/S/cKqZXvjpvmfe8W
AgriaPvkKlx7VDigQJHaAhlc2bPliL6AL7i/a+w67XCCHy68KrVv4HM5xna6ezb3
j17teQrCtwDsQula5WLkw6kYef+VMErJD2eW+0cCEEbjnKq+WXKXL1DgTwkkLHzq
BIrDG5lYSVM5XpjtIEwM1+13HK5DPGS5e8iTBb/D2RPyRIdXSMMLjb4ZXwfL9G2M
g/Y/fmtqTyJL6fs9+lnyUtsvYpuLH6hy5QoIuZFJjQ6pJ8FfFV6JPKH1gHYcfC99
9VKji5sBnpGfFdxUAeakOvqe7PPX7+fEGfn0TwBFHJG/CCKRVr0rau6ITwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ/VyjUwGjqrof3olQ/0eMi1VheNMB8GA1UdIwQY
MBaAFIxurbhlm8c03Msp9jhCEDa7ki42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQt
NjY0NWRkM2Q2MjRiLzEvbjlYS05UQWFPcXVoX2VpVkRfUjR5TFZXRjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQtNjY0NWRkM2Q2MjRi
LzEvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQ18AwQC
uWAoMA0EAgACMAcDBQMqA/2AMA0GCSqGSIb3DQEBCwUAA4IBAQAaPJI0Jcs6CMla
wOmvYN6DmQ3wrF8vrLf1OKuytTmcP2UI8XzaNonu0HgboaGcMQg3rQxFsLh3OmR1
WXQUVt1JNNkWOH9QWgfCrVIAb/l9pAIPW5MwJQZkVHuivr8h6IEUYHLDjElEBcx2
GxoxZCuQxbe1vqdMrO0WnevzZd06ZAvdvwq15v6QBAz4CF57vI1V88AbgC+3NObU
kVCHGGfuQe+Bg0jfmqlOuyQi+7t6o+fFcsirWcmDkSm9q20G/VPA6nb53oBG6O20
2xQfDcHbWXDrb4yFdH54VHGPm7qRg4PseqD/+VgvxOHFl46LfJpQWT36i5QlJNQ9
WSayhJc9
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:14:52 2025 by rpki-client