Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/il_oreuwtSHQRSQ0ffgT2iRTvCs.roa
File: il_oreuwtSHQRSQ0ffgT2iRTvCs.roa (raw, json)
Hash identifier: 6iCtrlI5+cTeLLq/osM4r26/rKzTSles3bZI5GyO4EY=
Subject key identifier: 8A:5F:E8:AD:EB:B0:B5:21:D0:45:24:34:7D:F8:13:DA:24:53:BC:2B
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0195188A29B79C81F3E1C9225E85F9B567FA
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/il_oreuwtSHQRSQ0ffgT2iRTvCs.roa
Signing time: Tue 18 Feb 2025 10:11:02 +0000
ROA not before: Tue 18 Feb 2025 10:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200313
IP address blocks: 45.8.176.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
185.224.218.0/24 maxlen: 24
185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Feb 2025 14:39:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:8a:29:b7:9c:81:f3:e1:c9:22:5e:85:f9:b5:67:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Feb 18 10:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a5fe8adebb0b521d04524347df813da2453bc2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:ac:e1:b3:8e:d6:c5:ed:90:a8:d4:9b:17:
43:97:22:0d:b6:97:98:6f:1c:ac:7e:27:85:10:a3:
0f:c4:2a:ae:0b:43:0d:1c:03:ff:a9:e0:13:f1:5d:
e4:5f:a1:a7:e2:40:09:9f:d1:ac:7f:da:b9:68:3c:
da:6c:7f:33:e5:b5:6b:9e:f4:0a:9d:24:8e:24:8b:
39:cd:11:f2:a5:f6:d0:55:7c:87:77:dd:50:8a:a2:
0a:70:9c:fb:35:a4:a8:b9:f8:5b:71:fc:e2:c9:91:
1b:d5:2d:30:ac:5f:ee:5c:1f:d4:a2:f9:71:5b:3e:
11:59:f3:e6:b3:5b:ea:f4:02:07:4c:01:b4:78:8f:
d7:0a:2b:e6:6c:fa:6a:60:09:a6:d9:ab:f4:00:6c:
63:d8:54:30:fd:90:f1:c4:2d:74:58:ed:ba:88:bc:
6d:20:5d:e7:70:70:06:c7:15:f4:62:75:16:6d:c0:
e6:e8:05:e7:7b:13:c0:eb:d0:13:d8:c4:99:ec:8f:
fa:38:ca:0a:f1:ec:60:83:e4:fd:53:c0:5b:99:a2:
23:ee:89:a9:77:e5:ef:92:2a:ff:47:29:9a:fc:6a:
a0:b7:bd:8b:57:f3:a5:84:6a:af:34:18:b6:49:2d:
1c:2f:6c:7a:1a:9d:af:fe:e9:58:d5:b9:5c:f6:a2:
55:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5F:E8:AD:EB:B0:B5:21:D0:45:24:34:7D:F8:13:DA:24:53:BC:2B
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/il_oreuwtSHQRSQ0ffgT2iRTvCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.176.0/24
45.142.2.0/24
185.212.128.0/22
185.224.218.0/24
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
88:d0:60:de:3e:53:d0:b6:07:b1:b9:60:c5:e2:6c:4c:02:fa:
ff:97:65:91:c2:6b:89:0f:5b:bf:67:c0:dc:bd:a8:46:bc:04:
62:06:59:54:96:22:a0:91:9b:ea:61:a8:c9:e1:6f:3e:a1:fc:
12:57:e9:c6:f0:cf:04:0b:17:03:97:fb:05:3f:e7:77:a9:5d:
d9:2b:d1:9f:0d:c9:64:f6:3c:b7:0a:c8:48:83:dd:d9:2d:05:
5c:bc:60:46:fe:01:cc:0a:f5:46:0b:eb:37:cb:01:46:14:39:
47:64:0c:6e:ea:f5:82:30:e1:00:ba:e3:58:b8:50:41:b2:0f:
11:f9:ca:c2:ab:19:93:86:8b:ec:e6:33:da:d2:14:64:19:96:
95:33:2d:b7:51:cb:e6:81:c7:b6:0c:99:01:95:e3:91:e5:8c:
8d:a2:43:3a:ba:7e:59:9b:0e:96:42:02:7d:f6:7f:63:7e:85:
15:31:d6:87:e2:44:47:b1:ce:1d:33:70:5f:c8:53:42:79:95:
28:d7:69:84:cd:50:ba:cd:bf:83:79:d8:d7:e0:1e:c5:b9:5c:
0b:f0:9c:5d:f7:4b:81:4d:a7:99:16:5b:81:09:c2:3b:5c:48:
ca:38:f5:09:8a:ba:7f:3e:3b:49:ce:e6:55:10:70:13:06:26:
69:2d:26:b6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZUYiim3nIHz4ckiXoX5tWf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMjE4MTAxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTVmZThhZGViYjBiNTIxZDA0NTI0MzQ3ZGY4MTNkYTI0NTNiYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxms4bOO1sXtkKjUmxdDlyINtpeY
bxysfieFEKMPxCquC0MNHAP/qeAT8V3kX6Gn4kAJn9Gsf9q5aDzabH8z5bVrnvQK
nSSOJIs5zRHypfbQVXyHd91QiqIKcJz7NaSoufhbcfziyZEb1S0wrF/uXB/Uovlx
Wz4RWfPms1vq9AIHTAG0eI/XCivmbPpqYAmm2av0AGxj2FQw/ZDxxC10WO26iLxt
IF3ncHAGxxX0YnUWbcDm6AXnexPA69AT2MSZ7I/6OMoK8exgg+T9U8BbmaIj7omp
d+Xvkir/Ryma/Gqgt72LV/OlhGqvNBi2SS0cL2x6Gp2v/ulY1blc9qJVwQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFIpf6K3rsLUh0EUkNH34E9okU7wrMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvaWxfb3JldXd0U0hRUlNRMGZmZ1QyaVJUdkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQALQiwAwQA
LY4CAwQCudSAAwQAueDaAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0W
QwMFACoNY8AwDQYJKoZIhvcNAQELBQADggEBAIjQYN4+U9C2B7G5YMXibEwC+v+X
ZZHCa4kPW79nwNy9qEa8BGIGWVSWIqCRm+phqMnhbz6h/BJX6cbwzwQLFwOX+wU/
53epXdkr0Z8NyWT2PLcKyEiD3dktBVy8YEb+AcwK9UYL6zfLAUYUOUdkDG7q9YIw
4QC641i4UEGyDxH5ysKrGZOGi+zmM9rSFGQZlpUzLbdRy+aBx7YMmQGV45HljI2i
Qzq6flmbDpZCAn32f2N+hRUx1ofiREexzh0zcF/IU0J5lSjXaYTNULrNv4N52Nfg
HsW5XAvwnF33S4FNp5kWW4EJwjtcSMo49QmKun8+O0nO5lUQcBMGJmktJrY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:57:17 2025 by rpki-client