Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/h2kdEHJ8ZmUVYpCXvcN_I8wGJW8.roa
File: h2kdEHJ8ZmUVYpCXvcN_I8wGJW8.roa (raw, json)
Hash identifier: TrK9DD/Oh3WPvN//64AauJd6X8u1btW/GohjCDBQ6ps=
Subject key identifier: 87:69:1D:10:72:7C:66:65:15:62:90:97:BD:C3:7F:23:CC:06:25:6F
Certificate issuer: /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial: 0191A7F25714691F21D5DF5560C2FF81F0C0
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/h2kdEHJ8ZmUVYpCXvcN_I8wGJW8.roa
Signing time: Sat 31 Aug 2024 10:19:22 +0000
ROA not before: Sat 31 Aug 2024 10:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42600
IP address blocks: 45.154.140.0/24 maxlen: 24
45.154.141.0/24 maxlen: 24
45.154.142.0/24 maxlen: 24
45.154.143.0/24 maxlen: 24
185.46.88.0/24 maxlen: 24
185.46.89.0/24 maxlen: 24
185.46.90.0/24 maxlen: 24
185.46.91.0/24 maxlen: 24
185.139.200.0/22 maxlen: 24
185.139.200.0/24 maxlen: 24
185.139.201.0/24 maxlen: 24
185.139.202.0/24 maxlen: 24
185.139.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:f2:57:14:69:1f:21:d5:df:55:60:c2:ff:81:f0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Validity
Not Before: Aug 31 10:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87691d10727c666515629097bdc37f23cc06256f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:90:01:76:1f:f2:d1:9d:c9:7c:99:f3:e3:5b:
78:6b:79:c0:f9:7f:6b:68:02:be:40:ac:53:dc:8f:
e8:00:f7:03:54:8d:26:1a:0f:00:dc:24:e5:3b:e6:
c6:ae:41:4a:12:33:83:11:fa:84:2a:9b:4d:7f:92:
72:c2:bc:44:3c:a3:1e:84:28:ec:a9:9e:fb:e1:87:
df:43:03:2c:94:31:c5:5a:9c:0e:88:38:5c:25:fd:
7a:10:ac:7f:51:db:83:32:36:cc:c2:15:c2:70:11:
1e:37:33:4b:7c:bb:79:a9:9d:45:eb:0e:e0:ed:9d:
bc:83:24:83:de:c4:45:9e:e5:bc:b2:94:37:5f:eb:
71:d1:d0:f2:ec:70:1b:d3:ab:aa:23:54:7e:56:4a:
ba:38:4a:28:64:32:a7:29:19:47:ec:95:b9:1f:4c:
d7:f9:94:4b:67:4e:27:89:34:e1:63:2d:7d:66:ae:
12:5e:bf:bc:e5:a9:06:65:90:ef:7e:97:b6:1f:53:
d0:7c:a7:6d:a5:b3:9f:0d:55:aa:6d:fd:56:ad:90:
93:57:50:df:79:c9:d4:65:c0:b3:85:f5:12:77:87:
ef:0b:9e:de:76:99:e5:da:83:7a:44:16:08:db:69:
38:f6:0f:5e:6b:87:6b:8f:ce:af:70:f2:6e:8b:41:
c3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:69:1D:10:72:7C:66:65:15:62:90:97:BD:C3:7F:23:CC:06:25:6F
X509v3 Authority Key Identifier:
keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/h2kdEHJ8ZmUVYpCXvcN_I8wGJW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.140.0/22
185.46.88.0/22
185.139.200.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:12:5f:97:ad:a0:f1:36:a3:86:35:cb:58:93:45:0a:f0:0a:
dc:5a:8d:d1:5d:07:b8:eb:24:79:96:4a:20:98:e1:4f:b2:e3:
a8:64:02:aa:ff:d8:d7:4f:81:ce:5a:ca:57:1c:1b:c4:74:d5:
8f:52:9a:d0:0d:2e:7d:33:b4:9d:5d:dc:88:c2:d9:a8:e7:57:
a3:a5:a2:9d:a9:da:7b:52:96:d9:a5:7f:fb:55:f9:ea:29:01:
9f:a9:5a:39:83:92:35:20:ca:5f:a5:96:d1:eb:51:36:1c:5b:
3e:a9:2a:97:d1:b5:d3:03:36:7a:31:82:38:8a:5a:2e:95:d4:
5c:da:cd:47:2c:5c:a2:30:df:95:47:47:9e:c4:ac:14:df:f0:
42:3f:8f:ec:dd:87:ef:09:c8:7f:49:52:c5:ac:a9:6a:67:ea:
a2:96:a5:2d:cd:61:1c:09:be:34:bd:ee:40:b5:da:9a:79:1f:
4f:ee:e1:ca:d0:64:3c:6a:75:b5:a7:fe:74:06:1f:40:d2:84:
6f:a8:f6:43:38:bc:59:1d:fd:91:60:23:4d:8d:c5:1c:ee:dc:
d5:77:94:5e:f3:9b:33:c4:6d:f7:96:2f:eb:de:00:c8:f3:72:
20:b5:2a:ed:bc:e5:f9:d2:da:d3:11:0b:30:55:f1:94:5c:f5:
4a:8c:f7:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGn8lcUaR8h1d9VYML/gfDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2
ZDc0NjEwHhcNMjQwODMxMTAxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY5MWQxMDcyN2M2NjY1MTU2MjkwOTdiZGMzN2YyM2NjMDYyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JABdh/y0Z3JfJnz41t4a3nA+X9r
aAK+QKxT3I/oAPcDVI0mGg8A3CTlO+bGrkFKEjODEfqEKptNf5JywrxEPKMehCjs
qZ774YffQwMslDHFWpwOiDhcJf16EKx/UduDMjbMwhXCcBEeNzNLfLt5qZ1F6w7g
7Z28gySD3sRFnuW8spQ3X+tx0dDy7HAb06uqI1R+Vkq6OEooZDKnKRlH7JW5H0zX
+ZRLZ04niTThYy19Zq4SXr+85akGZZDvfpe2H1PQfKdtpbOfDVWqbf1WrZCTV1Df
ecnUZcCzhfUSd4fvC57edpnl2oN6RBYI22k49g9ea4drj86vcPJui0HDEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIdpHRByfGZlFWKQl73DfyPMBiVvMB8GA1UdIwQY
MBaAFOdA7tKPLZlOsrgxy478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMt
MDk1OTVlOWNkNmMyLzEvaDJrZEVISjhabVVWWXBDWHZjTl9JOHdHSlc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMy
LzEvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZqMAwQC
uS5YAwQCuYvIMA0GCSqGSIb3DQEBCwUAA4IBAQA6El+XraDxNqOGNctYk0UK8Arc
Wo3RXQe46yR5lkogmOFPsuOoZAKq/9jXT4HOWspXHBvEdNWPUprQDS59M7SdXdyI
wtmo51ejpaKdqdp7UpbZpX/7VfnqKQGfqVo5g5I1IMpfpZbR61E2HFs+qSqX0bXT
AzZ6MYI4ilouldRc2s1HLFyiMN+VR0eexKwU3/BCP4/s3YfvCch/SVLFrKlqZ+qi
lqUtzWEcCb40ve5AtdqaeR9P7uHK0GQ8anW1p/50Bh9A0oRvqPZDOLxZHf2RYCNN
jcUc7tzVd5Re85szxG33li/r3gDI83IgtSrtvOX50trTEQswVfGUXPVKjPdl
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:28:56 2025 by rpki-client