Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/kt8OJ2k2bARo8DUnaQIEtZ_3HOw.roa
File: kt8OJ2k2bARo8DUnaQIEtZ_3HOw.roa (raw, json)
Hash identifier: 1GE5d/Fx7SIM+plYVPZ0LHddgWzHJgSadf8rQzkJ8gU=
Subject key identifier: 92:DF:0E:27:69:36:6C:04:68:F0:35:27:69:02:04:B5:9F:F7:1C:EC
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 018CC86FFB90068F4212932D0DE31381D6BE
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/kt8OJ2k2bARo8DUnaQIEtZ_3HOw.roa
Signing time: Tue 02 Jan 2024 04:30:31 +0000
ROA not before: Tue 02 Jan 2024 04:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39522
IP address blocks: 45.87.211.0/24 maxlen: 24
45.87.208.0/24 maxlen: 24
45.87.209.0/24 maxlen: 24
45.87.210.0/24 maxlen: 24
45.87.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:fb:90:06:8f:42:12:93:2d:0d:e3:13:81:d6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Jan 2 04:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92df0e2769366c0468f03527690204b59ff71cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7a:dc:cb:a5:86:ff:2a:13:a6:61:ac:21:14:
73:9a:f4:9c:83:50:2a:90:f9:5d:5e:47:76:c4:cd:
cb:a8:c6:bc:dc:e6:36:c8:0e:a6:89:72:24:1e:34:
28:85:dd:aa:a0:d3:73:b5:4d:e9:1c:98:f2:3a:5d:
b8:b6:32:40:81:d3:b4:a7:0e:e7:ff:1d:74:16:9d:
85:0d:63:c5:5f:15:b7:2a:41:96:86:c6:34:46:54:
84:63:70:d1:de:cd:77:23:9d:51:ce:c4:af:f8:3b:
17:28:f4:cb:35:f3:88:32:ec:06:a0:64:bc:52:0c:
59:6f:ef:e0:58:32:33:7d:dc:2a:d0:cd:fc:56:0a:
0f:60:22:95:bd:4c:01:a5:64:73:16:ae:67:cb:de:
94:23:50:3d:74:01:b8:f3:cb:f0:47:ec:95:a7:cb:
89:b0:81:bb:33:b9:e4:7b:70:14:90:a7:cb:4c:9e:
2a:43:bb:08:af:e2:15:60:0e:7e:19:e0:bb:52:8d:
93:1f:7e:a0:0a:b5:19:78:22:41:8d:c1:04:c0:a6:
c9:4b:e1:e4:f3:30:2d:7a:6c:91:c5:79:5b:90:29:
b0:fa:a8:6f:39:fc:14:9e:e0:99:2e:4e:05:b1:61:
b1:36:22:ff:24:7b:48:74:8d:39:df:dc:8e:8d:82:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DF:0E:27:69:36:6C:04:68:F0:35:27:69:02:04:B5:9F:F7:1C:EC
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/kt8OJ2k2bARo8DUnaQIEtZ_3HOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:5a:19:4b:66:0f:74:d6:72:0a:54:b4:ae:c4:7c:cc:da:8a:
bb:7a:1a:19:cf:ab:62:6f:8e:39:71:67:b8:78:d7:b5:15:24:
7d:2a:74:51:3d:ac:ef:a2:25:4d:0c:64:e9:8b:f6:96:7b:f8:
0b:5c:8a:fe:6a:cc:c0:59:74:8a:96:97:d1:c9:e9:5d:64:67:
2e:b9:4b:66:7f:a6:1b:cb:4d:23:ae:9b:9c:f9:20:c0:b0:1c:
8e:ac:7f:fe:34:54:41:ad:69:55:55:2a:48:ca:0a:13:ab:e5:
4b:44:82:77:3c:24:0d:57:e8:cd:52:91:48:84:e7:53:22:a2:
cd:1e:ab:bf:13:46:e9:8e:50:3b:34:91:02:8e:88:33:b7:11:
75:8b:a9:f1:fd:56:4c:d4:41:7d:ce:9d:ad:ea:25:25:7b:63:
28:0e:eb:2d:f8:aa:d5:16:27:3a:b6:40:2d:5a:36:4e:3c:33:
93:3e:22:32:9a:6e:05:31:3a:ea:1a:9e:ff:3d:64:59:30:ca:
36:74:9e:21:0c:99:62:d9:8a:39:d8:10:f1:77:44:85:4d:57:
7c:55:53:2b:fe:76:14:90:f2:2f:df:dd:61:f8:42:64:34:3c:
34:f3:74:5b:cf:1b:bd:f3:73:a6:f5:01:aa:d4:2f:da:42:04:
7d:e7:2e:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb/uQBo9CEpMtDeMTgda+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDc3YWJmMGEyN2VkZTg4NmZiYzQyNDEzZDdhODljMjI2
YjExZmEwHhcNMjQwMTAyMDQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRmMGUyNzY5MzY2YzA0NjhmMDM1Mjc2OTAyMDRiNTlmZjcxY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Xrcy6WG/yoTpmGsIRRzmvScg1Aq
kPldXkd2xM3LqMa83OY2yA6miXIkHjQohd2qoNNztU3pHJjyOl24tjJAgdO0pw7n
/x10Fp2FDWPFXxW3KkGWhsY0RlSEY3DR3s13I51RzsSv+DsXKPTLNfOIMuwGoGS8
UgxZb+/gWDIzfdwq0M38VgoPYCKVvUwBpWRzFq5ny96UI1A9dAG488vwR+yVp8uJ
sIG7M7nke3AUkKfLTJ4qQ7sIr+IVYA5+GeC7Uo2TH36gCrUZeCJBjcEEwKbJS+Hk
8zAtemyRxXlbkCmw+qhvOfwUnuCZLk4FsWGxNiL/JHtIdI0539yOjYJBTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLfDidpNmwEaPA1J2kCBLWf9xzsMB8GA1UdIwQY
MBaAFAxHer8KJ+3ohvvEJBPXqJwiaxH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTct
MThmNGY2NmE1MGEwLzEva3Q4T0oyazJiQVJvOERVbmFRSUV0Wl8zSE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTctMThmNGY2NmE1MGEw
LzEvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVfQMA0G
CSqGSIb3DQEBCwUAA4IBAQAeWhlLZg901nIKVLSuxHzM2oq7ehoZz6tib445cWe4
eNe1FSR9KnRRPazvoiVNDGTpi/aWe/gLXIr+aszAWXSKlpfRyeldZGcuuUtmf6Yb
y00jrpuc+SDAsByOrH/+NFRBrWlVVSpIygoTq+VLRIJ3PCQNV+jNUpFIhOdTIqLN
Hqu/E0bpjlA7NJECjogztxF1i6nx/VZM1EF9zp2t6iUle2MoDust+KrVFic6tkAt
WjZOPDOTPiIymm4FMTrqGp7/PWRZMMo2dJ4hDJli2Yo52BDxd0SFTVd8VVMr/nYU
kPIv391h+EJkNDw083Rbzxu983Om9QGq1C/aQgR95y6F
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:13 2025 by rpki-client