Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Q2MueJwuYXRPw6ywd6nwCgVyYho.roa
File: Q2MueJwuYXRPw6ywd6nwCgVyYho.roa (raw, json)
Hash identifier: LhM8/DhKqi0HO+++vN5OtDQZ3QxMqtf6cK2lUPUAcIY=
Subject key identifier: 43:63:2E:78:9C:2E:61:74:4F:C3:AC:B0:77:A9:F0:0A:05:72:62:1A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86F9CFFA8B23A58E1515621DAD1196E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Q2MueJwuYXRPw6ywd6nwCgVyYho.roa
Signing time: Tue 02 Jan 2024 04:30:07 +0000
ROA not before: Tue 02 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 45.149.105.0/24 maxlen: 24
45.87.30.0/23 maxlen: 23
45.149.106.0/23 maxlen: 23
45.134.220.0/23 maxlen: 23
45.148.98.0/23 maxlen: 23
45.148.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9c:ff:a8:b2:3a:58:e1:51:56:21:da:d1:19:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43632e789c2e61744fc3acb077a9f00a0572621a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e2:35:b9:66:b0:b0:dd:d0:41:8a:62:ba:2a:
4b:1e:17:4e:9f:50:27:08:c3:df:09:f9:b5:3d:82:
61:ab:d7:22:54:4a:e9:c1:2b:e0:2f:04:31:e5:9b:
99:ac:1d:e2:ec:d3:81:03:e9:e7:5d:29:16:d3:8a:
54:47:d4:49:32:41:10:c3:4e:c8:82:9b:b8:57:71:
46:dc:de:15:66:89:54:5e:12:e3:07:41:27:0a:2c:
de:c3:0b:66:04:84:84:37:62:ab:bb:28:07:37:87:
14:35:d2:02:db:99:c6:15:bb:ef:68:8e:76:8d:43:
4f:52:49:76:31:36:51:6b:ac:49:c4:45:2a:bb:1d:
e7:b5:66:21:ff:90:a5:88:89:ab:0b:99:46:1f:94:
cf:28:1b:93:8e:de:a0:26:36:b6:0d:33:a3:47:58:
ff:a2:9b:4d:64:83:70:6d:74:c3:37:3a:9e:35:4c:
f1:01:1b:69:69:54:4b:6f:f9:af:ac:7f:3d:a4:6f:
5f:18:f5:9a:80:db:79:6e:15:2a:4c:47:ed:66:91:
28:9f:78:6c:f8:06:d1:50:0f:02:dd:c0:bf:66:61:
bc:f6:3c:da:58:aa:40:9c:1b:f9:fc:2a:06:c0:9f:
0b:4c:16:f9:dc:ee:42:95:03:7a:92:f6:8a:3d:9c:
8c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:63:2E:78:9C:2E:61:74:4F:C3:AC:B0:77:A9:F0:0A:05:72:62:1A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Q2MueJwuYXRPw6ywd6nwCgVyYho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.30.0/23
45.134.220.0/23
45.148.97.0-45.148.99.255
45.149.105.0-45.149.107.255
Signature Algorithm: sha256WithRSAEncryption
6f:9e:08:c2:9a:a4:dc:fd:e3:d8:38:68:52:f3:6b:ce:c3:26:
a4:c4:e7:81:8b:37:0a:85:52:ed:13:4e:3e:ac:5e:5d:e2:39:
75:a4:3a:ce:5e:61:5d:6c:a0:00:7a:3c:97:dd:05:70:4c:92:
0c:1e:f5:75:12:9b:ed:d1:15:80:4a:3d:6e:9b:c5:e9:b4:6f:
a9:6b:47:9c:0d:b3:08:c2:a7:85:12:2f:e7:f9:fa:ec:d9:c0:
dc:97:de:24:96:aa:4f:85:b2:e6:41:3e:19:cd:51:4a:82:2b:
10:f0:6a:87:7e:00:c6:72:31:66:7d:cd:bf:90:ac:51:8a:fe:
67:00:25:b9:de:98:1f:45:8d:61:ef:b0:ef:5b:50:61:0b:c4:
4e:bc:00:a0:20:32:28:1c:26:6e:c1:dc:d8:c0:40:45:a3:63:
c1:fd:c8:a9:a0:5f:6a:a3:c1:c1:22:b0:3a:9a:8c:80:5b:f8:
f8:c9:b6:b3:98:31:32:39:4b:dc:8e:17:a0:1b:dd:ec:b1:a7:
54:65:7b:eb:19:59:a9:e1:86:2b:fb:0b:4c:ba:bc:de:7e:62:
c5:7c:5d:b0:dd:a7:16:73:78:48:84:c3:69:99:5e:ff:96:b3:
3f:8d:1a:50:0b:9c:7f:ce:38:cf:b8:af:81:5d:e1:5c:74:25:
8d:04:7e:da
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzIb5z/qLI6WOFRViHa0RluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzYzMmU3ODljMmU2MTc0NGZjM2FjYjA3N2E5ZjAwYTA1NzI2MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuI1uWawsN3QQYpiuipLHhdOn1An
CMPfCfm1PYJhq9ciVErpwSvgLwQx5ZuZrB3i7NOBA+nnXSkW04pUR9RJMkEQw07I
gpu4V3FG3N4VZolUXhLjB0EnCizewwtmBISEN2KruygHN4cUNdIC25nGFbvvaI52
jUNPUkl2MTZRa6xJxEUqux3ntWYh/5CliImrC5lGH5TPKBuTjt6gJja2DTOjR1j/
optNZINwbXTDNzqeNUzxARtpaVRLb/mvrH89pG9fGPWagNt5bhUqTEftZpEon3hs
+AbRUA8C3cC/ZmG89jzaWKpAnBv5/CoGwJ8LTBb53O5ClQN6kvaKPZyM+wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFENjLnicLmF0T8OssHep8AoFcmIaMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUTJNdWVKd3VZWFJQdzZ5d2Q2bndDZ1Z5WWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBLVceAwQB
LYbcMAwDBAAtlGEDBAItlGAwDAMEAC2VaQMEAi2VaDANBgkqhkiG9w0BAQsFAAOC
AQEAb54Iwpqk3P3j2DhoUvNrzsMmpMTngYs3CoVS7RNOPqxeXeI5daQ6zl5hXWyg
AHo8l90FcEySDB71dRKb7dEVgEo9bpvF6bRvqWtHnA2zCMKnhRIv5/n67NnA3Jfe
JJaqT4Wy5kE+Gc1RSoIrEPBqh34AxnIxZn3Nv5CsUYr+ZwAlud6YH0WNYe+w71tQ
YQvETrwAoCAyKBwmbsHc2MBARaNjwf3IqaBfaqPBwSKwOpqMgFv4+Mm2s5gxMjlL
3I4XoBvd7LGnVGV76xlZqeGGK/sLTLq83n5ixXxdsN2nFnN4SITDaZle/5azP40a
UAucf844z7ivgV3hXHQljQR+2g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:29 2025 by rpki-client