Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UiqsZd_rgTi7TLYypJYoH2EwBWQ.roa
File: UiqsZd_rgTi7TLYypJYoH2EwBWQ.roa (raw, json)
Hash identifier: REtrs7rvpsyLn6Uq4ZSJIG67iWTjUPOKh5/ydpSs1Mk=
Subject key identifier: 52:2A:AC:65:DF:EB:81:38:BB:4C:B6:32:A4:96:28:1F:61:30:05:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193BA31C1C7097C519115DB146E3A41770B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UiqsZd_rgTi7TLYypJYoH2EwBWQ.roa
Signing time: Thu 12 Dec 2024 09:27:23 +0000
ROA not before: Thu 12 Dec 2024 09:27:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41745
IP address blocks: 45.12.254.0/24 maxlen: 24
45.14.165.0/24 maxlen: 24
45.81.243.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
85.209.134.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 09:38:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:31:c1:c7:09:7c:51:91:15:db:14:6e:3a:41:77:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 12 09:27:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=522aac65dfeb8138bb4cb632a496281f61300564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:31:f2:1e:13:87:9c:d3:65:fe:42:82:49:
60:75:42:c4:55:06:e3:df:ad:45:7a:9f:e5:c8:96:
91:17:4a:94:7b:9d:8a:68:dc:53:fd:6f:e9:2a:b2:
9e:36:6a:a6:89:f4:cd:39:3a:09:c3:12:c5:e8:9e:
be:47:7a:5e:52:4d:f9:3d:f7:da:94:a0:85:b7:99:
86:3f:9f:4f:66:bb:c8:f4:ee:aa:72:52:1a:a0:3f:
6f:c7:be:39:5c:18:db:15:ad:88:85:95:00:e5:38:
c1:6d:61:91:69:e1:8b:27:68:d5:02:0f:60:1f:75:
a6:5e:ea:51:cf:2b:bd:88:9e:6a:83:66:a7:af:ce:
7b:63:36:0e:2f:f4:d5:6e:b1:65:cd:ce:fe:56:8c:
8a:64:12:a8:d3:43:d8:de:11:bc:77:75:0a:01:8f:
72:97:39:0d:38:1b:24:94:c7:ba:25:e3:00:c5:1e:
09:ce:71:19:39:ea:43:46:fb:90:51:fb:00:cb:35:
25:b1:24:8e:57:5c:ca:8a:b2:03:77:b5:01:cc:59:
a8:88:e9:b6:42:05:9e:c6:ae:8f:ab:50:2c:0f:78:
20:9d:7c:68:a6:35:27:15:4a:2a:26:d8:9b:65:98:
c1:25:b9:be:59:31:da:ab:c1:cb:c6:98:45:54:dc:
a5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2A:AC:65:DF:EB:81:38:BB:4C:B6:32:A4:96:28:1F:61:30:05:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UiqsZd_rgTi7TLYypJYoH2EwBWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.254.0/24
45.14.165.0/24
45.81.243.0/24
45.88.67.0/24
84.21.172.0/24
85.31.45.0/24
85.209.132.0/24
85.209.134.0/24
93.123.30.0/24
109.206.241.0/24
Signature Algorithm: sha256WithRSAEncryption
59:6b:5b:db:a1:75:40:8f:73:32:06:04:0e:6b:62:81:47:43:
c8:f8:64:2e:db:f4:1d:a6:02:e1:6c:d0:f0:0f:cc:63:74:dd:
6a:e0:50:e9:e3:67:39:e8:4e:a1:4f:49:f0:41:14:3e:46:be:
96:ba:f2:2a:8c:dc:01:e1:a3:a7:f8:4a:48:62:1e:58:ea:7e:
2a:2d:1b:75:7e:6e:17:c6:2f:8a:8b:35:9c:fe:9d:e0:15:86:
b4:7c:99:67:fc:37:db:d7:3d:38:30:81:0b:f0:fe:58:8f:30:
d0:5c:3e:df:a2:0e:b6:c0:88:06:da:87:44:15:57:8f:aa:e0:
f6:63:1c:16:bd:6c:90:3c:62:98:72:57:49:9c:32:f7:73:22:
9d:8b:4b:ba:a3:82:ae:61:55:26:a7:5e:14:c2:01:b9:d5:21:
10:38:a0:b8:a4:49:f1:21:f5:96:b4:ba:ce:40:fc:d5:dc:aa:
d1:84:24:21:6e:34:86:99:ec:13:b4:38:e4:bf:da:6f:02:36:
e3:8e:88:fa:65:0e:56:0a:a0:49:29:94:f0:ab:ba:d5:f0:05:
03:fb:1f:d6:0d:a7:be:29:0f:55:b5:0e:12:e0:08:0d:71:32:
d4:50:f6:04:78:f2:8f:16:64:15:87:03:f5:e6:70:7b:fc:53:
cb:98:94:0a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZO6McHHCXxRkRXbFG46QXcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjEyMDkyNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjJhYWM2NWRmZWI4MTM4YmI0Y2I2MzJhNDk2MjgxZjYxMzAwNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjUx8h4Th5zTZf5CgklgdULEVQbj
361Fep/lyJaRF0qUe52KaNxT/W/pKrKeNmqmifTNOToJwxLF6J6+R3peUk35Pffa
lKCFt5mGP59PZrvI9O6qclIaoD9vx745XBjbFa2IhZUA5TjBbWGRaeGLJ2jVAg9g
H3WmXupRzyu9iJ5qg2anr857YzYOL/TVbrFlzc7+VoyKZBKo00PY3hG8d3UKAY9y
lzkNOBsklMe6JeMAxR4JznEZOepDRvuQUfsAyzUlsSSOV1zKirIDd7UBzFmoiOm2
QgWexq6Pq1AsD3ggnXxopjUnFUoqJtibZZjBJbm+WTHaq8HLxphFVNyltwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFIqrGXf64E4u0y2MqSWKB9hMAVkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVWlxc1pkX3JnVGk3VExZeXBKWW9IMkV3QldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQz+AwQA
LQ6lAwQALVHzAwQALVhDAwQAVBWsAwQAVR8tAwQAVdGEAwQAVdGGAwQAXXseAwQA
bc7xMA0GCSqGSIb3DQEBCwUAA4IBAQBZa1vboXVAj3MyBgQOa2KBR0PI+GQu2/Qd
pgLhbNDwD8xjdN1q4FDp42c56E6hT0nwQRQ+Rr6WuvIqjNwB4aOn+EpIYh5Y6n4q
LRt1fm4Xxi+KizWc/p3gFYa0fJln/Dfb1z04MIEL8P5YjzDQXD7fog62wIgG2odE
FVePquD2YxwWvWyQPGKYcldJnDL3cyKdi0u6o4KuYVUmp14UwgG51SEQOKC4pEnx
IfWWtLrOQPzV3KrRhCQhbjSGmewTtDjkv9pvAjbjjoj6ZQ5WCqBJKZTwq7rV8AUD
+x/WDae+KQ9VtQ4S4AgNcTLUUPYEePKPFmQVhwP15nB7/FPLmJQK
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:23:50 2025 by rpki-client