Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ng6SdMVOBYlSQvln6v4Nmi3igLE.roa
File: Ng6SdMVOBYlSQvln6v4Nmi3igLE.roa (raw, json)
Hash identifier: b38EShokiNTGdcGzqNimqZmDyahUmHf8AlSKzu5Oo7o=
Subject key identifier: 36:0E:92:74:C5:4E:05:89:52:42:F9:67:EA:FE:0D:9A:2D:E2:80:B1
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DF952952A62EA4B97E9B6C80D0FCBF
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ng6SdMVOBYlSQvln6v4Nmi3igLE.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.94.166.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
45.138.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:95:29:52:a6:2e:a4:b9:7e:9b:6c:80:d0:fc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=360e9274c54e05895242f967eafe0d9a2de280b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:78:41:59:e4:cd:e6:d1:eb:37:5c:df:0f:d7:
86:24:f2:fe:40:4b:4c:36:ae:e3:91:39:a1:5b:82:
fe:26:24:4c:dd:6d:3a:ff:ae:44:81:80:5c:71:34:
d2:b4:d4:e9:6a:2c:0f:c4:65:eb:70:bd:a7:8e:3e:
fa:38:72:e3:c0:5e:b0:79:a9:0b:a3:2b:ce:18:32:
d6:79:c5:d7:0b:f7:c7:de:3a:d5:80:cc:13:97:46:
a6:3f:83:da:f0:8e:ec:ed:a5:ae:cf:27:d9:4f:6f:
d0:5f:0a:c6:ee:ac:52:f4:2a:10:46:85:fa:fc:56:
dd:ed:8a:82:02:99:87:49:3b:db:b3:69:a4:d1:3b:
15:45:1c:3f:cd:a4:2a:f3:f5:ce:85:00:a6:49:27:
11:18:8d:fd:40:41:e2:08:4b:76:d1:c1:56:81:a8:
be:10:4c:0d:75:7a:a9:37:70:ab:e6:b2:9f:12:86:
41:95:22:42:b4:36:e1:48:5f:de:18:68:cd:2a:00:
82:b4:c9:49:cd:1b:de:af:5f:35:53:08:19:b0:9d:
8f:91:54:73:5b:76:45:65:9f:d6:df:c4:5e:b1:fb:
20:9d:00:31:a4:79:69:46:4d:d9:fd:0a:0a:ce:f2:
f2:5a:54:aa:db:47:e5:78:59:a8:93:dc:e3:72:0f:
a3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0E:92:74:C5:4E:05:89:52:42:F9:67:EA:FE:0D:9A:2D:E2:80:B1
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ng6SdMVOBYlSQvln6v4Nmi3igLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.72.0/24
185.94.166.0/24
185.125.51.0/24
185.172.130.0/23
Signature Algorithm: sha256WithRSAEncryption
79:04:fd:41:ff:0a:e4:9a:c3:98:67:cf:35:6e:9d:1d:0f:bf:
47:c0:2d:85:21:ba:de:5c:3c:8b:a4:a6:fc:b7:47:8a:a5:80:
8f:1a:a8:26:a1:0c:a7:b5:c4:6b:5b:42:a0:30:5c:13:d5:ac:
27:3d:79:eb:d5:6f:a6:54:df:8c:b7:7b:65:b8:10:a8:17:23:
95:36:2c:5c:5f:74:e7:b4:76:e2:7f:f8:2b:47:03:7e:0b:ae:
57:7b:ea:c8:e7:b9:7d:00:fa:73:3d:22:88:49:5c:05:91:07:
9c:03:1e:38:76:ef:2a:97:26:f1:83:f0:88:45:7f:b5:0c:8d:
95:eb:3b:63:79:c8:51:7c:32:7a:6d:c2:37:11:a9:ef:b1:22:
d3:c4:fb:b8:0f:c2:e5:89:ed:51:5d:16:ae:7f:b9:62:3f:ee:
6d:2f:99:8c:5b:06:53:94:cc:6e:64:34:fd:34:8f:7b:10:85:
8d:eb:c3:e9:44:1d:43:62:78:7c:55:d8:08:b8:81:cc:bd:32:
d0:12:ef:ca:82:f6:26:57:64:dc:17:12:90:d5:fc:2f:53:ba:
fa:bc:28:94:8f:0f:10:29:b5:fb:4b:c3:a1:0f:01:c9:02:2c:
3e:74:c2:93:81:0d:7d:9b:de:35:02:04:2a:97:22:03:77:62:
ee:c7:af:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI35UpUqYupLl+m2yA0Py/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBlOTI3NGM1NGUwNTg5NTI0MmY5NjdlYWZlMGQ5YTJkZTI4MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3hBWeTN5tHrN1zfD9eGJPL+QEtM
Nq7jkTmhW4L+JiRM3W06/65EgYBccTTStNTpaiwPxGXrcL2njj76OHLjwF6weakL
oyvOGDLWecXXC/fH3jrVgMwTl0amP4Pa8I7s7aWuzyfZT2/QXwrG7qxS9CoQRoX6
/Fbd7YqCApmHSTvbs2mk0TsVRRw/zaQq8/XOhQCmSScRGI39QEHiCEt20cFWgai+
EEwNdXqpN3Cr5rKfEoZBlSJCtDbhSF/eGGjNKgCCtMlJzRver181UwgZsJ2PkVRz
W3ZFZZ/W38ResfsgnQAxpHlpRk3Z/QoKzvLyWlSq20fleFmok9zjcg+jdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDYOknTFTgWJUkL5Z+r+DZot4oCxMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTmc2U2RNVk9CWWxTUXZsbjZ2NE5taTNpZ0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYpIAwQA
uV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQB5BP1B/wrkmsOYZ881
bp0dD79HwC2FIbreXDyLpKb8t0eKpYCPGqgmoQyntcRrW0KgMFwT1awnPXnr1W+m
VN+Mt3tluBCoFyOVNixcX3TntHbif/grRwN+C65Xe+rI57l9APpzPSKISVwFkQec
Ax44du8qlybxg/CIRX+1DI2V6ztjechRfDJ6bcI3EanvsSLTxPu4D8Llie1RXRau
f7liP+5tL5mMWwZTlMxuZDT9NI97EIWN68PpRB1DYnh8VdgIuIHMvTLQEu/KgvYm
V2TcFxKQ1fwvU7r6vCiUjw8QKbX7S8OhDwHJAiw+dMKTgQ19m941AgQqlyIDd2Lu
x69c
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:10 2025 by rpki-client