Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_DO2E983w9siLu3_-VwdZ0TAy9A.roa
File: _DO2E983w9siLu3_-VwdZ0TAy9A.roa (raw, json)
Hash identifier: eCN2Ba0d94eBslHRzsPrVNgoD82DUCJDM29miuVsTi0=
Subject key identifier: FC:33:B6:13:DF:37:C3:DB:22:2E:ED:FF:F9:5C:1D:67:44:C0:CB:D0
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018E85C727991CFCC6BF893FAF5CF62D08E0
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_DO2E983w9siLu3_-VwdZ0TAy9A.roa
Signing time: Thu 28 Mar 2024 15:56:45 +0000
ROA not before: Thu 28 Mar 2024 15:56:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 45.87.255.0/24 maxlen: 24
45.95.28.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 17:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:85:c7:27:99:1c:fc:c6:bf:89:3f:af:5c:f6:2d:08:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 28 15:56:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc33b613df37c3db222eedfff95c1d6744c0cbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4c:a3:28:46:9c:7e:88:44:d1:ad:8e:f1:fd:
03:a8:3d:bf:be:bb:12:a7:99:3a:55:70:93:6b:69:
c9:b1:09:e1:a9:a1:df:36:55:83:8f:9f:38:79:6d:
cf:1d:31:36:3c:8b:a0:16:7a:e2:48:93:20:6f:2c:
9b:89:d5:c6:d4:60:89:f3:c7:45:64:71:64:76:2c:
a7:e5:71:18:4c:9b:13:f3:75:d7:ac:9d:06:25:00:
5d:79:0a:83:73:57:69:86:9c:a2:12:09:78:ef:8f:
69:c7:5b:82:e5:6c:e6:45:f0:1c:e6:8d:73:49:1b:
a9:be:1a:2b:c7:5b:7a:33:b0:8e:ee:c9:e0:25:60:
aa:a2:b7:b7:ff:9d:a5:94:dc:ae:66:c8:4c:b0:52:
69:ff:7d:6f:8d:a9:33:3c:68:e5:a8:ab:5b:da:5e:
43:d7:87:e8:cf:d1:7d:1c:14:f8:66:10:1e:57:d4:
9c:ca:36:2d:90:42:14:9d:98:b2:29:58:52:67:57:
78:6f:fb:f5:73:f3:8b:79:2a:ff:af:6e:95:e1:11:
bd:fa:e5:78:82:24:5a:64:6e:ab:66:1a:a4:b2:29:
0b:3e:e0:5e:ee:08:61:9f:90:2a:92:2d:fe:2b:61:
79:c8:cc:ab:d2:b3:bb:8d:f3:0f:a8:7e:b5:40:ad:
1f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:33:B6:13:DF:37:C3:DB:22:2E:ED:FF:F9:5C:1D:67:44:C0:CB:D0
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/_DO2E983w9siLu3_-VwdZ0TAy9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.255.0/24
45.95.28.0/24
94.154.188.0/23
94.154.191.0/24
193.187.106.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4a:ea:66:60:a3:93:62:31:29:76:89:b5:c0:83:23:43:b8:
c3:b9:01:c9:18:28:04:cc:de:03:e1:78:e3:bd:ef:bf:63:23:
be:ba:eb:44:6d:82:77:b2:a4:50:5e:7e:f3:50:dd:4e:bc:cd:
56:10:d1:c4:47:01:bd:25:28:9e:13:9d:f6:ad:dd:8d:42:25:
28:70:f2:b6:f9:43:c1:6d:0f:b2:a4:08:d9:3f:25:0b:1e:20:
d4:c2:a3:74:60:a6:78:0e:4b:64:1f:5c:e9:41:04:0d:19:86:
6b:d8:55:69:0a:de:3f:f5:65:f8:4a:c7:f0:89:96:8e:ce:ad:
f1:9e:3e:00:c9:a0:11:c9:9b:1c:54:ae:a3:69:ba:0e:b4:0b:
be:23:48:28:45:4a:a5:61:e2:fa:cd:b6:b1:98:bf:a2:d7:4e:
87:17:be:58:13:94:9d:29:81:c3:ba:db:78:70:fc:9d:b1:40:
11:2e:3a:8f:bb:dc:57:ac:92:2e:64:26:18:dc:9f:d3:a8:fc:
d1:f4:f1:8c:bb:7a:db:63:67:80:3f:18:f5:f0:0d:69:7f:aa:
d1:55:56:bc:c7:2a:6a:d3:ab:2e:92:87:44:6f:87:1d:91:fb:
67:f9:25:f7:87:b2:d2:ed:e4:1d:d5:7d:1b:31:75:ec:bf:a8:
3d:3c:6c:f3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6FxyeZHPzGv4k/r1z2LQjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwMzI4MTU1NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMzYjYxM2RmMzdjM2RiMjIyZWVkZmZmOTVjMWQ2NzQ0YzBjYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkyjKEacfohE0a2O8f0DqD2/vrsS
p5k6VXCTa2nJsQnhqaHfNlWDj584eW3PHTE2PIugFnriSJMgbyybidXG1GCJ88dF
ZHFkdiyn5XEYTJsT83XXrJ0GJQBdeQqDc1dphpyiEgl4749px1uC5WzmRfAc5o1z
SRupvhorx1t6M7CO7sngJWCqore3/52llNyuZshMsFJp/31vjakzPGjlqKtb2l5D
14foz9F9HBT4ZhAeV9ScyjYtkEIUnZiyKVhSZ1d4b/v1c/OLeSr/r26V4RG9+uV4
giRaZG6rZhqksikLPuBe7ghhn5Aqki3+K2F5yMyr0rO7jfMPqH61QK0fOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPwzthPfN8PbIi7t//lcHWdEwMvQMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvX0RPMkU5ODN3OXNpTHUzXy1Wd2RaMFRBeTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVf/AwQA
LV8cAwQBXpq8AwQAXpq/AwQAwbtqMA0GCSqGSIb3DQEBCwUAA4IBAQA6SupmYKOT
YjEpdom1wIMjQ7jDuQHJGCgEzN4D4Xjjve+/YyO+uutEbYJ3sqRQXn7zUN1OvM1W
ENHERwG9JSieE532rd2NQiUocPK2+UPBbQ+ypAjZPyULHiDUwqN0YKZ4DktkH1zp
QQQNGYZr2FVpCt4/9WX4SsfwiZaOzq3xnj4AyaARyZscVK6jaboOtAu+I0goRUql
YeL6zbaxmL+i106HF75YE5SdKYHDutt4cPydsUARLjqPu9xXrJIuZCYY3J/TqPzR
9PGMu3rbY2eAPxj18A1pf6rRVVa8xypq06sukodEb4cdkftn+SX3h7LS7eQd1X0b
MXXsv6g9PGzz
-----END CERTIFICATE-----
Generated at Wed Apr 30 04:20:30 2025 by rpki-client