Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/Kw0QO3i_AjVoOtD5dVZ4SApTA2Q.roa
File: Kw0QO3i_AjVoOtD5dVZ4SApTA2Q.roa (raw, json)
Hash identifier: D1U3+WX2h0Q+KuohyLreK5APe6//x2uP7qGiKpQfn28=
Subject key identifier: 2B:0D:10:3B:78:BF:02:35:68:3A:D0:F9:75:56:78:48:0A:53:03:64
Certificate issuer: /CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Certificate serial: 018CC8705FB8FC1447CF5235A389E97043E3
Authority key identifier: 18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/Kw0QO3i_AjVoOtD5dVZ4SApTA2Q.roa
Signing time: Tue 02 Jan 2024 04:30:56 +0000
ROA not before: Tue 02 Jan 2024 04:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 45.139.239.0/24 maxlen: 24
45.139.238.0/24 maxlen: 24
45.139.237.0/24 maxlen: 24
45.139.236.0/24 maxlen: 24
185.211.246.0/24 maxlen: 24
185.211.245.0/24 maxlen: 24
185.211.244.0/24 maxlen: 24
185.211.247.0/24 maxlen: 24
2a0b:6cc1:7::/48 maxlen: 48
2a0b:6cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Aug 2024 18:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:5f:b8:fc:14:47:cf:52:35:a3:89:e9:70:43:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Validity
Not Before: Jan 2 04:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b0d103b78bf0235683ad0f9755678480a530364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:38:79:7c:bd:26:4f:0a:a3:57:ce:fc:00:de:
20:d6:4c:aa:8c:81:df:af:5f:46:b5:3c:0b:20:75:
9f:9c:96:50:18:49:b6:42:29:23:12:7c:81:d6:36:
51:d1:b7:7d:5f:5b:54:6d:f0:81:50:04:67:68:84:
25:46:df:e6:81:77:71:c6:b2:a8:ea:3c:71:b0:b5:
76:08:d5:0c:5c:27:d7:d9:50:c2:87:2b:0d:2e:fc:
04:0c:cd:73:b2:4a:12:e3:ab:6d:44:df:5f:cb:cb:
c5:d7:c1:86:a8:81:c7:ca:52:05:bc:cd:77:88:50:
5e:f8:de:39:ba:2b:cd:46:a5:54:0a:c9:67:57:a4:
57:47:69:5a:0d:75:b6:01:09:d3:b8:0d:65:9e:68:
1d:82:52:be:d0:3a:32:da:12:da:4e:66:e8:6e:b4:
ac:63:d9:0b:d9:79:e3:e3:fa:72:22:a1:6e:e7:2f:
89:78:f3:c9:e8:44:a6:67:fe:bb:47:f1:0c:29:b3:
77:e6:11:e7:8a:71:d0:60:fe:4e:64:b3:2c:33:fb:
dd:32:94:a3:4d:7e:ce:66:5e:b4:0c:e7:63:43:74:
fa:8e:86:6e:44:9c:28:88:7b:38:a6:9b:3f:e0:40:
94:4d:df:e7:2e:b2:2a:f0:91:66:a6:cf:c1:31:db:
2d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:10:3B:78:BF:02:35:68:3A:D0:F9:75:56:78:48:0A:53:03:64
X509v3 Authority Key Identifier:
keyid:18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/Kw0QO3i_AjVoOtD5dVZ4SApTA2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.236.0/22
185.211.244.0/22
IPv6:
2a0b:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:85:05:a2:73:2f:ec:74:bf:b4:8e:ee:c1:24:9d:71:a9:51:
e3:ea:ba:52:cd:10:c4:b1:8e:eb:68:b3:19:5f:5c:28:5f:93:
24:d8:02:3b:1b:85:eb:5c:89:d3:ea:52:5f:3c:34:d6:36:2f:
26:52:07:de:3d:55:c4:33:52:4f:40:a6:ce:38:a1:d0:6e:31:
ea:98:c4:d5:e5:de:81:25:a0:78:82:0e:27:e8:88:e4:8f:75:
d3:e5:46:74:aa:b7:8c:26:00:3a:0b:5d:d1:4f:b2:a7:74:6c:
ea:d6:dc:16:77:84:e4:ec:52:a5:b7:b6:b9:e2:47:6a:24:35:
9d:d9:8d:1a:58:81:dd:f3:73:8e:43:5e:3f:cc:fa:dd:31:ad:
39:33:39:4d:15:d1:35:35:4f:55:af:54:ef:64:64:7e:cf:91:
cc:da:40:f1:93:9f:d2:b1:ee:52:a9:0e:11:72:6b:0d:d3:c6:
ae:04:ef:dc:15:61:b0:6d:83:a1:9c:9e:71:cb:24:7f:3f:02:
ed:da:a8:8d:47:5a:6e:dc:ec:6c:27:0f:a0:8e:fb:33:61:87:
c9:39:ee:1c:d9:91:09:00:aa:5e:5a:52:9b:d2:a4:48:5d:63:
62:5b:75:0e:04:76:3f:fe:64:01:cc:ae:4e:9f:87:e5:e7:54:
45:19:26:50
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcF+4/BRHz1I1o4npcEPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTE3MzJmMmM4MGUzZWE0ZDcyNzlkMjUyYjg3NGE2MTY0
YzM1YjQwHhcNMjQwMTAyMDQzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBkMTAzYjc4YmYwMjM1NjgzYWQwZjk3NTU2Nzg0ODBhNTMwMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDh5fL0mTwqjV878AN4g1kyqjIHf
r19GtTwLIHWfnJZQGEm2QikjEnyB1jZR0bd9X1tUbfCBUARnaIQlRt/mgXdxxrKo
6jxxsLV2CNUMXCfX2VDChysNLvwEDM1zskoS46ttRN9fy8vF18GGqIHHylIFvM13
iFBe+N45uivNRqVUCslnV6RXR2laDXW2AQnTuA1lnmgdglK+0Doy2hLaTmbobrSs
Y9kL2Xnj4/pyIqFu5y+JePPJ6ESmZ/67R/EMKbN35hHninHQYP5OZLMsM/vdMpSj
TX7OZl60DOdjQ3T6joZuRJwoiHs4pps/4ECUTd/nLrIq8JFmps/BMdst8QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCsNEDt4vwI1aDrQ+XVWeEgKUwNkMB8GA1UdIwQY
MBaAFBjhcy8sgOPqTXJ50lK4dKYWTDW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQt
ZTQwOTI2MDAxNWVmLzEvS3cwUU8zaV9BalZvT3RENWRWWjRTQXBUQTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQtZTQwOTI2MDAxNWVm
LzEvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYvsAwQC
udP0MA0EAgACMAcDBQMqC2zAMA0GCSqGSIb3DQEBCwUAA4IBAQA/hQWicy/sdL+0
ju7BJJ1xqVHj6rpSzRDEsY7raLMZX1woX5Mk2AI7G4XrXInT6lJfPDTWNi8mUgfe
PVXEM1JPQKbOOKHQbjHqmMTV5d6BJaB4gg4n6Ijkj3XT5UZ0qreMJgA6C13RT7Kn
dGzq1twWd4Tk7FKlt7a54kdqJDWd2Y0aWIHd83OOQ14/zPrdMa05MzlNFdE1NU9V
r1TvZGR+z5HM2kDxk5/Sse5SqQ4RcmsN08auBO/cFWGwbYOhnJ5xyyR/PwLt2qiN
R1pu3OxsJw+gjvszYYfJOe4c2ZEJAKpeWlKb0qRIXWNiW3UOBHY//mQBzK5On4fl
51RFGSZQ
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:37:22 2025 by rpki-client