Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/D_NUq-Ua3TXwxbB5u4jvtgo3Ac0.roa
File: D_NUq-Ua3TXwxbB5u4jvtgo3Ac0.roa (raw, json)
Hash identifier: W/LPCg3j7so2xBBwDVMHe/vIjhOme6siD4lRrNXG0lo=
Subject key identifier: 0F:F3:54:AB:E5:1A:DD:35:F0:C5:B0:79:BB:88:EF:B6:0A:37:01:CD
Certificate issuer: /CN=a634878281144a46a856003d622f6141ea4e006f
Certificate serial: 018CC348FEB0A4981A897D6F9AD24567C227
Authority key identifier: A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/D_NUq-Ua3TXwxbB5u4jvtgo3Ac0.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44381
IP address blocks: 217.144.64.0/20 maxlen: 20
92.62.32.0/20 maxlen: 20
45.154.233.0/24 maxlen: 24
45.154.232.0/24 maxlen: 24
45.154.235.0/24 maxlen: 24
95.141.64.0/20 maxlen: 20
2a02:2c8::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fe:b0:a4:98:1a:89:7d:6f:9a:d2:45:67:c2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a634878281144a46a856003d622f6141ea4e006f
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ff354abe51add35f0c5b079bb88efb60a3701cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:08:24:c3:9c:48:da:5e:ad:c8:8f:b3:1e:92:
46:35:73:5d:fa:b6:81:73:1a:61:c3:a5:26:eb:31:
17:6b:4b:74:0f:f9:6c:f8:69:c5:7e:ce:36:b5:cb:
6a:c2:d0:92:4f:57:36:37:53:68:db:9b:07:fc:c4:
a2:a4:25:b7:de:1b:a5:93:ca:a2:c1:30:1f:81:27:
4b:e3:9e:3b:14:c0:31:b5:91:ec:01:31:6d:f5:7b:
80:41:97:24:19:60:b7:9c:a6:9b:d8:3a:2f:9a:73:
1a:88:04:ec:23:69:73:f0:c4:7f:4c:2f:0e:c0:73:
a3:df:ac:c5:1d:ed:0c:86:28:8e:3c:88:d5:21:77:
47:f8:78:d7:cc:05:55:da:9c:fe:cf:30:53:01:fc:
72:30:77:15:a3:a0:94:2a:f8:41:c1:57:2e:f0:0f:
df:08:ab:d5:05:d5:88:0d:06:fe:b0:0c:24:c1:de:
66:63:50:05:cd:b4:89:14:59:d0:47:c3:30:8a:05:
e3:32:bc:a0:93:82:4b:34:50:c8:78:e1:4c:fe:73:
f7:ac:78:2e:70:c2:f5:36:62:8b:a8:30:ec:35:cf:
66:96:85:24:97:8e:b9:e5:ca:7f:47:b1:6d:c4:ca:
1a:3c:10:95:f3:f2:30:9d:a1:d1:aa:66:6e:b1:d2:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F3:54:AB:E5:1A:DD:35:F0:C5:B0:79:BB:88:EF:B6:0A:37:01:CD
X509v3 Authority Key Identifier:
keyid:A6:34:87:82:81:14:4A:46:A8:56:00:3D:62:2F:61:41:EA:4E:00:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjSHgoEUSkaoVgA9Yi9hQepOAG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/D_NUq-Ua3TXwxbB5u4jvtgo3Ac0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/c345f3-b53a-41bf-996b-34b8d9de96ca/1/pjSHgoEUSkaoVgA9Yi9hQepOAG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.232.0/23
45.154.235.0/24
92.62.32.0/20
95.141.64.0/20
217.144.64.0/20
IPv6:
2a02:2c8::/32
Signature Algorithm: sha256WithRSAEncryption
57:23:04:07:5d:c0:47:2a:d3:06:e0:15:eb:c9:a9:d1:a3:61:
bc:9f:4e:d8:bc:8f:24:ff:4e:32:51:04:fe:dc:2a:72:44:28:
9a:fe:a3:65:a6:a5:1c:e8:15:fc:64:f3:9c:fb:a9:c1:c5:45:
ca:2d:25:47:ba:3e:f7:31:8b:c2:97:31:42:92:32:16:22:f7:
4f:cc:62:ef:13:8c:b8:36:d2:11:1f:cc:cf:14:15:2f:45:3e:
3b:43:85:45:96:0a:16:95:b1:fb:81:1a:01:36:97:8f:5e:3f:
36:47:56:ab:2d:1b:c7:7d:86:c2:bf:87:7d:c6:72:e7:82:bf:
9e:6e:c7:e4:4d:d5:6e:4d:10:d2:d3:8c:85:20:c9:23:72:c1:
b4:53:aa:ff:63:e3:1a:8b:03:01:13:9e:4b:c1:a2:02:51:f1:
2d:6e:a9:6e:97:d1:28:c6:d6:01:5e:5b:cc:dd:01:a9:af:27:
90:08:df:20:00:5b:b1:0b:11:05:c9:41:ec:e4:f3:44:1e:19:
23:98:c2:de:99:33:32:7a:1e:02:99:de:16:a3:ce:54:f7:c3:
16:b9:3a:d5:b2:72:29:2b:4e:44:24:21:83:76:e8:98:e1:72:
84:15:51:63:1c:87:ae:89:88:ee:f8:57:98:b3:c4:70:0a:ee:
ab:b2:59:65
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDSP6wpJgaiX1vmtJFZ8InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MzQ4NzgyODExNDRhNDZhODU2MDAzZDYyMmY2MTQxZWE0
ZTAwNmYwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmYzNTRhYmU1MWFkZDM1ZjBjNWIwNzliYjg4ZWZiNjBhMzcwMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwgkw5xI2l6tyI+zHpJGNXNd+raB
cxphw6Um6zEXa0t0D/ls+GnFfs42tctqwtCST1c2N1No25sH/MSipCW33hulk8qi
wTAfgSdL4547FMAxtZHsATFt9XuAQZckGWC3nKab2DovmnMaiATsI2lz8MR/TC8O
wHOj36zFHe0MhiiOPIjVIXdH+HjXzAVV2pz+zzBTAfxyMHcVo6CUKvhBwVcu8A/f
CKvVBdWIDQb+sAwkwd5mY1AFzbSJFFnQR8MwigXjMrygk4JLNFDIeOFM/nP3rHgu
cML1NmKLqDDsNc9mloUkl4655cp/R7FtxMoaPBCV8/IwnaHRqmZusdLMQwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFA/zVKvlGt018MWwebuI77YKNwHNMB8GA1UdIwQY
MBaAFKY0h4KBFEpGqFYAPWIvYUHqTgBvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmIt
MzRiOGQ5ZGU5NmNhLzEvRF9OVXEtVWEzVFh3eGJCNXU0anZ0Z28zQWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jMzQ1ZjMtYjUzYS00MWJmLTk5NmItMzRiOGQ5ZGU5NmNh
LzEvcGpTSGdvRVVTa2FvVmdBOVlpOWhRZXBPQUc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBLZroAwQA
LZrrAwQEXD4gAwQEX41AAwQE2ZBAMA0EAgACMAcDBQAqAgLIMA0GCSqGSIb3DQEB
CwUAA4IBAQBXIwQHXcBHKtMG4BXryanRo2G8n07YvI8k/04yUQT+3CpyRCia/qNl
pqUc6BX8ZPOc+6nBxUXKLSVHuj73MYvClzFCkjIWIvdPzGLvE4y4NtIRH8zPFBUv
RT47Q4VFlgoWlbH7gRoBNpePXj82R1arLRvHfYbCv4d9xnLngr+ebsfkTdVuTRDS
04yFIMkjcsG0U6r/Y+MaiwMBE55LwaICUfEtbqlul9EoxtYBXlvM3QGpryeQCN8g
AFuxCxEFyUHs5PNEHhkjmMLemTMyeh4Cmd4Wo85U98MWuTrVsnIpK05EJCGDduiY
4XKEFVFjHIeuiYju+FeYs8RwCu6rslll
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:02 2025 by rpki-client