Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DdXjq-xKCvE5A7IGUFqIJ0RVMeU.roa
File: DdXjq-xKCvE5A7IGUFqIJ0RVMeU.roa (raw, json)
Hash identifier: 4c1+goUhSP1n/QoMGg/FgdXE4lCbgMnDQRpBHgH9gDM=
Subject key identifier: 0D:D5:E3:AB:EC:4A:0A:F1:39:03:B2:06:50:5A:88:27:44:55:31:E5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191C2AA3E7E2AB969B9CBC604CFF9E73A95
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DdXjq-xKCvE5A7IGUFqIJ0RVMeU.roa
Signing time: Thu 05 Sep 2024 14:50:22 +0000
ROA not before: Thu 05 Sep 2024 14:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395954
IP address blocks: 45.145.58.0/24 maxlen: 24
45.147.100.0/24 maxlen: 24
45.147.101.0/24 maxlen: 24
45.147.102.0/24 maxlen: 24
45.147.103.0/24 maxlen: 24
45.152.201.0/24 maxlen: 24
45.155.200.0/24 maxlen: 24
45.155.201.0/24 maxlen: 24
45.155.202.0/24 maxlen: 24
45.155.203.0/24 maxlen: 24
193.8.8.0/24 maxlen: 24
194.41.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 18:59:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:aa:3e:7e:2a:b9:69:b9:cb:c6:04:cf:f9:e7:3a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 5 14:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dd5e3abec4a0af13903b206505a8827445531e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:36:75:30:e7:4b:03:ba:01:a7:3a:84:99:e6:
45:3a:fb:78:a0:81:31:2b:98:3c:28:c5:11:00:32:
e1:3a:18:f5:5a:99:36:16:f8:fd:d4:e1:05:13:4f:
64:8a:94:30:53:c9:5a:10:b0:5f:ea:c2:23:2d:ff:
7b:0d:21:5c:c3:72:3b:64:6c:8b:58:af:74:38:f1:
a9:6c:a1:d5:98:9b:4c:9b:18:ad:ed:08:ed:bd:34:
53:57:7a:13:55:b2:10:5f:25:d6:4c:39:67:48:4f:
5b:2a:50:49:6b:35:5c:eb:97:a2:36:26:6c:1e:2f:
d0:bf:dd:2c:6e:ca:e8:e7:77:cd:bd:b3:ce:eb:10:
f8:4b:b6:54:22:88:27:8c:53:54:f7:d0:6b:99:53:
db:b2:ac:41:99:1f:1b:e1:fd:47:ac:28:7e:35:86:
00:68:0e:71:9a:12:6d:bc:30:2d:cd:62:cd:20:f2:
d4:4b:6e:e6:9a:04:b4:45:6a:22:28:7e:49:1a:18:
e6:02:3c:03:b9:6c:06:c5:18:a3:a1:d7:83:3e:3f:
f6:59:e3:46:cd:ea:f6:76:12:5d:ef:18:4e:6a:09:
7a:73:e1:eb:a7:58:57:fe:d4:95:ca:19:0a:5a:9a:
4d:58:9f:23:9a:ed:c6:60:e0:93:54:a9:d1:98:f8:
f2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D5:E3:AB:EC:4A:0A:F1:39:03:B2:06:50:5A:88:27:44:55:31:E5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DdXjq-xKCvE5A7IGUFqIJ0RVMeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.58.0/24
45.147.100.0/22
45.152.201.0/24
45.155.200.0/22
193.8.8.0/24
194.41.56.0/24
Signature Algorithm: sha256WithRSAEncryption
15:0f:bd:75:43:95:60:ed:3b:90:64:f0:69:e1:f9:c9:88:de:
43:67:dd:d3:95:5b:28:0e:9a:e7:e8:09:f7:0c:78:c5:45:3e:
34:ae:89:1b:19:21:57:1f:ff:6e:ad:1c:e4:27:fd:55:c7:85:
b6:d9:cb:c1:f1:5f:02:94:fa:1d:e2:39:f1:90:86:99:0b:11:
ea:f7:76:e8:2c:94:00:2d:bf:6b:58:53:ac:73:6c:f6:91:5e:
7d:6e:42:3e:18:d4:cf:6a:f4:28:4d:8f:a5:e0:8a:5c:6d:b8:
8d:3d:ab:3f:13:26:19:be:d4:c6:e8:57:20:5c:46:56:20:ca:
4b:ac:c8:6b:47:2c:6c:00:72:e4:9b:d3:8a:53:2c:4b:70:4a:
c1:2e:01:cc:f8:a2:0c:3a:4a:5c:3a:e6:b0:1c:14:19:df:f9:
9c:22:29:d2:e6:1f:6d:c1:cd:98:df:cf:80:33:e3:58:82:8c:
f8:73:99:98:2e:3c:44:b2:8b:0d:33:0c:8f:ea:93:2a:b0:ff:
e1:6d:5f:c3:66:b4:c4:fe:b6:3b:9c:e3:a1:a2:43:14:63:a5:
66:2f:36:e2:b3:7f:f6:96:bb:e1:99:84:e0:d1:72:44:89:6b:
c6:1e:3f:d9:32:10:be:e9:af:ef:3a:84:ea:90:4d:e3:a6:2c:
5e:1d:19:bc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZHCqj5+KrlpucvGBM/55zqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTA1MTQ1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ1ZTNhYmVjNGEwYWYxMzkwM2IyMDY1MDVhODgyNzQ0NTUzMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDZ1MOdLA7oBpzqEmeZFOvt4oIEx
K5g8KMURADLhOhj1Wpk2Fvj91OEFE09kipQwU8laELBf6sIjLf97DSFcw3I7ZGyL
WK90OPGpbKHVmJtMmxit7QjtvTRTV3oTVbIQXyXWTDlnSE9bKlBJazVc65eiNiZs
Hi/Qv90sbsro53fNvbPO6xD4S7ZUIognjFNU99BrmVPbsqxBmR8b4f1HrCh+NYYA
aA5xmhJtvDAtzWLNIPLUS27mmgS0RWoiKH5JGhjmAjwDuWwGxRijodeDPj/2WeNG
zer2dhJd7xhOagl6c+Hrp1hX/tSVyhkKWppNWJ8jmu3GYOCTVKnRmPjy+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA3V46vsSgrxOQOyBlBaiCdEVTHlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRGRYanEteEtDdkU1QTdJR1VGcUlKMFJWTWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZE6AwQC
LZNkAwQALZjJAwQCLZvIAwQAwQgIAwQAwik4MA0GCSqGSIb3DQEBCwUAA4IBAQAV
D711Q5Vg7TuQZPBp4fnJiN5DZ93TlVsoDprn6An3DHjFRT40rokbGSFXH/9urRzk
J/1Vx4W22cvB8V8ClPod4jnxkIaZCxHq93boLJQALb9rWFOsc2z2kV59bkI+GNTP
avQoTY+l4IpcbbiNPas/EyYZvtTG6FcgXEZWIMpLrMhrRyxsAHLkm9OKUyxLcErB
LgHM+KIMOkpcOuawHBQZ3/mcIinS5h9twc2Y38+AM+NYgoz4c5mYLjxEsosNMwyP
6pMqsP/hbV/DZrTE/rY7nOOhokMUY6VmLzbis3/2lrvhmYTg0XJEiWvGHj/ZMhC+
6a/vOoTqkE3jpixeHRm8
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:31 2025 by rpki-client