Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R2baPoSpD5PBYfWldfrM_yA5g4o.roa
File: R2baPoSpD5PBYfWldfrM_yA5g4o.roa (raw, json)
Hash identifier: /qxdWYhGe5Ifb3la55hwdyz11TDhktMDfvolmboayHo=
Subject key identifier: 47:66:DA:3E:84:A9:0F:93:C1:61:F5:A5:75:FA:CC:FF:20:39:83:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193E3185A2F0548BD33AF9F38BE20F5443A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R2baPoSpD5PBYfWldfrM_yA5g4o.roa
Signing time: Fri 20 Dec 2024 08:04:04 +0000
ROA not before: Fri 20 Dec 2024 08:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 45.12.254.0/24 maxlen: 24
45.14.165.0/24 maxlen: 24
45.81.243.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
85.209.134.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
94.125.100.0/24 maxlen: 24
94.125.101.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:18:5a:2f:05:48:bd:33:af:9f:38:be:20:f5:44:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 08:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4766da3e84a90f93c161f5a575faccff2039838a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:46:6d:e1:32:07:ee:9f:89:47:54:2d:f3:35:
4d:d2:c2:4c:4c:93:8d:ff:d6:80:c1:17:48:53:0e:
2f:43:d9:b8:83:4c:a8:43:4d:2d:18:fa:5f:69:02:
9f:19:13:80:56:40:b7:41:65:68:d7:c9:a4:d5:2d:
02:72:30:77:f2:c2:1a:d7:47:76:57:76:39:d1:eb:
81:28:27:97:3f:1e:b7:a2:a9:c1:04:a0:90:81:3d:
26:d1:14:1c:dc:32:6c:ac:a4:19:68:33:15:00:bd:
6b:22:d4:48:5b:83:5d:25:54:bc:3e:5b:0c:f4:d9:
29:c8:c6:0f:0d:89:46:a3:8e:8c:37:21:22:8e:0a:
fc:fb:a1:ca:c7:87:e9:b2:3f:40:c1:cf:82:99:28:
1a:b2:66:79:d5:10:cd:51:23:d9:2e:9a:bc:06:3e:
ac:fe:75:56:ab:07:57:e0:01:68:6f:0e:a8:e4:e8:
fa:b7:e0:d0:fd:2b:eb:c3:7d:46:61:0c:f2:ff:ad:
8f:2d:e4:2a:b2:21:61:e8:9f:3f:c5:25:64:dc:e2:
25:89:a2:a1:a3:66:a8:a8:bf:4e:c8:5c:ff:74:59:
da:12:9e:82:8e:5d:76:3a:b5:db:d7:d1:5e:a5:25:
f0:8a:d0:3f:5e:0e:a2:a9:66:f6:6c:ad:b7:db:b1:
68:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:66:DA:3E:84:A9:0F:93:C1:61:F5:A5:75:FA:CC:FF:20:39:83:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/R2baPoSpD5PBYfWldfrM_yA5g4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.14.165.0/24
45.81.243.0/24
45.88.67.0/24
84.21.172.0/24
85.31.45.0/24
85.209.132.0/24
85.209.134.0/24
93.123.30.0/24
94.125.100.0/23
109.206.241.0/24
212.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
43:59:e5:1d:37:26:84:61:70:77:b0:e5:a5:7a:94:09:13:58:
75:de:5f:d7:7e:8e:fd:d7:13:06:88:19:5d:ee:e9:08:f8:95:
31:16:30:e5:dc:35:2c:e0:26:e0:c1:c5:e9:47:18:f7:eb:46:
50:8c:f6:37:24:c9:64:cc:1f:19:b0:e7:f8:2d:64:1f:10:55:
3f:05:89:43:7b:31:fe:a3:20:94:e6:42:47:cc:6d:d0:ff:a6:
4f:c9:39:35:14:57:51:76:19:64:dd:63:2e:bc:a2:f6:74:82:
fc:69:18:0c:b9:37:e4:1e:05:74:08:26:3a:af:45:08:72:a5:
5d:5e:a0:8a:cf:ce:c7:8e:d7:fb:79:9a:6e:c9:b3:70:cf:cc:
26:f9:7f:d6:f4:f2:1b:05:82:94:bb:e9:34:a7:43:59:35:4b:
d1:22:12:6a:ea:53:d3:1c:18:94:7b:1a:91:7a:97:28:eb:9c:
51:30:9f:9d:fc:2f:54:70:d1:81:9f:cf:29:29:b4:a6:ab:ec:
8f:2a:db:74:79:32:24:26:7a:c0:2c:0f:cd:35:ba:d0:61:84:
44:a5:e4:49:f5:63:1c:ed:53:2d:fe:c3:fc:b9:63:96:a1:cc:
05:a5:4f:7b:3b:03:0b:9e:9d:47:b1:ec:51:ef:2b:87:ea:1f:
f5:02:09:65
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZPjGFovBUi9M6+fOL4g9UQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjIwMDgwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY2ZGEzZTg0YTkwZjkzYzE2MWY1YTU3NWZhY2NmZjIwMzk4MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kZt4TIH7p+JR1Qt8zVN0sJMTJON
/9aAwRdIUw4vQ9m4g0yoQ00tGPpfaQKfGROAVkC3QWVo18mk1S0CcjB38sIa10d2
V3Y50euBKCeXPx63oqnBBKCQgT0m0RQc3DJsrKQZaDMVAL1rItRIW4NdJVS8PlsM
9NkpyMYPDYlGo46MNyEijgr8+6HKx4fpsj9Awc+CmSgasmZ51RDNUSPZLpq8Bj6s
/nVWqwdX4AFobw6o5Oj6t+DQ/Svrw31GYQzy/62PLeQqsiFh6J8/xSVk3OIliaKh
o2aoqL9OyFz/dFnaEp6Cjl12OrXb19FepSXwitA/Xg6iqWb2bK2327FoHwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEdm2j6EqQ+TwWH1pXX6zP8gOYOKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUjJiYVBvU3BENVBCWWZXbGRmck1feUE1ZzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQz+AwQA
LQ6lAwQALVHzAwQALVhDAwQAVBWsAwQAVR8tAwQAVdGEAwQAVdGGAwQAXXseAwQB
Xn1kAwQAbc7xAwQA1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQBDWeUdNyaEYXB3sOWl
epQJE1h13l/Xfo791xMGiBld7ukI+JUxFjDl3DUs4CbgwcXpRxj360ZQjPY3JMlk
zB8ZsOf4LWQfEFU/BYlDezH+oyCU5kJHzG3Q/6ZPyTk1FFdRdhlk3WMuvKL2dIL8
aRgMuTfkHgV0CCY6r0UIcqVdXqCKz87Hjtf7eZpuybNwz8wm+X/W9PIbBYKUu+k0
p0NZNUvRIhJq6lPTHBiUexqRepco65xRMJ+d/C9UcNGBn88pKbSmq+yPKtt0eTIk
JnrALA/NNbrQYYREpeRJ9WMc7VMt/sP8uWOWocwFpU97OwMLnp1HsexR7yuH6h/1
Agll
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:22:29 2025 by rpki-client