Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/otNzLCvC1YZy2ROCVIb-0pbkcBs.roa
File: otNzLCvC1YZy2ROCVIb-0pbkcBs.roa (raw, json)
Hash identifier: L6QflF/odOWEFNQcBAQooQXtnGkmRuY38trEs7uC74w=
Subject key identifier: A2:D3:73:2C:2B:C2:D5:86:72:D9:13:82:54:86:FE:D2:96:E4:70:1B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193C19C1F71F98D78C33FD22E3735EDBAAE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/otNzLCvC1YZy2ROCVIb-0pbkcBs.roa
Signing time: Fri 13 Dec 2024 20:00:54 +0000
ROA not before: Fri 13 Dec 2024 20:00:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214927
IP address blocks: 45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 13:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:9c:1f:71:f9:8d:78:c3:3f:d2:2e:37:35:ed:ba:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 13 20:00:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2d3732c2bc2d58672d913825486fed296e4701b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:2d:88:b8:6c:b2:d5:a5:87:f3:c1:4f:7c:0f:
bf:04:ea:39:cf:d0:12:48:00:68:90:bc:f6:e2:ed:
09:95:7a:ca:a9:cf:af:6a:39:44:87:6a:96:5a:ff:
b7:d3:6a:96:3d:4b:ee:fb:e3:c7:60:24:f5:57:be:
11:ff:7f:31:11:26:40:15:b6:7b:16:a3:3c:7b:26:
11:5c:a9:3d:d5:d7:bb:9a:c7:c7:ba:50:c3:52:4e:
d7:c8:b2:1b:4b:b8:b3:69:e7:86:14:ba:66:f6:b1:
ab:91:0a:9b:81:05:6c:ed:ca:6d:6d:62:8d:22:4b:
ea:99:68:b9:65:fd:df:a3:c7:a0:d2:2f:26:8f:b0:
a4:32:87:7c:86:0b:06:12:91:a4:e5:7b:89:9f:ac:
55:02:a7:75:cd:d2:e0:88:85:76:41:a3:04:15:90:
b9:78:5d:a9:41:e5:12:e5:7d:39:2b:26:26:80:76:
85:92:99:ae:d4:1b:c1:23:b1:c9:80:60:6d:a9:e3:
5e:f7:a0:0e:22:b1:28:4a:a4:b2:1f:3d:c6:97:38:
58:0d:2f:5d:10:95:f4:ca:b7:86:46:a7:6e:51:26:
e4:f3:ad:56:58:dc:73:55:da:fe:e5:df:c7:61:92:
05:fa:69:de:bf:bc:17:c3:95:5b:30:63:62:e4:55:
d4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:73:2C:2B:C2:D5:86:72:D9:13:82:54:86:FE:D2:96:E4:70:1B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/otNzLCvC1YZy2ROCVIb-0pbkcBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.215.0/24
45.137.81.0/24
45.141.177.0/24
85.209.128.0/24
103.114.43.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ad:13:13:72:d1:95:e1:a0:2a:22:12:87:28:06:6e:05:97:
72:ee:f4:7c:a5:a2:53:14:54:70:c2:8c:3a:8f:15:2f:ce:89:
db:59:83:df:0c:ab:4f:bf:df:84:be:6f:1c:fa:26:01:88:6c:
bf:73:d2:bd:6b:77:62:12:82:cf:de:36:11:f8:9b:8c:a0:41:
6a:b8:54:e1:99:44:7f:0d:c1:43:38:bb:3d:db:97:27:46:27:
88:8f:17:f4:ae:eb:ff:21:a5:47:90:35:8c:f6:be:8b:2e:4f:
b4:00:37:83:f0:df:85:b1:c5:9a:55:58:12:d8:c9:ab:d1:48:
9c:25:76:be:06:8d:75:1c:c2:65:4d:a9:dc:5e:02:90:e5:75:
60:57:46:9d:67:11:1c:d5:b5:0e:a7:cb:33:f2:77:f4:ee:57:
df:84:a8:40:f8:d9:65:2b:5e:9f:32:12:46:f4:b8:cf:dd:3f:
3a:1d:c3:68:d2:49:75:a4:55:24:ae:c6:b4:71:cf:06:af:81:
82:bc:54:06:6b:f9:11:24:9e:52:97:dc:bd:60:8a:83:28:31:
95:c8:d0:3e:d2:3f:cd:17:91:84:09:f3:56:4b:26:0a:e9:2f:
e3:e5:bc:b6:b8:85:c8:b0:04:6e:30:34:b2:92:96:4e:ca:0e:
61:d0:d4:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPBnB9x+Y14wz/SLjc17bquMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjEzMjAwMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQzNzMyYzJiYzJkNTg2NzJkOTEzODI1NDg2ZmVkMjk2ZTQ3MDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9y2IuGyy1aWH88FPfA+/BOo5z9AS
SABokLz24u0JlXrKqc+vajlEh2qWWv+302qWPUvu++PHYCT1V74R/38xESZAFbZ7
FqM8eyYRXKk91de7msfHulDDUk7XyLIbS7izaeeGFLpm9rGrkQqbgQVs7cptbWKN
IkvqmWi5Zf3fo8eg0i8mj7CkMod8hgsGEpGk5XuJn6xVAqd1zdLgiIV2QaMEFZC5
eF2pQeUS5X05KyYmgHaFkpmu1BvBI7HJgGBtqeNe96AOIrEoSqSyHz3GlzhYDS9d
EJX0yreGRqduUSbk861WWNxzVdr+5d/HYZIF+mnev7wXw5VbMGNi5FXU+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKLTcywrwtWGctkTglSG/tKW5HAbMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb3ROekxDdkMxWVp5MlJPQ1ZJYi0wcGJrY0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYPXAwQA
LYlRAwQALY2xAwQAVdGAAwQAZ3IrMA0GCSqGSIb3DQEBCwUAA4IBAQB1rRMTctGV
4aAqIhKHKAZuBZdy7vR8paJTFFRwwow6jxUvzonbWYPfDKtPv9+Evm8c+iYBiGy/
c9K9a3diEoLP3jYR+JuMoEFquFThmUR/DcFDOLs925cnRieIjxf0ruv/IaVHkDWM
9r6LLk+0ADeD8N+FscWaVVgS2Mmr0UicJXa+Bo11HMJlTancXgKQ5XVgV0adZxEc
1bUOp8sz8nf07lffhKhA+NllK16fMhJG9LjP3T86HcNo0kl1pFUkrsa0cc8Gr4GC
vFQGa/kRJJ5Sl9y9YIqDKDGVyNA+0j/NF5GECfNWSyYK6S/j5by2uIXIsARuMDSy
kpZOyg5h0NQ2
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:26 2025 by rpki-client