Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/OlBT5T5xPO69kAsBhpwBbbQwgEk.roa
File: OlBT5T5xPO69kAsBhpwBbbQwgEk.roa (raw, json)
Hash identifier: c6i08K8gZDVOqKaZrKbCTk+izA3rg6LzOVC4/pGQpTM=
Subject key identifier: 3A:50:53:E5:3E:71:3C:EE:BD:90:0B:01:86:9C:01:6D:B4:30:80:49
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 0191BC27FB76809740115D0092B0613C67A4
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/OlBT5T5xPO69kAsBhpwBbbQwgEk.roa
Signing time: Wed 04 Sep 2024 08:30:22 +0000
ROA not before: Wed 04 Sep 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
84.252.102.0/23 maxlen: 23
89.150.34.0/23 maxlen: 23
89.150.41.0/24 maxlen: 24
89.150.59.0/24 maxlen: 24
103.90.72.0/23 maxlen: 23
103.90.74.0/23 maxlen: 23
103.90.74.0/24 maxlen: 24
103.90.75.0/24 maxlen: 24
103.137.248.0/22 maxlen: 22
2a0c:db40::/32 maxlen: 32
2a0c:db40::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Sep 2024 09:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:27:fb:76:80:97:40:11:5d:00:92:b0:61:3c:67:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Sep 4 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a5053e53e713ceebd900b01869c016db4308049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:88:9e:50:02:eb:01:7a:e6:42:5f:8a:6b:
ef:ae:73:01:de:11:3a:7d:31:78:17:91:29:f8:ae:
52:26:18:99:07:0c:7d:92:1a:8d:30:82:b8:2f:1f:
94:dd:2b:eb:35:1e:8d:88:4d:50:5b:56:86:bc:5b:
b9:75:9e:8b:59:ea:43:c0:0e:e8:cb:b4:40:57:28:
87:24:f0:f0:34:3e:5f:b0:51:7a:59:9a:71:09:e7:
b7:cd:96:1e:ae:44:34:fc:65:91:8f:2d:b5:40:95:
b0:c7:22:56:cb:ef:d0:bb:03:47:80:2f:c9:9e:db:
6e:36:e4:e5:4e:b7:fe:cb:34:41:03:39:1d:a5:96:
9e:49:fa:4b:62:35:cd:77:61:e8:3e:7f:bb:0f:f3:
69:df:60:68:49:27:82:4a:2f:4c:83:60:dd:cb:6c:
f2:86:3c:1f:0f:d7:37:1c:b0:47:5b:12:64:26:1b:
c2:86:d9:2b:d7:d1:60:85:75:06:27:62:98:50:80:
87:84:9b:72:a4:cc:a3:39:b4:03:02:77:10:de:34:
fd:29:53:47:02:1d:3f:ff:bd:aa:05:e0:ec:00:ab:
df:cc:2b:3b:ad:82:ea:7a:df:64:ca:b8:4c:43:1e:
27:80:f9:d1:6f:c6:3c:98:04:aa:39:61:f9:10:a7:
91:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:50:53:E5:3E:71:3C:EE:BD:90:0B:01:86:9C:01:6D:B4:30:80:49
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/OlBT5T5xPO69kAsBhpwBbbQwgEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
89.150.34.0/23
89.150.41.0/24
89.150.59.0/24
103.90.72.0/22
103.137.248.0/22
IPv6:
2a0c:db40::/32
Signature Algorithm: sha256WithRSAEncryption
d1:45:aa:3c:92:91:d5:72:60:ae:a1:e5:e9:1e:78:c1:cf:2c:
7c:ab:0a:15:48:82:94:9d:84:c8:f9:88:e2:0a:1f:b7:64:7d:
a8:13:d4:35:dd:59:d3:1b:67:4d:df:98:22:81:7b:05:1d:9f:
78:ce:63:84:7e:34:2a:97:b2:f2:15:d1:b4:5a:db:15:2b:6c:
da:31:db:f6:e2:03:19:8b:e3:33:da:0e:51:ed:6b:74:d3:fb:
12:c9:d8:a8:d1:d4:cb:32:ee:1a:df:d5:f4:52:28:ad:2e:c6:
ab:a4:49:5a:cd:ea:be:26:c4:69:14:53:f6:25:7c:3b:36:01:
ce:03:14:7e:98:13:80:81:4f:91:45:b4:c9:a4:6a:df:79:52:
0a:0a:64:21:ec:23:c8:15:8c:95:e8:02:8d:2a:2e:62:d0:d4:
2b:f2:ff:8d:1c:d3:58:7c:c1:0b:27:ce:5d:44:67:a3:c7:c7:
fe:8d:52:e2:14:ce:22:49:73:39:a7:59:49:47:94:c1:bd:ba:
40:10:82:64:f8:b4:79:68:e0:ee:0f:40:86:f9:5a:c7:68:73:
9a:ef:66:09:81:1e:28:59:fd:ad:12:5e:0c:8a:66:f7:25:7e:
ce:8c:44:12:59:db:92:29:3d:74:b5:84:72:74:d6:00:b7:d7:
9c:a6:7e:e6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZG8J/t2gJdAEV0AkrBhPGekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwOTA0MDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTUwNTNlNTNlNzEzY2VlYmQ5MDBiMDE4NjljMDE2ZGI0MzA4MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGaInlAC6wF65kJfimvvrnMB3hE6
fTF4F5Ep+K5SJhiZBwx9khqNMIK4Lx+U3SvrNR6NiE1QW1aGvFu5dZ6LWepDwA7o
y7RAVyiHJPDwND5fsFF6WZpxCee3zZYerkQ0/GWRjy21QJWwxyJWy+/QuwNHgC/J
nttuNuTlTrf+yzRBAzkdpZaeSfpLYjXNd2HoPn+7D/Np32BoSSeCSi9Mg2Ddy2zy
hjwfD9c3HLBHWxJkJhvChtkr19FghXUGJ2KYUICHhJtypMyjObQDAncQ3jT9KVNH
Ah0//72qBeDsAKvfzCs7rYLqet9kyrhMQx4ngPnRb8Y8mASqOWH5EKeR6wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDpQU+U+cTzuvZALAYacAW20MIBJMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvT2xCVDVUNXhQTzY5a0FzQmhwd0JiYlF3Z0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBLQqsAwQB
VPxmAwQBWZYiAwQAWZYpAwQAWZY7AwQCZ1pIAwQCZ4n4MA0EAgACMAcDBQAqDNtA
MA0GCSqGSIb3DQEBCwUAA4IBAQDRRao8kpHVcmCuoeXpHnjBzyx8qwoVSIKUnYTI
+YjiCh+3ZH2oE9Q13VnTG2dN35gigXsFHZ94zmOEfjQql7LyFdG0WtsVK2zaMdv2
4gMZi+Mz2g5R7Wt00/sSydio0dTLMu4a39X0UiitLsarpElazeq+JsRpFFP2JXw7
NgHOAxR+mBOAgU+RRbTJpGrfeVIKCmQh7CPIFYyV6AKNKi5i0NQr8v+NHNNYfMEL
J85dRGejx8f+jVLiFM4iSXM5p1lJR5TBvbpAEIJk+LR5aODuD0CG+VrHaHOa72YJ
gR4oWf2tEl4Mimb3JX7OjEQSWduSKT10tYRydNYAt9ecpn7m
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:11 2025 by rpki-client