Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/rg4sFll0mXgLsSP_RqMzEDcWTMI.roa
File: rg4sFll0mXgLsSP_RqMzEDcWTMI.roa (raw, json)
Hash identifier: nHiJ9p501ojZFjldAWJwiCas7u9G1uoYQnMtcTvUyGY=
Subject key identifier: AE:0E:2C:16:59:74:99:78:0B:B1:23:FF:46:A3:33:10:37:16:4C:C2
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 018F4D8CAF58F16E50C5566C56B09C7B9D96
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/rg4sFll0mXgLsSP_RqMzEDcWTMI.roa
Signing time: Mon 06 May 2024 10:56:56 +0000
ROA not before: Mon 06 May 2024 10:56:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34373
IP address blocks: 45.128.64.0/22 maxlen: 24
45.132.40.0/22 maxlen: 24
77.74.124.0/22 maxlen: 24
86.48.68.0/22 maxlen: 24
91.219.76.0/22 maxlen: 24
185.56.52.0/22 maxlen: 24
185.63.56.0/22 maxlen: 24
185.69.204.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
185.97.228.0/22 maxlen: 24
185.116.40.0/22 maxlen: 24
185.165.68.0/22 maxlen: 24
185.210.128.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
217.61.253.0/24 maxlen: 24
2a00:4140::/29 maxlen: 48
2a06:900::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 48
2a0b:57c0::/29 maxlen: 48
2a0b:ec00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:8c:af:58:f1:6e:50:c5:56:6c:56:b0:9c:7b:9d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: May 6 10:56:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0e2c16597499780bb123ff46a3331037164cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:15:64:7f:f4:c9:64:1e:1f:1b:5c:7c:34:84:
55:10:b7:23:23:e2:e1:74:74:3f:16:a3:92:80:06:
01:7a:2c:1b:ef:9e:c6:ab:bc:d9:aa:fb:be:cf:4f:
77:b4:dc:a7:c0:b6:46:9e:a0:8a:de:97:b7:42:de:
fd:42:ce:57:f1:17:92:56:d7:90:17:94:0d:59:71:
bc:79:57:52:eb:08:6a:0a:b0:db:3b:42:70:a1:5d:
27:ef:7f:49:83:7d:20:be:d6:07:fc:79:be:86:6e:
d0:d0:93:3e:81:bc:30:b9:9a:39:68:aa:7f:79:67:
a5:ed:fc:ca:41:df:86:f6:4f:04:7c:63:43:fa:dd:
13:0f:6c:d3:8d:b1:a0:58:8b:8a:8f:2a:99:ad:67:
15:b3:b7:b7:fc:ce:a1:23:d4:59:1b:62:1f:c7:28:
0e:09:4b:c9:8b:0d:b7:b7:08:22:ca:93:01:ba:e8:
82:a5:c8:47:b1:06:f4:49:54:14:d4:8d:7e:a5:a8:
6b:42:96:2f:f9:39:3b:3a:27:cc:4e:98:59:00:69:
e8:85:28:04:6e:e5:16:78:2d:97:3e:8c:7c:47:20:
c5:33:27:94:4d:a8:67:ca:19:25:fd:cf:8a:80:aa:
76:e7:12:e8:7e:9a:10:81:03:fc:45:5b:e3:b2:0c:
bb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0E:2C:16:59:74:99:78:0B:B1:23:FF:46:A3:33:10:37:16:4C:C2
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/rg4sFll0mXgLsSP_RqMzEDcWTMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
77.74.124.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
97:07:00:8c:03:33:91:88:5b:4c:75:a5:00:10:82:88:ad:1a:
23:df:b0:80:de:58:01:1a:27:a7:41:04:29:25:d1:34:43:88:
d3:ca:73:14:d0:e8:36:8b:59:76:b3:5e:d4:d2:26:18:df:27:
da:82:62:4a:61:53:76:9f:dd:4d:dc:85:6a:87:7e:f2:60:10:
e3:57:18:66:84:8e:2d:4a:0f:d0:d7:3e:3b:ea:a3:f2:b7:10:
c3:cf:e8:c9:a2:5d:b0:85:2e:bf:68:43:dd:75:d4:f4:db:7b:
35:be:74:78:f3:a6:5f:ff:2a:53:bc:db:13:4a:aa:7c:b8:e6:
ab:c2:b7:1c:8b:61:5d:64:e1:c9:1d:40:89:2b:13:85:76:a8:
42:5e:c0:af:ba:26:fe:50:16:a3:57:0e:d6:e0:b4:39:56:d5:
58:ee:88:36:df:52:9d:e1:a0:90:f1:96:e1:b0:2f:8c:19:66:
a0:2a:b9:98:15:69:59:d8:64:91:b6:36:ca:2d:e9:10:46:fa:
d2:a2:ee:d5:f1:e8:8f:1e:b2:3b:10:62:15:43:12:67:5c:3d:
36:7d:49:f0:9d:43:6a:07:04:7a:28:d4:84:b6:23:a6:93:40:
a0:d7:bc:b1:f8:08:cb:75:13:29:eb:c6:ce:a1:9d:f3:c1:5b:
89:00:d6:c0
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY9NjK9Y8W5QxVZsVrCce52WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjQwNTA2MTA1NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlMmMxNjU5NzQ5OTc4MGJiMTIzZmY0NmEzMzMxMDM3MTY0Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRVkf/TJZB4fG1x8NIRVELcjI+Lh
dHQ/FqOSgAYBeiwb757Gq7zZqvu+z093tNynwLZGnqCK3pe3Qt79Qs5X8ReSVteQ
F5QNWXG8eVdS6whqCrDbO0JwoV0n739Jg30gvtYH/Hm+hm7Q0JM+gbwwuZo5aKp/
eWel7fzKQd+G9k8EfGND+t0TD2zTjbGgWIuKjyqZrWcVs7e3/M6hI9RZG2IfxygO
CUvJiw23twgiypMBuuiCpchHsQb0SVQU1I1+pahrQpYv+Tk7OifMTphZAGnohSgE
buUWeC2XPox8RyDFMyeUTahnyhkl/c+KgKp25xLofpoQgQP8RVvjsgy7cwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFK4OLBZZdJl4C7Ej/0ajMxA3FkzCMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvcmc0c0ZsbDBtWGdMc1NQX1JxTXpFRGNXVE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBgBAIAATBaAwQCLYBA
AwQCLYQoAwQCTUp8AwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAs
AwQCuWHkAwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMq
AEFAAwUDKgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOC
AQEAlwcAjAMzkYhbTHWlABCCiK0aI9+wgN5YARonp0EEKSXRNEOI08pzFNDoNotZ
drNe1NImGN8n2oJiSmFTdp/dTdyFaod+8mAQ41cYZoSOLUoP0Nc+O+qj8rcQw8/o
yaJdsIUuv2hD3XXU9Nt7Nb50ePOmX/8qU7zbE0qqfLjmq8K3HIthXWThyR1AiSsT
hXaoQl7Ar7om/lAWo1cO1uC0OVbVWO6INt9SneGgkPGW4bAvjBlmoCq5mBVpWdhk
kbY2yi3pEEb60qLu1fHojx6yOxBiFUMSZ1w9Nn1J8J1DagcEeijUhLYjppNAoNe8
sfgIy3UTKevGzqGd88FbiQDWwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:53 2025 by rpki-client