Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/okcLVDeUjYYGi7cOt_uQFxmIB70.roa
File: okcLVDeUjYYGi7cOt_uQFxmIB70.roa (raw, json)
Hash identifier: RoH76EPM4p0iqYUMooKez3YrX1BTf/Jf+piuxqE4GzQ=
Subject key identifier: A2:47:0B:54:37:94:8D:86:06:8B:B7:0E:B7:FB:90:17:19:88:07:BD
Certificate issuer: /CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Certificate serial: 019428273CB066B84D3837E7DD457373FA7C
Authority key identifier: 7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/okcLVDeUjYYGi7cOt_uQFxmIB70.roa
Signing time: Thu 02 Jan 2025 17:54:07 +0000
ROA not before: Thu 02 Jan 2025 17:54:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.13.250.0/24 maxlen: 24
45.13.251.0/24 maxlen: 24
45.85.108.0/22 maxlen: 22
45.94.96.0/22 maxlen: 22
45.130.65.0/24 maxlen: 24
45.139.0.0/24 maxlen: 24
45.139.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 15:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:3c:b0:66:b8:4d:38:37:e7:dd:45:73:73:fa:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ca643bb399c6d87adc4c7cba5d2b72fbd00d046
Validity
Not Before: Jan 2 17:54:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2470b5437948d86068bb70eb7fb9017198807bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1f:cf:c4:f2:5b:bf:ad:c2:f4:b9:ef:d0:7a:
63:03:67:fb:49:65:62:5b:58:32:2f:1d:a8:21:7e:
8d:f3:57:09:02:b6:58:eb:be:1e:ef:bb:3c:bb:cb:
70:ee:fc:1e:70:5b:ea:83:3e:45:29:ff:fa:e7:41:
67:8c:a1:a9:56:24:3b:14:ad:85:47:54:c0:8b:bd:
0a:61:d0:e2:83:87:8c:31:f3:46:af:23:61:7f:fc:
00:83:92:93:d6:3c:d2:e7:0b:25:8d:d0:fd:1b:7d:
88:8d:e0:73:d4:43:34:28:7c:46:cb:ac:70:1d:5a:
15:82:6c:af:42:74:eb:70:8b:06:d1:e3:8c:4b:b4:
51:dd:78:54:b6:9a:dd:48:f9:63:b9:b9:f7:10:cd:
01:28:fe:18:0f:f1:4f:e1:25:22:83:24:1b:9b:fa:
d1:7c:32:b0:90:98:43:89:5a:87:7d:28:ec:30:70:
bc:78:6c:b1:14:02:26:8d:b3:37:38:b1:e0:d1:f7:
60:9a:90:32:d0:f0:73:a7:1a:d9:3b:46:5d:9c:73:
c9:76:63:e4:87:ec:0e:57:73:cb:2a:f8:73:eb:73:
d6:60:9c:ac:eb:a7:64:a0:b9:ff:08:65:05:2e:65:
5d:6e:7a:19:1b:3f:49:4d:0b:04:df:3c:27:82:82:
eb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:47:0B:54:37:94:8D:86:06:8B:B7:0E:B7:FB:90:17:19:88:07:BD
X509v3 Authority Key Identifier:
keyid:7C:A6:43:BB:39:9C:6D:87:AD:C4:C7:CB:A5:D2:B7:2F:BD:00:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fKZDuzmcbYetxMfLpdK3L70A0EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/okcLVDeUjYYGi7cOt_uQFxmIB70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/c0301d-5801-4ac6-b503-44ea64721c9e/1/fKZDuzmcbYetxMfLpdK3L70A0EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.250.0/23
45.85.108.0/22
45.94.96.0/22
45.130.65.0/24
45.139.0.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:79:bf:3d:29:2b:7e:70:f7:95:41:94:82:b6:79:6a:3a:05:
24:b1:b9:3b:7e:96:43:5a:3c:77:21:26:85:74:ae:ce:21:8c:
48:6f:df:53:e4:d6:a7:31:71:dd:62:be:5f:c7:9a:20:8e:72:
a8:f7:42:df:91:b1:29:43:51:61:80:ca:7d:1d:4d:6d:eb:45:
55:4b:88:5a:6a:f1:1a:67:e1:f3:f3:9c:31:48:da:be:c6:2e:
c3:98:c9:31:ba:b2:bc:74:7c:81:a0:14:fe:7f:f8:83:17:16:
20:fc:a5:92:30:fc:c7:e2:06:99:02:43:ac:2b:40:72:d6:95:
b6:81:18:8c:d6:ba:4d:5b:a4:fe:1b:d7:7d:6a:c9:03:e0:74:
f7:1e:32:29:5b:3b:49:55:e6:c7:3b:9a:22:fe:de:b2:a1:dd:
88:0c:db:fa:0a:87:06:e0:95:84:62:71:aa:d1:1c:47:cc:6f:
6b:28:26:18:ba:ab:c8:7b:ba:84:1f:bb:14:96:4e:af:74:2f:
e1:94:ee:25:ad:1b:a9:c6:83:a5:c5:76:77:14:0d:78:75:95:
7b:d5:18:7f:08:98:4a:86:96:1e:24:5c:49:76:6a:78:78:92:
0a:1f:b3:a8:bb:0b:35:f6:f4:01:52:84:2f:9b:f5:e2:fb:5b:
c7:a3:0d:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoJzywZrhNODfn3UVzc/p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYTY0M2JiMzk5YzZkODdhZGM0YzdjYmE1ZDJiNzJmYmQw
MGQwNDYwHhcNMjUwMTAyMTc1NDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ3MGI1NDM3OTQ4ZDg2MDY4YmI3MGViN2ZiOTAxNzE5ODgwN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox/PxPJbv63C9Lnv0HpjA2f7SWVi
W1gyLx2oIX6N81cJArZY674e77s8u8tw7vwecFvqgz5FKf/650FnjKGpViQ7FK2F
R1TAi70KYdDig4eMMfNGryNhf/wAg5KT1jzS5wsljdD9G32IjeBz1EM0KHxGy6xw
HVoVgmyvQnTrcIsG0eOMS7RR3XhUtprdSPljubn3EM0BKP4YD/FP4SUigyQbm/rR
fDKwkJhDiVqHfSjsMHC8eGyxFAImjbM3OLHg0fdgmpAy0PBzpxrZO0ZdnHPJdmPk
h+wOV3PLKvhz63PWYJys66dkoLn/CGUFLmVdbnoZGz9JTQsE3zwngoLriQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKJHC1Q3lI2GBou3Drf7kBcZiAe9MB8GA1UdIwQY
MBaAFHymQ7s5nG2HrcTHy6XSty+9ANBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMt
NDRlYTY0NzIxYzllLzEvb2tjTFZEZVVqWVlHaTdjT3RfdVFGeG1JQjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9jMDMwMWQtNTgwMS00YWM2LWI1MDMtNDRlYTY0NzIxYzll
LzEvZktaRHV6bWNiWWV0eE1mTHBkSzNMNzBBMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLQ36AwQC
LVVsAwQCLV5gAwQALYJBAwQBLYsAMA0GCSqGSIb3DQEBCwUAA4IBAQANeb89KSt+
cPeVQZSCtnlqOgUksbk7fpZDWjx3ISaFdK7OIYxIb99T5NanMXHdYr5fx5ogjnKo
90LfkbEpQ1FhgMp9HU1t60VVS4haavEaZ+Hz85wxSNq+xi7DmMkxurK8dHyBoBT+
f/iDFxYg/KWSMPzH4gaZAkOsK0By1pW2gRiM1rpNW6T+G9d9askD4HT3HjIpWztJ
VebHO5oi/t6yod2IDNv6CocG4JWEYnGq0RxHzG9rKCYYuqvIe7qEH7sUlk6vdC/h
lO4lrRupxoOlxXZ3FA14dZV71Rh/CJhKhpYeJFxJdmp4eJIKH7Oouws19vQBUoQv
m/Xi+1vHow3A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:49 2025 by rpki-client