Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AeWJk48QTt92A35uf-A_6mNolR8.roa
File: AeWJk48QTt92A35uf-A_6mNolR8.roa (raw, json)
Hash identifier: SqDQdqrTlBGAOIcf1wrOmZm7YCZbCRqWU7r034LYxHE=
Subject key identifier: 01:E5:89:93:8F:10:4E:DF:76:03:7E:6E:7F:E0:3F:EA:63:68:95:1F
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F6A65D167CD27A7D1742749767A8
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AeWJk48QTt92A35uf-A_6mNolR8.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210531
IP address blocks: 45.8.179.0/24 maxlen: 24
185.217.136.0/24 maxlen: 24
185.217.137.0/24 maxlen: 24
45.8.178.0/24 maxlen: 24
45.148.146.0/24 maxlen: 24
45.148.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f6:a6:5d:16:7c:d2:7a:7d:17:42:74:97:67:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01e589938f104edf76037e6e7fe03fea6368951f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:37:7c:71:93:fd:89:03:6b:76:d0:9c:3e:28:
ee:08:d2:69:6e:c6:4c:fc:d2:85:cf:aa:fa:12:ee:
07:23:05:21:1b:c4:24:77:9a:60:77:9e:bf:ea:30:
4f:b8:8c:52:c7:f6:6d:a5:0e:25:70:4f:3f:cf:5f:
b3:64:96:6e:8e:e4:85:69:1d:ef:a0:a3:2d:bc:ba:
51:f6:ba:72:f0:72:37:47:1e:de:36:56:d3:ac:ca:
16:6d:c0:5a:dd:09:c9:2f:db:dc:8c:b1:ad:0d:84:
d4:cd:b5:41:7f:a7:2f:b3:2a:a0:a9:6d:ac:31:c0:
e8:18:ce:49:db:ce:10:8c:ff:27:cb:a2:cd:c4:83:
91:4a:89:61:98:e4:79:65:96:90:f7:b0:b2:f2:02:
48:46:4d:31:cc:73:8b:ad:72:1a:89:f2:02:b4:ae:
c4:91:06:7a:ad:13:de:3b:36:1d:69:50:1e:44:75:
85:d5:bb:bd:98:30:7f:73:29:be:1b:41:0e:9a:d8:
44:33:15:71:cf:21:f4:9f:3a:73:66:07:2b:65:d6:
c0:b1:1c:16:b1:7d:98:6a:a7:0a:77:30:42:39:00:
02:8a:0c:e2:23:75:7c:dd:8a:ce:94:63:fe:54:38:
02:90:bc:47:1b:3c:fe:75:69:ba:e5:32:9e:dd:b0:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E5:89:93:8F:10:4E:DF:76:03:7E:6E:7F:E0:3F:EA:63:68:95:1F
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/AeWJk48QTt92A35uf-A_6mNolR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.178.0/23
45.148.146.0/23
185.217.136.0/23
Signature Algorithm: sha256WithRSAEncryption
13:06:bc:99:2b:d9:87:6b:d1:30:02:68:89:06:97:2d:34:c0:
fa:77:a0:e2:1f:61:5c:50:a4:1a:3b:e5:5b:4d:8b:ba:5b:bd:
66:c8:07:34:a6:d1:d6:3a:9d:99:56:cc:57:98:c5:c6:ee:0d:
14:fa:30:58:9c:dd:23:71:ea:e8:83:ac:16:ef:0a:27:ef:7a:
3d:07:5d:b8:37:bc:4f:6e:1a:ef:e8:37:0e:ac:24:3b:8e:f7:
f2:2c:2a:d2:aa:a8:77:f7:7c:df:75:ab:bc:c9:0b:8f:8b:03:
c2:0e:a4:4f:7f:79:6c:d6:f6:25:67:ff:56:e0:56:1d:7b:dd:
7c:0d:0f:f4:ef:d9:64:50:e1:3f:a1:45:f2:14:4b:1a:fe:62:
7d:8c:a0:a5:6c:77:ea:09:2e:f6:ce:2c:75:00:47:6b:75:e4:
39:6e:36:96:5f:d2:86:4a:f9:89:5e:e1:93:45:c5:2d:09:37:
c4:51:f5:a1:2e:85:b0:f9:e0:4d:a7:37:4a:a2:1e:37:88:80:
a8:74:35:d5:99:3e:9b:cc:07:bc:61:88:7b:f4:3b:c2:e7:8a:
65:e6:96:91:8e:8a:e6:25:40:f2:a5:76:88:ac:49:31:eb:52:
29:92:53:ed:e3:40:67:8c:c3:b4:8d:d0:cb:22:0c:8c:d0:22:
18:75:00:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtvamXRZ80np9F0J0l2eoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWU1ODk5MzhmMTA0ZWRmNzYwMzdlNmU3ZmUwM2ZlYTYzNjg5NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTd8cZP9iQNrdtCcPijuCNJpbsZM
/NKFz6r6Eu4HIwUhG8Qkd5pgd56/6jBPuIxSx/ZtpQ4lcE8/z1+zZJZujuSFaR3v
oKMtvLpR9rpy8HI3Rx7eNlbTrMoWbcBa3QnJL9vcjLGtDYTUzbVBf6cvsyqgqW2s
McDoGM5J284QjP8ny6LNxIORSolhmOR5ZZaQ97Cy8gJIRk0xzHOLrXIaifICtK7E
kQZ6rRPeOzYdaVAeRHWF1bu9mDB/cym+G0EOmthEMxVxzyH0nzpzZgcrZdbAsRwW
sX2YaqcKdzBCOQACigziI3V83YrOlGP+VDgCkLxHGzz+dWm65TKe3bA1xwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAHliZOPEE7fdgN+bn/gP+pjaJUfMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvQWVXSms0OFFUdDkyQTM1dWYtQV82bU5vbFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLQiyAwQB
LZSSAwQBudmIMA0GCSqGSIb3DQEBCwUAA4IBAQATBryZK9mHa9EwAmiJBpctNMD6
d6DiH2FcUKQaO+VbTYu6W71myAc0ptHWOp2ZVsxXmMXG7g0U+jBYnN0jcerog6wW
7won73o9B124N7xPbhrv6DcOrCQ7jvfyLCrSqqh393zfdau8yQuPiwPCDqRPf3ls
1vYlZ/9W4FYde918DQ/079lkUOE/oUXyFEsa/mJ9jKClbHfqCS72zix1AEdrdeQ5
bjaWX9KGSvmJXuGTRcUtCTfEUfWhLoWw+eBNpzdKoh43iICodDXVmT6bzAe8YYh7
9DvC54pl5paRjormJUDypXaIrEkx61IpklPt40BnjMO0jdDLIgyM0CIYdQAB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:35 2025 by rpki-client