Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/C45B93fn2lPG-9MIPHbzxOgVRCE.roa
File: C45B93fn2lPG-9MIPHbzxOgVRCE.roa (raw, json)
Hash identifier: 9mpWZtSIeagXwguha+4vmLFOeB3v6eLxBhnk1uTSBB8=
Subject key identifier: 0B:8E:41:F7:77:E7:DA:53:C6:FB:D3:08:3C:76:F3:C4:E8:15:44:21
Certificate issuer: /CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Certificate serial: 01942520AF4176DE371BD2823CF99AB13660
Authority key identifier: D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/C45B93fn2lPG-9MIPHbzxOgVRCE.roa
Signing time: Thu 02 Jan 2025 03:48:06 +0000
ROA not before: Thu 02 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49645
IP address blocks: 5.183.168.0/24 maxlen: 24
5.183.171.0/24 maxlen: 24
91.213.76.0/24 maxlen: 24
185.234.128.0/22 maxlen: 22
185.234.128.0/24 maxlen: 24
185.234.129.0/24 maxlen: 24
185.234.130.0/24 maxlen: 24
2a0d:c9c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 11:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:af:41:76:de:37:1b:d2:82:3c:f9:9a:b1:36:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b849b9bc9042a1557331937e4ad71518af61cf
Validity
Not Before: Jan 2 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b8e41f777e7da53c6fbd3083c76f3c4e8154421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6f:51:2a:b8:2a:f8:59:3d:99:84:fe:fb:b5:
2d:b6:65:9e:52:7a:c4:ca:2b:a6:c5:d0:4e:c3:5b:
b1:61:ce:8b:b9:4f:23:3c:75:2f:10:34:af:24:8f:
03:12:91:df:c3:78:9e:35:9e:02:cc:da:ff:36:d7:
1b:fe:96:b7:08:64:9e:e7:f5:e9:ce:8d:94:51:93:
2d:22:f2:b0:29:76:c0:cb:6e:2c:23:16:bc:ac:94:
24:95:92:3c:93:e6:b4:56:fd:6e:e0:f3:ce:ff:96:
8b:75:4b:3e:03:e6:67:e3:27:7c:e3:e6:0e:94:03:
a8:ec:c6:b3:44:ff:a8:40:b4:42:70:68:26:c8:a8:
72:62:9a:39:c6:d7:2a:6f:50:07:5c:4d:19:31:24:
0f:91:0f:fc:e7:68:d3:80:05:4a:70:bd:af:67:68:
a1:c8:b3:cb:59:d9:f1:35:82:82:97:6a:93:4d:1d:
e3:03:bb:5c:ba:95:fb:03:34:40:d3:d2:45:d0:56:
95:09:1a:c9:ba:0e:a8:02:64:89:71:12:95:91:c2:
d1:fc:b6:7d:b4:5c:ff:c0:13:8c:45:33:2a:b2:51:
50:ce:eb:ba:20:fc:53:e8:f0:e7:aa:68:4a:e0:0a:
8b:94:4d:88:09:a7:48:3f:34:ad:ea:f7:1b:4e:d7:
76:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8E:41:F7:77:E7:DA:53:C6:FB:D3:08:3C:76:F3:C4:E8:15:44:21
X509v3 Authority Key Identifier:
keyid:D0:B8:49:B9:BC:90:42:A1:55:73:31:93:7E:4A:D7:15:18:AF:61:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LhJubyQQqFVczGTfkrXFRivYc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/C45B93fn2lPG-9MIPHbzxOgVRCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a3fb67-d514-4aee-adb9-72bad9d73c80/1/0LhJubyQQqFVczGTfkrXFRivYc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.168.0/24
5.183.171.0/24
91.213.76.0/24
185.234.128.0/22
IPv6:
2a0d:c9c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
54:fd:4b:7d:f0:75:be:a0:b4:a7:de:f6:e9:7c:b4:d3:2c:d3:
6c:41:54:5a:15:bf:62:4d:0c:82:b4:a3:a6:55:68:94:cc:1f:
18:89:fa:e4:f7:ef:cb:ff:d0:8b:b2:28:2b:66:ea:80:87:97:
85:67:2d:ee:db:e5:f0:93:7e:b9:af:ef:d3:80:62:62:52:08:
b4:aa:bb:6a:b8:82:65:5c:a2:1f:69:18:4e:14:75:8f:3c:43:
f1:fd:ce:14:d7:6f:78:1c:0d:e7:79:75:1d:b6:2b:65:2f:10:
a0:61:d0:ab:11:ae:3d:24:f4:16:0d:13:66:38:68:da:9d:dd:
75:82:dc:6b:ea:c9:de:c3:d3:d6:6a:59:fb:e6:61:fc:fa:db:
db:21:58:ca:ee:07:b1:46:b8:09:0f:b0:98:ea:ae:7e:39:8b:
6d:60:c1:ca:36:19:a7:cd:c8:c6:67:32:06:e0:54:9f:77:72:
ca:f3:49:95:ad:b1:c1:4a:3b:3b:fb:75:2a:af:73:d8:ff:be:
4c:2f:d0:50:fc:09:31:53:f3:1b:5b:57:43:0a:0b:a4:06:b2:
b5:28:e2:a4:fc:50:f4:e3:c3:0e:4f:42:76:f3:6a:4d:46:f5:
6d:9e:49:0f:f5:14:10:87:b4:1f:c7:7e:c9:fe:b9:0a:23:80:
6a:b7:6f:7d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQlIK9Bdt43G9KCPPmasTZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjg0OWI5YmM5MDQyYTE1NTczMzE5MzdlNGFkNzE1MThh
ZjYxY2YwHhcNMjUwMTAyMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjhlNDFmNzc3ZTdkYTUzYzZmYmQzMDgzYzc2ZjNjNGU4MTU0NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr29RKrgq+Fk9mYT++7UttmWeUnrE
yiumxdBOw1uxYc6LuU8jPHUvEDSvJI8DEpHfw3ieNZ4CzNr/Ntcb/pa3CGSe5/Xp
zo2UUZMtIvKwKXbAy24sIxa8rJQklZI8k+a0Vv1u4PPO/5aLdUs+A+Zn4yd84+YO
lAOo7MazRP+oQLRCcGgmyKhyYpo5xtcqb1AHXE0ZMSQPkQ/852jTgAVKcL2vZ2ih
yLPLWdnxNYKCl2qTTR3jA7tcupX7AzRA09JF0FaVCRrJug6oAmSJcRKVkcLR/LZ9
tFz/wBOMRTMqslFQzuu6IPxT6PDnqmhK4AqLlE2ICadIPzSt6vcbTtd2IQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAuOQfd359pTxvvTCDx288ToFUQhMB8GA1UdIwQY
MBaAFNC4Sbm8kEKhVXMxk35K1xUYr2HPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjkt
NzJiYWQ5ZDczYzgwLzEvQzQ1QjkzZm4ybFBHLTlNSVBIYnp4T2dWUkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hM2ZiNjctZDUxNC00YWVlLWFkYjktNzJiYWQ5ZDczYzgw
LzEvMExoSnVieVFRcUZWY3pHVGZrclhGUml2WWM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABbeoAwQA
BberAwQAW9VMAwQCueqAMA8EAgACMAkDBwAqDcnAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAFT9S33wdb6gtKfe9ul8tNMs02xBVFoVv2JNDIK0o6ZVaJTMHxiJ+uT378v/
0IuyKCtm6oCHl4VnLe7b5fCTfrmv79OAYmJSCLSqu2q4gmVcoh9pGE4UdY88Q/H9
zhTXb3gcDed5dR22K2UvEKBh0KsRrj0k9BYNE2Y4aNqd3XWC3Gvqyd7D09ZqWfvm
Yfz629shWMruB7FGuAkPsJjqrn45i21gwco2GafNyMZnMgbgVJ93csrzSZWtscFK
Ozv7dSqvc9j/vkwv0FD8CTFT8xtbV0MKC6QGsrUo4qT8UPTjww5PQnbzak1G9W2e
SQ/1FBCHtB/Hfsn+uQojgGq3b30=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:26:01 2025 by rpki-client