Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h5onaN0VvYxE8wBG_6djPoTPMcY.roa
File: h5onaN0VvYxE8wBG_6djPoTPMcY.roa (raw, json)
Hash identifier: zqEzo6ZbPBOCx/YYlKqiTshNIFzEfckCuFgzNj0fAps=
Subject key identifier: 87:9A:27:68:DD:15:BD:8C:44:F3:00:46:FF:A7:63:3E:84:CF:31:C6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193760A5B8BC175CCE8D90FC23A6D46B244
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h5onaN0VvYxE8wBG_6djPoTPMcY.roa
Signing time: Fri 29 Nov 2024 03:50:10 +0000
ROA not before: Fri 29 Nov 2024 03:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Nov 2024 10:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:0a:5b:8b:c1:75:cc:e8:d9:0f:c2:3a:6d:46:b2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 03:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=879a2768dd15bd8c44f30046ffa7633e84cf31c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:23:65:5b:6e:66:12:a1:58:c9:fc:bd:0f:39:
a4:8a:b2:0f:02:08:7c:fb:f3:48:ef:3e:97:ce:db:
98:47:41:84:db:4a:61:49:5f:09:f4:0e:d4:c9:4c:
6b:4b:76:41:01:73:00:93:d6:54:ec:f6:85:43:d9:
10:58:36:6c:70:e2:a3:bc:95:b3:49:1e:b9:63:71:
b5:0c:47:ad:38:24:93:0a:7a:91:54:7b:41:d7:f0:
e3:2b:a6:46:9c:81:9f:27:8f:43:c1:d2:0d:e0:0d:
19:86:8f:db:bd:2e:59:92:3e:ad:b6:27:7c:73:6b:
cd:1e:19:41:e3:dd:d5:79:50:82:96:8c:23:da:dc:
3d:aa:70:e9:1e:66:5e:c9:45:14:8f:fd:44:1e:4a:
2c:56:66:09:37:21:b6:5a:49:c9:21:8b:c4:f0:76:
61:eb:19:aa:81:62:76:f1:7d:95:ef:60:c2:59:8a:
45:ee:6b:df:93:b7:b9:73:cc:3f:ae:7e:f9:81:4d:
d3:a6:86:ce:60:ce:f9:eb:f2:ae:d3:60:6d:9d:dc:
59:aa:f8:19:7e:99:59:38:96:77:66:c2:80:28:cc:
81:2e:ee:b7:1b:9b:f7:f1:5a:1c:06:a4:f7:69:fe:
cc:69:7e:aa:92:9d:f4:cf:f2:0b:94:47:30:1d:e2:
27:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9A:27:68:DD:15:BD:8C:44:F3:00:46:FF:A7:63:3E:84:CF:31:C6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h5onaN0VvYxE8wBG_6djPoTPMcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
45.149.235.0/24
83.143.113.0/24
87.120.36.0/24
87.120.88.0/24
109.206.242.0/24
185.246.222.0/24
193.168.196.0/23
193.168.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:90:e3:d2:4d:ad:db:d5:85:6c:b9:0f:48:ff:14:ee:89:46:
0d:4d:da:93:f3:f8:81:95:25:b5:29:d8:48:b3:fa:95:06:da:
f2:6d:c9:4f:12:31:ad:8a:dd:a7:48:08:96:82:0f:6a:04:35:
f8:f5:ce:40:54:fb:73:6a:a2:5a:f3:fc:dd:17:4c:ff:1c:aa:
37:da:06:c1:75:a3:2b:78:8a:2c:da:fe:5f:ca:d8:9c:84:05:
c3:69:ce:d8:56:72:2a:26:61:bf:ca:9c:93:44:0f:78:c1:e1:
97:49:da:01:a7:4b:57:2f:f2:9c:35:78:47:4b:74:aa:74:c8:
92:6c:c5:98:03:50:fe:92:5d:fb:f6:03:1a:ba:69:39:a0:bd:
b5:de:96:29:15:3e:d2:ba:b1:9a:93:ba:43:dc:a4:6e:2f:02:
22:dc:33:11:c3:2d:d2:79:f9:e6:b9:cb:69:d3:aa:4b:70:e8:
6d:16:2b:d3:1b:ed:de:f6:29:f0:58:82:53:5c:c2:14:2f:c3:
d4:40:e4:0d:0b:2b:21:42:87:19:6d:df:f7:18:25:6b:46:e8:
30:ba:a8:f0:30:21:30:50:a8:b8:7b:60:0a:33:d3:e7:9e:0a:
eb:98:4e:8e:13:bf:68:df:81:16:52:d6:c2:15:60:1a:d0:88:
22:f0:b5:6c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZN2CluLwXXM6NkPwjptRrJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI5MDM1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzlhMjc2OGRkMTViZDhjNDRmMzAwNDZmZmE3NjMzZTg0Y2YzMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyNlW25mEqFYyfy9DzmkirIPAgh8
+/NI7z6XztuYR0GE20phSV8J9A7UyUxrS3ZBAXMAk9ZU7PaFQ9kQWDZscOKjvJWz
SR65Y3G1DEetOCSTCnqRVHtB1/DjK6ZGnIGfJ49DwdIN4A0Zho/bvS5Zkj6ttid8
c2vNHhlB493VeVCClowj2tw9qnDpHmZeyUUUj/1EHkosVmYJNyG2WknJIYvE8HZh
6xmqgWJ28X2V72DCWYpF7mvfk7e5c8w/rn75gU3TpobOYM756/Ku02BtndxZqvgZ
fplZOJZ3ZsKAKMyBLu63G5v38VocBqT3af7MaX6qkp30z/ILlEcwHeInMQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIeaJ2jdFb2MRPMARv+nYz6EzzHGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDVvbmFOMFZ2WXhFOHdCR182ZGpQb1RQTWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVRYAwQA
LVn0AwQALVvBAwQALZXrAwQAU49xAwQAV3gkAwQAV3hYAwQAbc7yAwQAufbeAwQB
wajEAwQAwajHMA0GCSqGSIb3DQEBCwUAA4IBAQBOkOPSTa3b1YVsuQ9I/xTuiUYN
TdqT8/iBlSW1KdhIs/qVBtrybclPEjGtit2nSAiWgg9qBDX49c5AVPtzaqJa8/zd
F0z/HKo32gbBdaMreIos2v5fytichAXDac7YVnIqJmG/ypyTRA94weGXSdoBp0tX
L/KcNXhHS3SqdMiSbMWYA1D+kl379gMaumk5oL213pYpFT7SurGak7pD3KRuLwIi
3DMRwy3Sefnmuctp06pLcOhtFivTG+3e9inwWIJTXMIUL8PUQOQNCyshQocZbd/3
GCVrRugwuqjwMCEwUKi4e2AKM9PnngrrmE6OE79o34EWUtbCFWAa0Igi8LVs
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:43:23 2025 by rpki-client