Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/I_a41Z9fFdpUpkhk-KoDCvBlZM0.roa
File: I_a41Z9fFdpUpkhk-KoDCvBlZM0.roa (raw, json)
Hash identifier: YtzCRg9yVJ9SDPscJxtveAp0LbiB4wNvzjYbeUojLD4=
Subject key identifier: 23:F6:B8:D5:9F:5F:15:DA:54:A6:48:64:F8:AA:03:0A:F0:65:64:CD
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018E1D9756902CCBC151F691370449064E02
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/I_a41Z9fFdpUpkhk-KoDCvBlZM0.roa
Signing time: Fri 08 Mar 2024 10:24:01 +0000
ROA not before: Fri 08 Mar 2024 10:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 08 Mar 2024 17:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:97:56:90:2c:cb:c1:51:f6:91:37:04:49:06:4e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Mar 8 10:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23f6b8d59f5f15da54a64864f8aa030af06564cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:92:fd:85:cd:96:41:ec:3b:3c:be:eb:bf:7d:
e2:11:c6:93:77:e3:54:05:9b:f9:8e:c8:3a:2e:e7:
e0:15:26:e0:13:68:22:c0:99:74:7b:c5:fd:97:30:
a6:06:ca:21:67:1b:ec:1d:64:95:95:c2:91:d7:31:
8d:61:14:13:93:22:3c:c7:be:f6:f6:cb:4b:eb:06:
1b:6f:b8:36:a0:c2:26:98:66:82:aa:e8:cd:76:e9:
10:5a:a1:1d:e9:10:a5:fb:d7:3c:5f:b5:03:e3:c5:
d5:ce:03:3e:1d:09:9a:8b:99:aa:c7:65:90:64:e7:
c2:d0:ec:45:58:55:c7:a8:30:db:6b:59:0e:f6:74:
7a:88:b2:48:9d:31:37:52:91:9c:bf:ed:00:19:16:
0d:af:2c:71:a9:dc:13:27:56:b2:cf:e5:f9:fb:6f:
f2:66:97:f4:b1:47:e2:8d:72:36:da:55:78:37:65:
71:44:20:2b:7a:ea:b8:c7:cb:e6:b9:59:c0:80:52:
d5:c3:00:b6:2f:a2:ae:8f:be:80:72:9b:c8:08:90:
92:0c:7e:22:93:15:01:5a:c0:85:8c:75:5e:af:f0:
6a:db:43:4d:1e:13:2b:5c:f6:ab:ed:2c:45:58:30:
3d:62:b0:64:37:26:44:22:a7:14:cb:6a:da:83:e2:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F6:B8:D5:9F:5F:15:DA:54:A6:48:64:F8:AA:03:0A:F0:65:64:CD
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/I_a41Z9fFdpUpkhk-KoDCvBlZM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.228.0/22
46.18.72.0/21
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
66:ad:49:ae:9d:33:31:c0:08:63:c1:59:e0:40:fa:55:c3:b3:
c5:92:7a:7d:ee:8e:ca:08:3a:6f:14:3a:58:b7:8a:99:f7:e8:
2e:e0:ec:fa:fc:6e:d1:8c:63:4a:07:b2:78:75:ed:30:08:3b:
b4:bb:52:1f:b6:d0:d3:5d:53:63:8f:ec:e6:5b:d3:0a:de:92:
ac:c5:ae:94:7a:75:a3:d4:ae:21:d0:a0:f0:e8:0b:df:0f:04:
ed:93:15:ed:c1:05:5f:55:7b:e7:e7:3f:b9:d8:07:f4:ec:b1:
85:8d:77:28:f9:76:9c:21:ed:e3:e4:4d:35:aa:3f:12:b8:d0:
c1:d7:14:94:65:20:c5:0a:9d:f4:73:fe:6f:0f:c5:10:30:f3:
ad:7a:11:53:f6:03:c3:c1:9d:8e:ae:0f:87:b8:b5:e6:c4:05:
65:d9:1d:3f:23:89:2a:fc:94:be:5c:73:36:09:e5:cc:0f:28:
6c:fd:61:d5:a6:11:1d:e2:67:ba:fd:ef:fd:3d:db:a9:c9:73:
1f:2e:d5:09:fd:57:cd:52:81:c6:93:f8:1b:bb:1a:e6:39:23:
d5:b4:db:86:7c:2e:ab:bc:db:83:6c:27:25:16:d3:c0:3c:a2:
2d:13:85:64:49:ff:47:05:04:8c:16:83:55:c3:46:33:05:6a:
bd:e4:76:9e
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY4dl1aQLMvBUfaRNwRJBk4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMzA4MTAyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y2YjhkNTlmNWYxNWRhNTRhNjQ4NjRmOGFhMDMwYWYwNjU2NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpL9hc2WQew7PL7rv33iEcaTd+NU
BZv5jsg6LufgFSbgE2giwJl0e8X9lzCmBsohZxvsHWSVlcKR1zGNYRQTkyI8x772
9stL6wYbb7g2oMImmGaCqujNdukQWqEd6RCl+9c8X7UD48XVzgM+HQmai5mqx2WQ
ZOfC0OxFWFXHqDDba1kO9nR6iLJInTE3UpGcv+0AGRYNryxxqdwTJ1ayz+X5+2/y
Zpf0sUfijXI22lV4N2VxRCAreuq4x8vmuVnAgFLVwwC2L6Kuj76AcpvICJCSDH4i
kxUBWsCFjHVer/Bq20NNHhMrXPar7SxFWDA9YrBkNyZEIqcUy2rag+JOXwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFCP2uNWfXxXaVKZIZPiqAwrwZWTNMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvSV9hNDFaOWZGZHBVcGtoay1Lb0RDdkJsWk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQCLZXkAwQD
LhJIAwQDbUUwAwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQBwn+eAwQB
wn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQAD
ggEBAGatSa6dMzHACGPBWeBA+lXDs8WSen3ujsoIOm8UOli3ipn36C7g7Pr8btGM
Y0oHsnh17TAIO7S7Uh+20NNdU2OP7OZb0wrekqzFrpR6daPUriHQoPDoC98PBO2T
Fe3BBV9Ve+fnP7nYB/TssYWNdyj5dpwh7ePkTTWqPxK40MHXFJRlIMUKnfRz/m8P
xRAw8616EVP2A8PBnY6uD4e4tebEBWXZHT8jiSr8lL5cczYJ5cwPKGz9YdWmER3i
Z7r97/0926nJcx8u1Qn9V81SgcaT+Bu7GuY5I9W024Z8Lqu824NsJyUW08A8oi0T
hWRJ/0cFBIwWg1XDRjMFar3kdp4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:03:23 2025 by rpki-client