Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/amKJwLn7UaBtD-wqg31PB1CxlOU.roa
File: amKJwLn7UaBtD-wqg31PB1CxlOU.roa (raw, json)
Hash identifier: ZCc3/9AdSY6Sou39z/EdGM75BDt1drnYKbmM9osEV0g=
Subject key identifier: 6A:62:89:C0:B9:FB:51:A0:6D:0F:EC:2A:83:7D:4F:07:50:B1:94:E5
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 0193F2E1D0F0999B83B60D9E2614B41CD800
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/amKJwLn7UaBtD-wqg31PB1CxlOU.roa
Signing time: Mon 23 Dec 2024 09:38:25 +0000
ROA not before: Mon 23 Dec 2024 09:38:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
45.114.60.0/22 maxlen: 22
84.252.102.0/23 maxlen: 23
89.46.131.0/24 maxlen: 24
89.150.34.0/23 maxlen: 23
89.150.41.0/24 maxlen: 24
89.150.59.0/24 maxlen: 24
91.132.224.0/24 maxlen: 24
103.54.16.0/22 maxlen: 22
103.90.72.0/23 maxlen: 23
103.90.74.0/23 maxlen: 23
103.90.74.0/24 maxlen: 24
103.90.75.0/24 maxlen: 24
103.137.248.0/22 maxlen: 22
188.241.196.0/23 maxlen: 23
2a0c:db40::/32 maxlen: 32
2a0c:db40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:e1:d0:f0:99:9b:83:b6:0d:9e:26:14:b4:1c:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Dec 23 09:38:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a6289c0b9fb51a06d0fec2a837d4f0750b194e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:21:08:d0:95:96:ba:6a:08:85:32:5b:e6:
25:e2:5c:72:38:8a:08:79:22:f3:ee:1a:67:4e:65:
a1:a3:47:f9:d8:14:f0:4d:ab:3d:a9:f9:2b:15:1e:
9c:74:cb:13:2b:d9:68:79:c1:a6:eb:ca:3d:1d:97:
08:10:58:80:ad:e6:be:d6:ef:48:f4:e9:58:22:ad:
55:86:c8:d1:ff:73:01:e6:47:ff:53:fa:57:b4:11:
c8:7a:00:67:0e:2e:6c:ca:ec:6c:7b:bc:be:12:39:
39:33:16:68:b8:7e:fe:57:fc:b9:23:db:f0:77:27:
27:70:4e:9e:f3:1a:7c:b7:93:08:7a:62:d3:c7:d7:
2d:13:da:94:0c:ed:90:de:f2:8b:2b:71:e1:2d:cb:
08:d3:ce:a5:a9:c2:9e:50:61:2a:ed:02:d4:ce:8d:
8b:61:5e:36:88:8f:4a:3e:10:d8:93:9d:f9:d2:d1:
f1:0e:bf:9f:30:37:f2:f9:c7:e2:89:a2:7a:d7:36:
30:41:d4:0e:72:e0:16:2c:fa:41:51:fc:84:27:86:
6d:61:95:cc:1a:59:e8:bc:69:69:c8:3c:ba:74:d5:
0c:14:b8:6b:aa:59:17:93:ce:3b:80:da:95:22:df:
44:4d:28:23:11:81:84:ad:75:e5:6e:79:ed:bb:cd:
7c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:62:89:C0:B9:FB:51:A0:6D:0F:EC:2A:83:7D:4F:07:50:B1:94:E5
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/amKJwLn7UaBtD-wqg31PB1CxlOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
45.114.60.0/22
84.252.102.0/23
89.46.131.0/24
89.150.34.0/23
89.150.41.0/24
89.150.59.0/24
91.132.224.0/24
103.54.16.0/22
103.90.72.0/22
103.137.248.0/22
188.241.196.0/23
IPv6:
2a0c:db40::/32
Signature Algorithm: sha256WithRSAEncryption
7e:7f:f2:98:c5:03:7f:7b:b7:e7:53:af:dd:31:0d:4b:05:b0:
ae:6f:87:cf:76:d1:fc:7d:c5:c8:93:cf:56:b0:89:98:1f:ed:
59:9c:22:4a:a5:29:96:05:ea:f1:d0:64:82:81:f1:28:7e:9e:
64:2c:b8:0b:df:02:77:e5:be:f2:6f:6c:82:e7:bf:05:e7:81:
b0:a2:f3:59:de:3b:bb:48:15:91:ba:79:cd:33:b3:f6:aa:b9:
87:d8:6e:f4:13:44:51:5e:7f:83:b1:34:16:5e:3e:0c:59:75:
da:09:4b:ae:0d:80:71:45:ba:33:ec:96:b7:49:88:1f:eb:34:
5a:6d:fd:7c:3f:04:4e:30:60:db:14:4d:9a:0c:54:8a:25:fb:
c0:69:2a:ba:02:e7:ed:8f:c3:6b:ab:26:72:31:27:38:1a:40:
5f:e2:a1:ac:ad:90:3e:f2:af:55:db:ab:db:d9:f5:a6:a3:2d:
a4:04:c6:d2:b5:73:3a:1c:52:9c:7e:75:d6:ac:61:fa:cb:b8:
11:ad:6f:7c:43:2c:97:66:97:18:83:1d:02:db:31:90:a0:de:
28:51:1c:b8:42:8d:7b:52:9e:37:1c:c7:6a:39:0e:aa:f6:be:
a0:5f:9b:b5:8b:31:9e:b4:1c:6c:e0:21:c0:12:d4:8c:43:f2:
a1:8f:54:1d
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZPy4dDwmZuDtg2eJhS0HNgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQxMjIzMDkzODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYyODljMGI5ZmI1MWEwNmQwZmVjMmE4MzdkNGYwNzUwYjE5NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3chCNCVlrpqCIUyW+Yl4lxyOIoI
eSLz7hpnTmWho0f52BTwTas9qfkrFR6cdMsTK9loecGm68o9HZcIEFiArea+1u9I
9OlYIq1VhsjR/3MB5kf/U/pXtBHIegBnDi5syuxse7y+Ejk5MxZouH7+V/y5I9vw
dycncE6e8xp8t5MIemLTx9ctE9qUDO2Q3vKLK3HhLcsI086lqcKeUGEq7QLUzo2L
YV42iI9KPhDYk5350tHxDr+fMDfy+cfiiaJ61zYwQdQOcuAWLPpBUfyEJ4ZtYZXM
GlnovGlpyDy6dNUMFLhrqlkXk847gNqVIt9ETSgjEYGErXXlbnntu818mwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGpiicC5+1GgbQ/sKoN9TwdQsZTlMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvYW1LSndMbjdVYUJ0RC13cWczMVBCMUN4bE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQBLQqsAwQC
LXI8AwQBVPxmAwQAWS6DAwQBWZYiAwQAWZYpAwQAWZY7AwQAW4TgAwQCZzYQAwQC
Z1pIAwQCZ4n4AwQBvPHEMA0EAgACMAcDBQAqDNtAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+f/KYxQN/e7fnU6/dMQ1LBbCub4fPdtH8fcXIk89WsImYH+1ZnCJKpSmWBerx
0GSCgfEofp5kLLgL3wJ35b7yb2yC578F54GwovNZ3ju7SBWRunnNM7P2qrmH2G70
E0RRXn+DsTQWXj4MWXXaCUuuDYBxRboz7Ja3SYgf6zRabf18PwROMGDbFE2aDFSK
JfvAaSq6Auftj8NrqyZyMSc4GkBf4qGsrZA+8q9V26vb2fWmoy2kBMbStXM6HFKc
fnXWrGH6y7gRrW98QyyXZpcYgx0C2zGQoN4oURy4Qo17Up43HMdqOQ6q9r6gX5u1
izGetBxs4CHAEtSMQ/Khj1Qd
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:38:28 2025 by rpki-client