Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/TKxam6ip0_FnCSSMOfMHCcUs9nI.roa
File: TKxam6ip0_FnCSSMOfMHCcUs9nI.roa (raw, json)
Hash identifier: JWxoK7frBy48NMkl8pfH6jWS7YUAqq2rFDz+7zUCYCM=
Subject key identifier: 4C:AC:5A:9B:A8:A9:D3:F1:67:09:24:8C:39:F3:07:09:C5:2C:F6:72
Certificate issuer: /CN=8069d9ffe048a70003f16f06e24d9bf2db85eb52
Certificate serial: 0193F405DCCC09760192D498C15327313058
Authority key identifier: 80:69:D9:FF:E0:48:A7:00:03:F1:6F:06:E2:4D:9B:F2:DB:85:EB:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGnZ_-BIpwAD8W8G4k2b8tuF61I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/TKxam6ip0_FnCSSMOfMHCcUs9nI.roa
Signing time: Mon 23 Dec 2024 14:57:25 +0000
ROA not before: Mon 23 Dec 2024 14:57:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208012
IP address blocks: 45.129.120.0/24 maxlen: 24
45.129.121.0/24 maxlen: 24
45.129.123.0/24 maxlen: 24
185.77.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f4:05:dc:cc:09:76:01:92:d4:98:c1:53:27:31:30:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8069d9ffe048a70003f16f06e24d9bf2db85eb52
Validity
Not Before: Dec 23 14:57:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cac5a9ba8a9d3f16709248c39f30709c52cf672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6f:12:8c:79:0e:b4:03:05:e2:ec:5c:a3:0c:
3c:30:79:19:de:77:24:5f:71:3e:69:65:75:d4:0d:
ee:cf:5f:ba:46:af:70:44:c6:39:2d:dc:3d:a0:58:
f3:6b:b7:d4:8f:b3:2a:85:1e:8e:af:ab:b5:77:75:
91:c1:5e:1c:5c:2e:3b:91:d1:37:9d:63:f8:79:d1:
44:fd:5b:a2:9f:75:3e:66:e3:b3:ba:74:5c:c9:f4:
db:c2:a9:64:f5:98:fc:05:0e:3a:ea:01:1f:bb:60:
19:84:38:b7:9f:71:c2:b8:62:7c:35:92:1b:96:9d:
4e:0c:aa:8d:a9:f7:0a:39:8a:0e:5d:9e:85:2c:7d:
e4:d8:ed:c7:e6:96:42:42:b0:74:73:a3:25:ad:d5:
3f:15:cb:9d:f0:4f:a3:35:b9:bf:76:b8:68:b1:3b:
e9:d3:66:08:29:6b:72:fb:4c:0d:e0:bc:b3:95:34:
5c:14:18:6d:be:76:d7:58:81:46:0e:73:f0:d8:37:
92:09:c1:df:66:15:3a:5b:9c:87:99:94:86:ae:be:
73:39:33:45:7d:00:ad:a4:3c:4b:15:4c:a4:bf:dc:
94:c2:5a:70:78:12:bc:9c:75:33:1f:2b:de:85:e8:
b8:00:c0:b8:63:90:78:66:89:86:8e:f7:96:dd:40:
c0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AC:5A:9B:A8:A9:D3:F1:67:09:24:8C:39:F3:07:09:C5:2C:F6:72
X509v3 Authority Key Identifier:
keyid:80:69:D9:FF:E0:48:A7:00:03:F1:6F:06:E2:4D:9B:F2:DB:85:EB:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGnZ_-BIpwAD8W8G4k2b8tuF61I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/TKxam6ip0_FnCSSMOfMHCcUs9nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e64148-4c8c-4e84-925b-e022e3009a71/1/gGnZ_-BIpwAD8W8G4k2b8tuF61I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.120.0/23
45.129.123.0/24
185.77.90.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a4:a2:ba:99:a3:a0:27:dd:84:70:45:46:68:b5:26:72:f8:
aa:e1:46:6c:e4:0e:a3:f7:e2:9f:a5:b9:d8:20:6c:98:0b:e0:
65:46:6e:ab:5c:dc:01:67:75:ed:43:36:82:e5:66:90:e4:b1:
4a:7e:17:6c:2b:c6:5f:98:1b:9b:c7:76:8b:e5:f0:52:d5:1e:
3b:61:fa:bb:5d:0d:d6:61:3e:19:c6:2c:03:8d:7d:1d:d1:18:
37:d6:d9:05:83:d8:90:d3:96:43:d8:a3:1b:ac:af:b0:21:f9:
b4:ae:5e:7a:ac:ce:7c:ee:66:ad:2f:56:70:7c:51:48:52:4d:
7f:31:2d:55:01:ae:6b:53:98:d4:a2:7f:d2:b8:b8:4f:02:ad:
d4:cc:7d:cc:c7:c4:d6:2b:2a:7d:aa:1a:c4:f4:fb:c9:67:e6:
d6:24:9a:0e:8c:d3:e6:44:9d:6f:8d:6d:30:e8:78:b8:d2:25:
15:63:38:eb:db:5e:8b:4b:be:66:99:ed:d2:49:85:24:60:e8:
ea:8b:c6:84:f2:d1:ac:6b:1c:9f:07:3c:37:b0:1b:a7:7f:0e:
e7:c8:11:d2:15:e4:ad:06:ba:62:8e:a4:5a:d3:dd:35:ff:47:
27:70:82:e9:50:c6:70:73:0d:fd:37:4a:b9:75:da:af:c9:2d:
c5:5e:a2:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZP0BdzMCXYBktSYwVMnMTBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjlkOWZmZTA0OGE3MDAwM2YxNmYwNmUyNGQ5YmYyZGI4
NWViNTIwHhcNMjQxMjIzMTQ1NzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FjNWE5YmE4YTlkM2YxNjcwOTI0OGMzOWYzMDcwOWM1MmNmNjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW8SjHkOtAMF4uxcoww8MHkZ3nck
X3E+aWV11A3uz1+6Rq9wRMY5Ldw9oFjza7fUj7MqhR6Or6u1d3WRwV4cXC47kdE3
nWP4edFE/Vuin3U+ZuOzunRcyfTbwqlk9Zj8BQ466gEfu2AZhDi3n3HCuGJ8NZIb
lp1ODKqNqfcKOYoOXZ6FLH3k2O3H5pZCQrB0c6MlrdU/Fcud8E+jNbm/drhosTvp
02YIKWty+0wN4LyzlTRcFBhtvnbXWIFGDnPw2DeSCcHfZhU6W5yHmZSGrr5zOTNF
fQCtpDxLFUykv9yUwlpweBK8nHUzHyvehei4AMC4Y5B4ZomGjveW3UDAjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEysWpuoqdPxZwkkjDnzBwnFLPZyMB8GA1UdIwQY
MBaAFIBp2f/gSKcAA/FvBuJNm/LbhetSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0duWl8tQklwd0FEOFc4RzRrMmI4dHVGNjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNjQxNDgtNGM4Yy00ZTg0LTkyNWIt
ZTAyMmUzMDA5YTcxLzEvVEt4YW02aXAwX0ZuQ1NTTU9mTUhDY1VzOW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNjQxNDgtNGM4Yy00ZTg0LTkyNWItZTAyMmUzMDA5YTcx
LzEvZ0duWl8tQklwd0FEOFc4RzRrMmI4dHVGNjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYF4AwQA
LYF7AwQAuU1aMA0GCSqGSIb3DQEBCwUAA4IBAQBSpKK6maOgJ92EcEVGaLUmcviq
4UZs5A6j9+KfpbnYIGyYC+BlRm6rXNwBZ3XtQzaC5WaQ5LFKfhdsK8ZfmBubx3aL
5fBS1R47Yfq7XQ3WYT4ZxiwDjX0d0Rg31tkFg9iQ05ZD2KMbrK+wIfm0rl56rM58
7matL1ZwfFFIUk1/MS1VAa5rU5jUon/SuLhPAq3UzH3Mx8TWKyp9qhrE9PvJZ+bW
JJoOjNPmRJ1vjW0w6Hi40iUVYzjr216LS75mme3SSYUkYOjqi8aE8tGsaxyfBzw3
sBunfw7nyBHSFeStBrpijqRa0901/0cncILpUMZwcw39N0q5ddqvyS3FXqJT
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:21:34 2025 by rpki-client