Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O8YnylCAiNaCXApMGVYzNFRUilk.roa
File: O8YnylCAiNaCXApMGVYzNFRUilk.roa (raw, json)
Hash identifier: 2q1gsRASdaokIzqyBm5zkZ142kW6KJ9eUphzl+IjYvU=
Subject key identifier: 3B:C6:27:CA:50:80:88:D6:82:5C:0A:4C:19:56:33:34:54:54:8A:59
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427489B0D828A36C0EE3EDC6C980022AA
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O8YnylCAiNaCXApMGVYzNFRUilk.roa
Signing time: Thu 02 Jan 2025 13:50:57 +0000
ROA not before: Thu 02 Jan 2025 13:50:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203446
IP address blocks: 2.56.246.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.137.70.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
194.62.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 10:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:9b:0d:82:8a:36:c0:ee:3e:dc:6c:98:00:22:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bc627ca508088d6825c0a4c1956333454548a59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:19:f0:3c:97:f6:52:34:29:fa:b1:6e:33:8e:
f5:78:0e:bd:f4:1d:f2:c3:15:e1:08:42:dc:e0:53:
57:84:c0:ca:de:63:39:e2:92:12:a4:cf:f9:af:82:
a9:07:58:5d:b1:38:95:89:be:85:6a:f5:bc:d8:c7:
53:5e:5d:ed:df:a4:3e:aa:82:d4:56:73:63:14:da:
8b:77:71:05:1b:8a:f0:9e:c0:d0:c0:c3:bb:de:91:
54:ba:b8:09:f8:be:6e:8f:ff:27:b8:3a:7e:79:ca:
71:16:4f:63:d8:7a:ba:c2:1a:58:4a:f8:aa:15:d2:
60:8b:93:58:c5:30:7b:c5:18:bf:aa:e8:56:18:76:
28:6b:bc:de:82:f5:c9:c4:5c:72:0a:64:fa:be:4a:
7f:54:28:dc:ea:5d:56:e2:ae:88:45:52:dc:d7:db:
c5:b4:dd:a9:25:c8:d4:30:6f:62:80:13:00:ba:09:
fe:10:a8:ee:66:91:c0:ac:b1:7c:65:4d:49:04:de:
24:e0:1e:ce:8c:0e:a1:dd:68:74:6e:75:5e:5f:76:
1b:38:da:84:20:d0:82:b7:74:1b:f1:98:10:d2:2d:
62:65:60:55:d6:0c:51:3b:da:44:14:3d:f2:f8:2e:
6a:15:b9:ab:a5:a4:09:9d:27:f5:87:68:33:1d:ec:
37:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C6:27:CA:50:80:88:D6:82:5C:0A:4C:19:56:33:34:54:54:8A:59
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/O8YnylCAiNaCXApMGVYzNFRUilk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.97.0/24
45.131.65.0/24
45.134.39.0/24
45.137.70.0/24
185.117.0.0/24
194.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:04:36:1f:96:69:e7:61:97:fd:36:36:27:5e:a7:d1:6e:af:
88:85:d8:49:97:98:6a:9e:e6:1a:58:79:74:28:bf:68:77:86:
47:11:e8:79:04:08:85:b0:52:bf:45:6f:33:4f:78:a7:e3:fb:
4e:52:ad:c1:4b:8a:e8:3b:5f:9a:ac:be:cf:8c:e0:8d:40:1e:
67:b1:bd:13:21:9b:28:91:c4:ba:55:bf:32:a8:b8:1f:f1:0d:
77:a3:a9:4c:38:24:ea:e5:46:df:4c:93:4a:67:99:9b:88:bc:
8b:37:25:c4:ea:1a:4c:a3:4f:c7:bb:2c:a3:15:d3:e7:05:39:
95:cd:4c:fe:66:7d:53:a6:85:28:a1:e4:36:4c:94:81:9d:98:
c6:dd:b2:27:9d:b7:46:10:45:59:d6:ee:18:6f:4c:89:d6:21:
d9:3e:5a:22:74:ea:d1:9f:63:22:f7:f1:e6:85:63:5a:cc:c1:
cc:72:11:21:ea:5c:05:86:1b:38:24:ad:ae:0a:6e:3a:16:1f:
64:65:1a:1c:af:3e:57:97:43:77:6b:26:ab:00:19:1d:85:6d:
a4:af:e8:4c:89:86:63:fc:d0:b8:ba:e1:ce:aa:09:7e:d6:84:
89:cc:77:f9:c4:dd:4c:63:83:e6:a8:f2:56:55:78:99:b0:a6:
a1:9f:79:78
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQnSJsNgoo2wO4+3GyYACKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM2MjdjYTUwODA4OGQ2ODI1YzBhNGMxOTU2MzMzNDU0NTQ4YTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhnwPJf2UjQp+rFuM471eA699B3y
wxXhCELc4FNXhMDK3mM54pISpM/5r4KpB1hdsTiVib6FavW82MdTXl3t36Q+qoLU
VnNjFNqLd3EFG4rwnsDQwMO73pFUurgJ+L5uj/8nuDp+ecpxFk9j2Hq6whpYSviq
FdJgi5NYxTB7xRi/quhWGHYoa7zegvXJxFxyCmT6vkp/VCjc6l1W4q6IRVLc19vF
tN2pJcjUMG9igBMAugn+EKjuZpHArLF8ZU1JBN4k4B7OjA6h3Wh0bnVeX3YbONqE
INCCt3Qb8ZgQ0i1iZWBV1gxRO9pEFD3y+C5qFbmrpaQJnSf1h2gzHew3kwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDvGJ8pQgIjWglwKTBlWMzRUVIpZMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvTzhZbnlsQ0FpTmFDWEFwTUdWWXpORlJVaWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjj2AwQA
LQ3iAwQALUOLAwQALVphAwQALYNBAwQALYYnAwQALYlGAwQAuXUAAwQAwj74MA0G
CSqGSIb3DQEBCwUAA4IBAQA+BDYflmnnYZf9NjYnXqfRbq+IhdhJl5hqnuYaWHl0
KL9od4ZHEeh5BAiFsFK/RW8zT3in4/tOUq3BS4roO1+arL7PjOCNQB5nsb0TIZso
kcS6Vb8yqLgf8Q13o6lMOCTq5UbfTJNKZ5mbiLyLNyXE6hpMo0/HuyyjFdPnBTmV
zUz+Zn1TpoUooeQ2TJSBnZjG3bInnbdGEEVZ1u4Yb0yJ1iHZPloidOrRn2Mi9/Hm
hWNazMHMchEh6lwFhhs4JK2uCm46Fh9kZRocrz5Xl0N3ayarABkdhW2kr+hMiYZj
/NC4uuHOqgl+1oSJzHf5xN1MY4PmqPJWVXiZsKahn3l4
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:16:25 2025 by rpki-client