Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/o5RVEwgNYaqQI-jjqQmtQybGieU.roa
File: o5RVEwgNYaqQI-jjqQmtQybGieU.roa (raw, json)
Hash identifier: CW6iswQhFrR9ss3gGLDy0Q8MmXH7/FYKA1SDCkefEjQ=
Subject key identifier: A3:94:55:13:08:0D:61:AA:90:23:E8:E3:A9:09:AD:43:26:C6:89:E5
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747D923D6B8F5AEAB8ABD87F9B62290
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/o5RVEwgNYaqQI-jjqQmtQybGieU.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 18:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d9:23:d6:b8:f5:ae:ab:8a:bd:87:f9:b6:22:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3945513080d61aa9023e8e3a909ad4326c689e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:84:26:f5:a8:93:21:91:a0:c4:aa:e9:8c:
07:90:71:0b:34:2e:bd:5d:40:c3:e8:53:27:00:c9:
9c:d9:f8:6d:ad:f8:8c:3d:5b:38:e7:d4:05:01:13:
05:d3:97:ed:73:9a:91:b5:3e:c6:7a:73:dc:8e:9c:
95:9e:30:36:74:ea:bf:0e:2d:21:05:0b:fa:78:a9:
72:65:f8:da:40:b4:6e:37:bc:72:a6:08:7d:a3:f6:
1b:b6:01:5d:db:19:0c:71:5a:03:d9:19:06:cf:72:
0f:ae:5c:74:00:d9:84:a1:90:79:da:4f:e1:17:26:
fd:dd:fa:8c:40:e6:c9:7b:b2:ba:a9:eb:d6:56:0e:
bc:80:c7:cb:9d:7b:44:3f:59:9c:6f:85:be:e0:5e:
cd:3f:1a:7a:7f:d7:b9:e0:2f:23:12:68:da:67:e8:
ee:9f:d2:d0:0b:8b:ec:bf:52:eb:f7:5e:76:a8:ee:
e7:fe:07:3c:9b:b3:7a:ab:81:12:fd:5f:c2:d5:ab:
70:56:2d:3d:b2:6b:2e:81:e9:20:41:84:4b:52:44:
b1:c5:08:91:a6:0a:30:13:e0:fc:d5:e5:6a:4c:6f:
d6:01:1d:64:86:18:a5:3f:96:cf:c3:1d:72:55:6c:
59:de:7b:0b:e7:74:d9:b9:fb:71:f1:60:17:e4:4f:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:94:55:13:08:0D:61:AA:90:23:E8:E3:A9:09:AD:43:26:C6:89:E5
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/o5RVEwgNYaqQI-jjqQmtQybGieU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0/24
45.140.220.0/23
77.83.241.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:b3:09:b6:d3:16:3b:18:e8:db:30:f0:e0:51:0a:f0:d7:0c:
4d:42:27:c7:b4:c2:ce:d0:e1:f0:12:02:f8:7b:22:c9:62:a1:
b3:ec:60:88:a7:4e:23:f3:13:34:88:f5:41:3a:01:f7:46:da:
2d:5b:79:fb:63:42:ea:6f:2b:a5:49:cb:d3:63:25:45:d9:67:
10:6a:3e:2d:f8:48:0a:4c:33:75:36:f9:7a:f6:45:0e:a1:ad:
13:ff:c5:64:36:25:d9:d4:71:16:67:0f:c7:46:25:0c:65:ce:
fd:41:7d:37:7f:72:02:9c:70:2e:43:85:6e:a5:fe:96:64:52:
0a:b3:10:67:3b:17:16:f5:bc:29:71:65:8a:e2:61:77:ff:16:
9c:81:96:05:0c:ef:a7:82:1e:80:b3:ef:09:8c:b5:03:15:30:
14:03:ba:50:94:75:a3:af:83:c5:29:e2:0d:08:27:a8:be:b3:
fd:00:96:d9:5d:22:27:9e:ba:16:8f:3f:c5:49:91:34:cc:a3:
f3:fc:98:f9:ed:fe:e8:5a:10:16:96:06:e1:1a:cd:32:2b:8c:
29:08:98:df:68:64:cc:6c:c1:86:67:5c:fc:c5:9c:92:90:d8:
55:de:35:da:fd:9a:2d:76:dd:09:d7:b2:24:01:e4:e1:3b:3f:
ff:a1:60:f3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQnR9kj1rj1rquKvYf5tiKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk0NTUxMzA4MGQ2MWFhOTAyM2U4ZTNhOTA5YWQ0MzI2YzY4OWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJqEJvWokyGRoMSq6YwHkHELNC69
XUDD6FMnAMmc2fhtrfiMPVs459QFARMF05ftc5qRtT7GenPcjpyVnjA2dOq/Di0h
BQv6eKlyZfjaQLRuN7xypgh9o/YbtgFd2xkMcVoD2RkGz3IPrlx0ANmEoZB52k/h
Fyb93fqMQObJe7K6qevWVg68gMfLnXtEP1mcb4W+4F7NPxp6f9e54C8jEmjaZ+ju
n9LQC4vsv1Lr9152qO7n/gc8m7N6q4ES/V/C1atwVi09smsugekgQYRLUkSxxQiR
pgowE+D81eVqTG/WAR1khhilP5bPwx1yVWxZ3nsL53TZuftx8WAX5E+D0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKOUVRMIDWGqkCPo46kJrUMmxonlMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbzVSVkV3Z05ZYXFRSS1qanFRbXRReWJHaWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjimAwQA
LVqRAwQBLYzcAwQATVPxAwQAuepKAwQAwh+MAwQAwjjhMA0GCSqGSIb3DQEBCwUA
A4IBAQClswm20xY7GOjbMPDgUQrw1wxNQifHtMLO0OHwEgL4eyLJYqGz7GCIp04j
8xM0iPVBOgH3RtotW3n7Y0LqbyulScvTYyVF2WcQaj4t+EgKTDN1Nvl69kUOoa0T
/8VkNiXZ1HEWZw/HRiUMZc79QX03f3ICnHAuQ4Vupf6WZFIKsxBnOxcW9bwpcWWK
4mF3/xacgZYFDO+ngh6As+8JjLUDFTAUA7pQlHWjr4PFKeINCCeovrP9AJbZXSIn
nroWjz/FSZE0zKPz/Jj57f7oWhAWlgbhGs0yK4wpCJjfaGTMbMGGZ1z8xZySkNhV
3jXa/Zotdt0J17IkAeThOz//oWDz
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:23:59 2025 by rpki-client