Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/IxTBL0-1Sy4jO1eUM0NRzCUMAj4.roa
File: IxTBL0-1Sy4jO1eUM0NRzCUMAj4.roa (raw, json)
Hash identifier: yZ4wb7r1As5AGnzaMHI0YQ6lL5pSLyyzhF3zJE5Diyc=
Subject key identifier: 23:14:C1:2F:4F:B5:4B:2E:23:3B:57:94:33:43:51:CC:25:0C:02:3E
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 01914F16CB5202BF730A91CE14851E64FF70
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/IxTBL0-1Sy4jO1eUM0NRzCUMAj4.roa
Signing time: Wed 14 Aug 2024 04:12:59 +0000
ROA not before: Wed 14 Aug 2024 04:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
84.252.102.0/23 maxlen: 23
89.150.34.0/23 maxlen: 23
89.150.41.0/24 maxlen: 24
89.150.59.0/24 maxlen: 24
103.90.72.0/23 maxlen: 23
103.90.74.0/23 maxlen: 23
2a0c:db40::/32 maxlen: 32
2a0c:db40::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 09:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:16:cb:52:02:bf:73:0a:91:ce:14:85:1e:64:ff:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Aug 14 04:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2314c12f4fb54b2e233b5794334351cc250c023e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9f:7a:33:40:31:b7:2e:20:c7:82:eb:50:f2:
81:8b:a6:10:e9:96:50:e9:ff:3f:46:2c:41:50:ae:
61:e0:ee:7c:03:a4:22:74:65:ec:79:9c:a1:45:91:
e6:47:ef:64:b8:ce:8a:70:8e:c7:b9:5d:78:84:6f:
bf:96:46:7f:19:62:4d:a4:a0:57:c4:f7:99:12:90:
23:8f:59:2c:10:b5:6e:fd:a8:78:e4:c0:b6:45:15:
26:83:9a:13:aa:ee:44:80:2c:c4:70:e8:77:ce:22:
13:ef:f2:9c:f2:91:d1:66:d7:51:c3:e1:91:9e:fd:
c9:16:8e:1e:83:5c:a0:6d:38:a4:b2:45:13:f3:04:
4f:bb:d5:b6:3f:a4:6d:ed:9c:0c:5f:0f:37:b3:dd:
b7:2d:32:98:97:bc:72:e7:6b:8c:66:7e:c4:51:ff:
8a:13:09:68:62:f5:64:aa:60:68:6b:8f:8c:bf:df:
ac:e3:60:09:07:0d:bf:ba:f7:25:0d:a6:60:c5:bc:
04:f3:07:a3:75:87:0e:05:00:52:34:8f:58:84:b8:
06:6e:6f:7e:a1:9f:3e:d0:84:3f:50:6f:4a:7f:1d:
21:31:d6:85:dd:92:ac:3a:58:eb:cc:a4:95:41:09:
22:01:a2:3b:94:22:bb:64:b2:1a:b1:3a:c8:4f:06:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:14:C1:2F:4F:B5:4B:2E:23:3B:57:94:33:43:51:CC:25:0C:02:3E
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/IxTBL0-1Sy4jO1eUM0NRzCUMAj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
89.150.34.0/23
89.150.41.0/24
89.150.59.0/24
103.90.72.0/22
IPv6:
2a0c:db40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:8f:90:98:35:86:32:00:fa:29:ea:c8:f5:aa:de:4a:cb:57:
be:dd:0f:1d:a4:fc:c3:30:9a:5e:b9:86:c8:95:0a:ff:b1:84:
b4:43:4a:80:00:01:26:db:e3:26:30:9c:8e:cf:d7:03:82:1d:
3b:a3:99:c6:19:ae:96:13:2e:a4:de:86:bd:6e:a8:9a:c4:53:
45:c4:17:b6:c9:13:78:e4:7f:82:e9:cc:b9:5c:a2:af:a3:2e:
12:ad:4e:f7:f4:c7:db:0c:57:05:37:c4:f5:f9:0f:4a:4b:60:
bc:d2:0b:e5:1b:fe:fa:77:a1:d6:8a:10:a6:eb:f5:05:19:9b:
0f:fb:71:67:a1:34:1d:fc:86:97:e0:fe:08:c1:bd:b7:1c:4e:
64:09:67:57:27:96:4e:34:5b:f1:6f:d3:18:f6:ea:8b:bd:40:
a3:d1:1e:66:2a:e8:67:ca:f4:80:b9:98:50:d5:ee:02:5a:b8:
3b:00:8f:09:37:c4:66:6f:f3:ed:94:4c:3b:a8:a6:60:03:e4:
67:e3:c2:30:9e:ab:f6:75:0c:00:c8:23:30:78:23:13:7a:31:
1e:9e:fd:32:cc:8c:75:7d:2d:c8:93:9b:03:c7:fe:43:2f:39:
cb:35:6f:08:70:88:a4:14:c9:2d:f5:35:ba:9d:2b:79:5e:97:
66:06:a3:80
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZFPFstSAr9zCpHOFIUeZP9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwODE0MDQxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzE0YzEyZjRmYjU0YjJlMjMzYjU3OTQzMzQzNTFjYzI1MGMwMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx596M0Axty4gx4LrUPKBi6YQ6ZZQ
6f8/RixBUK5h4O58A6QidGXseZyhRZHmR+9kuM6KcI7HuV14hG+/lkZ/GWJNpKBX
xPeZEpAjj1ksELVu/ah45MC2RRUmg5oTqu5EgCzEcOh3ziIT7/Kc8pHRZtdRw+GR
nv3JFo4eg1ygbTikskUT8wRPu9W2P6Rt7ZwMXw83s923LTKYl7xy52uMZn7EUf+K
EwloYvVkqmBoa4+Mv9+s42AJBw2/uvclDaZgxbwE8wejdYcOBQBSNI9YhLgGbm9+
oZ8+0IQ/UG9Kfx0hMdaF3ZKsOljrzKSVQQkiAaI7lCK7ZLIasTrITwbkDwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCMUwS9PtUsuIztXlDNDUcwlDAI+MB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvSXhUQkwwLTFTeTRqTzFlVU0wTlJ6Q1VNQWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBLQqsAwQB
VPxmAwQBWZYiAwQAWZYpAwQAWZY7AwQCZ1pIMA0EAgACMAcDBQAqDNtAMA0GCSqG
SIb3DQEBCwUAA4IBAQBej5CYNYYyAPop6sj1qt5Ky1e+3Q8dpPzDMJpeuYbIlQr/
sYS0Q0qAAAEm2+MmMJyOz9cDgh07o5nGGa6WEy6k3oa9bqiaxFNFxBe2yRN45H+C
6cy5XKKvoy4SrU739MfbDFcFN8T1+Q9KS2C80gvlG/76d6HWihCm6/UFGZsP+3Fn
oTQd/IaX4P4Iwb23HE5kCWdXJ5ZONFvxb9MY9uqLvUCj0R5mKuhnyvSAuZhQ1e4C
Wrg7AI8JN8Rmb/PtlEw7qKZgA+Rn48Iwnqv2dQwAyCMweCMTejEenv0yzIx1fS3I
k5sDx/5DLznLNW8IcIikFMkt9TW6nSt5XpdmBqOA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:54 2025 by rpki-client