Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tLWdEoMHaXXjtDwSEGChTbzSl6g.roa
File: tLWdEoMHaXXjtDwSEGChTbzSl6g.roa (raw, json)
Hash identifier: Y5Vyo3pC/ms+xp2j3zUj/mLQN7cHneJk4onOcHwLaKY=
Subject key identifier: B4:B5:9D:12:83:07:69:75:E3:B4:3C:12:10:60:A1:4D:BC:D2:97:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824BED2B315F6109BCCB4C7AB6B9522
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tLWdEoMHaXXjtDwSEGChTbzSl6g.roa
Signing time: Thu 02 Jan 2025 17:51:24 +0000
ROA not before: Thu 02 Jan 2025 17:51:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
94.156.253.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 00:06:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:be:d2:b3:15:f6:10:9b:cc:b4:c7:ab:6b:95:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4b59d1283076975e3b43c121060a14dbcd297a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:95:4b:5f:50:dd:61:aa:43:52:83:53:64:43:
57:03:77:93:2c:56:4d:c5:8d:00:ec:09:81:18:73:
f5:6a:4c:8d:1d:81:69:b6:ae:e3:e5:7e:6e:bc:fa:
07:3f:a4:4d:09:03:d9:85:52:f7:1c:30:c2:8a:66:
a2:ca:81:b8:09:a9:a4:59:bb:7e:08:20:82:95:47:
88:a0:f6:2e:a3:62:9c:d5:60:0c:e0:53:b5:4d:73:
de:7f:11:8b:1e:21:f4:cd:16:e9:c2:65:ac:55:b6:
6b:17:a1:4a:6f:5c:a5:4b:22:89:d2:bd:6b:b2:16:
89:02:0d:06:54:ed:ff:58:ae:28:c4:eb:84:5c:1a:
b3:36:1f:c6:4e:ef:37:9e:59:a0:15:f8:df:25:7e:
1f:72:fc:14:f8:95:0a:25:4a:d3:90:2a:91:cc:f8:
b3:1f:e5:7d:4e:a6:81:05:7d:33:77:be:aa:fa:65:
99:21:37:96:a7:4d:20:80:5c:d9:ba:80:30:e3:37:
2f:12:3a:16:35:75:e9:f2:34:26:54:12:ba:aa:1c:
8e:fb:01:5d:68:ba:16:b3:04:46:f3:d6:ce:cd:42:
c0:d8:00:1c:1e:83:c2:a2:f2:3d:21:fe:f4:65:58:
b0:eb:9c:9c:51:ac:1c:27:79:f2:db:39:22:c7:ab:
da:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B5:9D:12:83:07:69:75:E3:B4:3C:12:10:60:A1:4D:BC:D2:97:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tLWdEoMHaXXjtDwSEGChTbzSl6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.116.0/24
94.156.14.0/24
94.156.253.0/24
95.214.25.0-95.214.26.255
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
37:87:f9:62:fc:c1:da:c7:00:76:a2:de:f2:c6:2b:64:b1:d0:
0e:88:21:e3:9e:3e:ba:13:20:1d:27:17:66:a7:3b:e8:23:af:
d7:7d:02:75:96:e2:79:54:47:f7:2d:8b:08:3e:6a:d6:1e:1b:
4b:9c:48:af:d5:42:7c:ef:67:e3:e6:fc:42:1c:86:aa:53:e7:
fc:12:8d:b4:72:4b:80:4c:1e:d2:42:3e:88:61:f9:49:d3:43:
cf:45:f5:dd:be:c0:b9:dd:8f:1b:b2:0b:59:79:a1:eb:03:f8:
31:77:5e:5c:ef:45:23:b3:92:83:1f:78:60:0c:96:9f:45:ec:
fc:e9:70:86:dc:01:8d:74:aa:c9:0d:c4:49:c3:6f:3f:ce:1e:
ff:49:3e:86:31:ec:1b:b1:65:c3:3a:19:b7:93:a1:b7:1c:2f:
7f:b8:f6:e7:e7:0a:bc:00:e9:52:0e:c2:1b:8a:d3:4e:f0:ff:
4c:e9:42:ed:26:a4:1f:51:29:62:00:ca:d5:ea:6a:e0:d9:4e:
e7:01:7a:df:6d:05:8e:a5:13:c7:2c:fa:c3:ec:7a:52:1a:ee:
10:55:7f:6c:64:e1:bf:53:52:46:d3:fb:be:ba:51:ca:03:ec:
1a:34:1d:c1:0a:82:2b:b2:85:58:1a:f6:69:54:77:ba:20:4d:
14:74:60:7d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQoJL7SsxX2EJvMtMera5UiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI1OWQxMjgzMDc2OTc1ZTNiNDNjMTIxMDYwYTE0ZGJjZDI5N2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5VLX1DdYapDUoNTZENXA3eTLFZN
xY0A7AmBGHP1akyNHYFptq7j5X5uvPoHP6RNCQPZhVL3HDDCimaiyoG4CamkWbt+
CCCClUeIoPYuo2Kc1WAM4FO1TXPefxGLHiH0zRbpwmWsVbZrF6FKb1ylSyKJ0r1r
shaJAg0GVO3/WK4oxOuEXBqzNh/GTu83nlmgFfjfJX4fcvwU+JUKJUrTkCqRzPiz
H+V9TqaBBX0zd76q+mWZITeWp00ggFzZuoAw4zcvEjoWNXXp8jQmVBK6qhyO+wFd
aLoWswRG89bOzULA2AAcHoPCovI9If70ZViw65ycUawcJ3ny2zkix6vaOQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLS1nRKDB2l147Q8EhBgoU280peoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdExXZEVvTUhhWFhqdER3U0VHQ2hUYnpTbDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZXwAwQA
V3hEAwQAV3kuAwQAXXt0AwQAXpwOAwQAXpz9MAwDBABf1hkDBABf1hoDBAC52ogw
DQYJKoZIhvcNAQELBQADggEBADeH+WL8wdrHAHai3vLGK2Sx0A6IIeOeProTIB0n
F2anO+gjr9d9AnWW4nlUR/ctiwg+atYeG0ucSK/VQnzvZ+Pm/EIchqpT5/wSjbRy
S4BMHtJCPohh+UnTQ89F9d2+wLndjxuyC1l5oesD+DF3XlzvRSOzkoMfeGAMlp9F
7PzpcIbcAY10qskNxEnDbz/OHv9JPoYx7BuxZcM6GbeTobccL3+49ufnCrwA6VIO
whuK007w/0zpQu0mpB9RKWIAytXqauDZTucBet9tBY6lE8cs+sPselIa7hBVf2xk
4b9TUkbT+766UcoD7Bo0HcEKgiuyhVga9mlUd7ogTRR0YH0=
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:59:26 2025 by rpki-client