Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/3QXPzRdahNrE448R7YKgTdT6Mjs.roa
File: 3QXPzRdahNrE448R7YKgTdT6Mjs.roa (raw, json)
Hash identifier: RvBsNBOrWa4RoyP0MFC2MB9CYUkPIqMtsKcPSiTpfCA=
Subject key identifier: DD:05:CF:CD:17:5A:84:DA:C4:E3:8F:11:ED:82:A0:4D:D4:FA:32:3B
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018E606C77D20D2E19B628F8DED20CC666E4
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/3QXPzRdahNrE448R7YKgTdT6Mjs.roa
Signing time: Thu 21 Mar 2024 09:51:45 +0000
ROA not before: Thu 21 Mar 2024 09:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.180.104.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.229.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a0f:ed00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Mar 2024 12:39:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:6c:77:d2:0d:2e:19:b6:28:f8:de:d2:0c:c6:66:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 21 09:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd05cfcd175a84dac4e38f11ed82a04dd4fa323b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:ad:7d:7d:36:27:fb:a9:9e:92:fc:56:f3:
67:8e:25:d4:91:e4:3e:f8:76:3c:f4:19:33:3b:73:
72:46:23:6c:74:d3:91:e2:da:7f:ee:7d:e1:52:e3:
a6:fb:18:a1:1c:86:f6:dd:33:71:72:4a:5f:fe:77:
c2:b2:1d:86:3e:15:1c:74:dd:a4:67:82:b1:44:d5:
06:8e:15:ad:81:11:e1:af:84:2f:ce:5d:08:52:84:
a8:ae:c5:3c:9a:21:dd:f9:94:1c:b9:40:c3:c9:df:
a2:d7:e9:d9:18:f8:04:c3:77:44:fe:7d:cf:e0:8f:
59:6e:f2:b5:86:ba:82:62:1c:a4:50:8a:b5:d7:d6:
a2:56:38:cc:86:54:20:e6:95:19:98:87:29:3b:cd:
a0:b6:ba:20:c5:7c:b2:1e:de:50:92:94:36:c2:0a:
33:90:0e:a0:7e:1d:ad:58:34:b5:48:fa:f0:1b:fd:
de:16:d0:91:a3:c7:7f:9e:a6:aa:2f:e2:df:36:ec:
6f:af:94:ea:bd:3a:31:d3:80:82:51:20:20:0b:c5:
1d:67:0e:e9:cf:59:af:d6:04:db:de:4d:d4:32:73:
9c:db:16:46:a1:a2:26:f9:67:f1:c8:06:71:4e:ec:
25:98:0a:4e:c3:41:fb:a9:96:1f:b0:bd:75:92:da:
8e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:05:CF:CD:17:5A:84:DA:C4:E3:8F:11:ED:82:A0:4D:D4:FA:32:3B
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/3QXPzRdahNrE448R7YKgTdT6Mjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.107.0/24
45.131.0.0/23
45.131.3.0/24
45.136.5.0/24
45.141.148.0/24
45.141.150.0/24
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.228.0/23
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a0f:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
66:d8:90:1c:fc:ef:f1:3d:b1:3f:1b:ca:3d:9a:2c:78:75:75:
6f:0a:51:a6:7b:c2:39:c6:3f:1b:c1:53:e4:9c:ed:a4:7e:0e:
48:b7:ec:af:63:f1:f8:f4:12:bf:c6:5f:87:dc:37:ea:45:ee:
90:5e:92:fb:f2:16:0b:9e:24:6f:55:e5:0b:2e:b3:65:b2:14:
91:89:4c:c9:b8:33:da:f1:74:5c:44:38:80:20:27:da:e2:e1:
0b:f9:5a:16:d4:42:6a:23:79:e2:d8:58:d3:9f:06:c6:75:84:
f4:31:96:eb:30:5a:b4:46:35:cf:7a:8d:d8:11:5f:3c:02:ee:
33:77:18:be:63:ee:80:db:ea:ea:53:50:47:11:2d:21:33:a1:
e4:a3:69:94:cd:25:e2:31:0d:1d:99:33:bf:de:ee:a6:20:69:
0e:b5:55:6d:86:ca:eb:24:c1:6c:bc:95:08:54:9d:e3:12:70:
b8:b0:a7:cd:52:6c:2f:73:14:b6:78:07:13:5a:45:92:2b:a9:
67:35:f4:7c:c2:2e:37:f6:62:5b:93:78:98:b4:f7:a0:7c:e0:
3e:48:12:f3:87:2c:9a:04:5c:de:27:c3:11:06:32:2b:c4:4e:
3c:54:28:8d:be:a6:25:3b:4a:91:bb:ce:51:9a:a3:1f:f2:09:
df:37:ea:93
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAY5gbHfSDS4Ztij43tIMxmbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMzIxMDk1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA1Y2ZjZDE3NWE4NGRhYzRlMzhmMTFlZDgyYTA0ZGQ0ZmEzMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd+tfX02J/upnpL8VvNnjiXUkeQ+
+HY89BkzO3NyRiNsdNOR4tp/7n3hUuOm+xihHIb23TNxckpf/nfCsh2GPhUcdN2k
Z4KxRNUGjhWtgRHhr4Qvzl0IUoSorsU8miHd+ZQcuUDDyd+i1+nZGPgEw3dE/n3P
4I9ZbvK1hrqCYhykUIq119aiVjjMhlQg5pUZmIcpO82gtrogxXyyHt5QkpQ2wgoz
kA6gfh2tWDS1SPrwG/3eFtCRo8d/nqaqL+LfNuxvr5TqvTox04CCUSAgC8UdZw7p
z1mv1gTb3k3UMnOc2xZGoaIm+WfxyAZxTuwlmApOw0H7qZYfsL11ktqOmQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFN0Fz80XWoTaxOOPEe2CoE3U+jI7MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvM1FYUHpSZGFoTnJFNDQ4UjdZS2dUZFQ2TWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAAW0aAME
AAW0awMEAS2DAAMEAC2DAwMEAC2IBQMEAC2NlAMEAC2NlgMEAC2TLDAMAwQDTVPI
AwQATVPKAwQBwnTkAwQBwnTsAwQAwpIaAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMq
D+0AMA0GCSqGSIb3DQEBCwUAA4IBAQBm2JAc/O/xPbE/G8o9mix4dXVvClGme8I5
xj8bwVPknO2kfg5It+yvY/H49BK/xl+H3DfqRe6QXpL78hYLniRvVeULLrNlshSR
iUzJuDPa8XRcRDiAICfa4uEL+VoW1EJqI3ni2FjTnwbGdYT0MZbrMFq0RjXPeo3Y
EV88Au4zdxi+Y+6A2+rqU1BHES0hM6Hko2mUzSXiMQ0dmTO/3u6mIGkOtVVthsrr
JMFsvJUIVJ3jEnC4sKfNUmwvcxS2eAcTWkWSK6lnNfR8wi439mJbk3iYtPegfOA+
SBLzhyyaBFzeJ8MRBjIrxE48VCiNvqYlO0qRu85RmqMf8gnfN+qT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:05 2025 by rpki-client