Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/w7qI8pvEDEdJqlc3ykkuUuO0-LQ.roa
File: w7qI8pvEDEdJqlc3ykkuUuO0-LQ.roa (raw, json)
Hash identifier: YtZDzCNvtMl5Sq2p6JzMcm95szg4xSFA01GvOJNJr3k=
Subject key identifier: C3:BA:88:F2:9B:C4:0C:47:49:AA:57:37:CA:49:2E:52:E3:B4:F8:B4
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018EA46326F710468B85E77B7E55FF2E7E8F
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/w7qI8pvEDEdJqlc3ykkuUuO0-LQ.roa
Signing time: Wed 03 Apr 2024 14:35:45 +0000
ROA not before: Wed 03 Apr 2024 14:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
193.36.162.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 08:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:63:26:f7:10:46:8b:85:e7:7b:7e:55:ff:2e:7e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Apr 3 14:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3ba88f29bc40c4749aa5737ca492e52e3b4f8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:72:b4:07:e4:40:fb:49:0d:d3:e0:f6:ba:b2:
03:7d:7f:92:67:1e:43:7c:5b:85:3d:e2:a9:0d:dc:
2d:c7:8d:63:4d:19:d1:f7:c3:4c:92:1c:d9:06:d7:
3b:0a:c0:28:a0:18:a7:f1:f2:a9:d3:77:76:6d:57:
23:22:3c:3a:48:e0:ed:a5:6f:7c:08:6b:01:52:10:
13:42:bd:c2:b8:09:34:4a:f2:61:6f:7e:4a:94:6b:
17:8c:a0:8a:27:b6:87:ac:ea:27:f7:c4:66:95:cd:
9e:0c:7a:70:b7:a5:f6:6d:fc:71:45:f6:c9:2d:fa:
9d:1e:49:c4:b5:a1:aa:5c:57:85:21:08:9e:8e:1e:
a2:21:77:a1:16:e1:1e:4f:c9:a3:84:fc:54:8f:02:
d1:1e:ff:62:d8:b8:8b:4f:3c:f9:54:0e:cb:ba:f5:
89:ef:83:72:e5:c2:81:81:60:26:7a:db:92:ca:52:
f6:2f:e0:8b:15:26:97:9a:ab:ae:c4:c5:13:86:93:
ee:06:a1:d7:54:f5:dc:b2:55:0e:43:c9:55:c4:0b:
c0:d8:bc:84:87:8e:3f:bc:d8:07:5b:17:05:a5:29:
93:3f:89:39:d6:69:e6:a4:cc:43:a0:b0:48:87:1d:
3d:5a:1a:ff:ab:12:d5:a1:6c:a9:e5:07:ec:29:85:
0a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BA:88:F2:9B:C4:0C:47:49:AA:57:37:CA:49:2E:52:E3:B4:F8:B4
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/w7qI8pvEDEdJqlc3ykkuUuO0-LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
193.36.162.0/23
Signature Algorithm: sha256WithRSAEncryption
cf:d0:e3:50:16:99:29:18:c9:e7:b9:09:11:39:a9:6d:74:62:
9e:3d:e0:06:7a:90:af:a6:dd:9c:eb:af:a7:4c:b2:a3:ab:50:
0b:b1:ab:f2:2f:fa:23:a7:11:40:7d:49:f0:39:e5:13:e0:69:
b1:0e:4d:c4:6c:ad:5d:6e:15:89:5c:ca:5c:39:fb:74:05:d6:
c4:a2:c5:11:f1:4d:79:55:8c:4b:2d:77:78:81:26:ce:3f:39:
31:6b:11:04:4f:e1:0f:20:68:6f:a9:ac:9b:98:28:1a:c3:33:
a8:ec:41:fd:fc:27:30:70:d6:ef:8d:37:4e:bb:ff:13:c9:41:
e4:1d:e9:6d:cb:ae:3e:77:28:26:5c:01:96:e4:87:80:e6:8a:
8e:3e:2e:f8:31:06:68:65:f9:dd:bb:84:a6:2e:44:59:f6:ac:
4e:09:7b:90:b6:c9:31:03:e4:1d:af:51:06:30:9c:06:0b:69:
60:ff:fd:3e:94:be:63:a5:9a:3e:87:84:b8:24:e4:11:23:43:
97:6d:44:e1:cb:52:ea:96:d3:84:93:54:07:6a:57:d8:7c:07:
14:82:a7:6f:f6:02:e4:40:65:2c:0f:29:51:21:ba:af:c1:bf:
b1:01:bb:66:00:68:67:0a:e4:28:e9:74:d7:dc:3a:7d:44:6a:
fa:c8:82:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6kYyb3EEaLhed7flX/Ln6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNDAzMTQzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JhODhmMjliYzQwYzQ3NDlhYTU3MzdjYTQ5MmU1MmUzYjRmOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnK0B+RA+0kN0+D2urIDfX+SZx5D
fFuFPeKpDdwtx41jTRnR98NMkhzZBtc7CsAooBin8fKp03d2bVcjIjw6SODtpW98
CGsBUhATQr3CuAk0SvJhb35KlGsXjKCKJ7aHrOon98Rmlc2eDHpwt6X2bfxxRfbJ
LfqdHknEtaGqXFeFIQiejh6iIXehFuEeT8mjhPxUjwLRHv9i2LiLTzz5VA7LuvWJ
74Ny5cKBgWAmetuSylL2L+CLFSaXmquuxMUThpPuBqHXVPXcslUOQ8lVxAvA2LyE
h44/vNgHWxcFpSmTP4k51mnmpMxDoLBIhx09Whr/qxLVoWyp5QfsKYUK7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMO6iPKbxAxHSapXN8pJLlLjtPi0MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvdzdxSThwdkVERWRKcWxjM3lra3VVdU8wLUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYtEAwQB
LZZQAwQBwSSiMA0GCSqGSIb3DQEBCwUAA4IBAQDP0ONQFpkpGMnnuQkROaltdGKe
PeAGepCvpt2c66+nTLKjq1ALsavyL/ojpxFAfUnwOeUT4GmxDk3EbK1dbhWJXMpc
Oft0BdbEosUR8U15VYxLLXd4gSbOPzkxaxEET+EPIGhvqaybmCgawzOo7EH9/Ccw
cNbvjTdOu/8TyUHkHelty64+dygmXAGW5IeA5oqOPi74MQZoZfndu4SmLkRZ9qxO
CXuQtskxA+Qdr1EGMJwGC2lg//0+lL5jpZo+h4S4JOQRI0OXbUThy1LqltOEk1QH
alfYfAcUgqdv9gLkQGUsDylRIbqvwb+xAbtmAGhnCuQo6XTX3Dp9RGr6yILC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:45 2025 by rpki-client