Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/bimT38qrCRmGbn5w9m805sECivE.roa
File: bimT38qrCRmGbn5w9m805sECivE.roa (raw, json)
Hash identifier: vtdQBQ0aFPK9jMosLMolf8LktSudhWB22zTkCAY1sm0=
Subject key identifier: 6E:29:93:DF:CA:AB:09:19:86:6E:7E:70:F6:6F:34:E6:C1:02:8A:F1
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 019145B794FACD7D7A6F54D70C6B2E167A24
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/bimT38qrCRmGbn5w9m805sECivE.roa
Signing time: Mon 12 Aug 2024 08:32:24 +0000
ROA not before: Mon 12 Aug 2024 08:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
45.10.172.0/24 maxlen: 24
45.10.173.0/24 maxlen: 24
84.252.102.0/23 maxlen: 23
89.150.34.0/23 maxlen: 23
89.150.41.0/24 maxlen: 24
89.150.59.0/24 maxlen: 24
2a0c:db40::/32 maxlen: 32
2a0c:db40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Aug 2024 04:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:b7:94:fa:cd:7d:7a:6f:54:d7:0c:6b:2e:16:7a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Aug 12 08:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e2993dfcaab0919866e7e70f66f34e6c1028af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:cb:8d:ba:ce:ce:5d:d4:99:b1:1c:34:b1:
bd:13:ba:a8:8c:2a:a6:07:94:ed:0c:09:79:a3:4a:
96:25:69:25:bb:d9:c7:5f:50:c4:6f:08:56:e1:31:
ec:73:2e:a7:25:5a:63:a9:b6:a0:84:f2:68:3d:34:
84:e3:bb:fa:58:7d:bb:78:a7:2b:42:6d:12:3a:8c:
a9:07:8f:df:1a:d9:b2:f7:f5:e3:03:e0:dc:43:60:
dc:11:d4:82:df:a5:33:ca:0b:56:e1:58:7e:4a:15:
33:47:b0:77:61:67:2d:24:8d:74:28:0d:7b:ce:ae:
15:ef:e1:b6:47:8a:bb:b5:3d:de:60:f2:e1:13:d6:
b6:6f:ee:e4:a5:6e:37:0a:86:bc:4b:0e:3f:d2:8b:
87:53:26:7c:9e:f9:60:be:5b:d8:71:9a:4f:3a:1b:
70:05:94:09:d8:8b:3c:8e:af:07:6d:1a:ca:5d:ac:
db:3b:5a:fb:5a:97:5d:5a:e1:0a:3c:71:ec:fa:d0:
eb:77:2c:ff:2d:11:03:63:2c:0a:30:c0:06:cc:14:
f2:14:30:89:3f:dc:fc:34:f4:ed:ef:88:94:68:49:
4b:97:f7:ae:c2:a1:d5:fb:d3:a9:95:6d:69:c7:c5:
08:4d:67:87:de:00:19:10:eb:60:92:8f:5d:4f:f9:
ed:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:29:93:DF:CA:AB:09:19:86:6E:7E:70:F6:6F:34:E6:C1:02:8A:F1
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/bimT38qrCRmGbn5w9m805sECivE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
89.150.34.0/23
89.150.41.0/24
89.150.59.0/24
IPv6:
2a0c:db40::/32
Signature Algorithm: sha256WithRSAEncryption
a8:3c:e2:3f:4f:1a:87:d6:a7:06:6d:75:b7:33:30:48:1d:de:
fa:c8:7b:d7:40:ac:a5:53:28:87:44:b9:0e:87:60:1d:32:b2:
40:2b:9e:28:60:05:a5:22:a6:ee:f9:07:f3:92:37:6a:ee:c9:
8a:4f:c3:75:2d:24:a0:b4:3e:e4:07:94:0c:c7:3b:66:24:89:
d1:ac:37:da:0d:c5:29:e9:7c:04:d6:09:41:fd:f2:29:51:0c:
46:98:06:4e:9f:fa:54:fa:70:97:1d:3e:f4:0a:ec:b7:7e:a5:
3b:51:dc:a8:41:5d:c9:83:ee:0f:4d:b4:a5:63:fb:aa:27:8a:
79:79:eb:bf:f5:6a:ff:0a:82:4d:6c:d4:2d:6b:c1:ee:38:eb:
d5:e3:69:a3:31:99:a2:d9:e7:3a:95:0e:fe:ac:ef:ed:c6:34:
e2:75:b3:6c:2c:3f:2a:03:1b:e6:cb:a2:83:a6:a5:2d:71:9c:
78:a3:4f:0e:d9:99:35:70:23:19:b3:ab:56:6b:66:cb:cf:12:
cf:fc:8d:fa:19:c7:4f:15:fd:b6:71:22:2a:69:ca:cd:58:f6:
c2:40:38:1c:bf:a4:69:17:46:7d:02:85:82:d4:e8:08:a4:db:
bc:ac:b1:df:86:e1:75:62:06:41:02:32:ec:46:71:c8:14:8f:
d9:37:aa:46
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZFFt5T6zX16b1TXDGsuFnokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwODEyMDgzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI5OTNkZmNhYWIwOTE5ODY2ZTdlNzBmNjZmMzRlNmMxMDI4YWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswnLjbrOzl3UmbEcNLG9E7qojCqm
B5TtDAl5o0qWJWklu9nHX1DEbwhW4THscy6nJVpjqbaghPJoPTSE47v6WH27eKcr
Qm0SOoypB4/fGtmy9/XjA+DcQ2DcEdSC36UzygtW4Vh+ShUzR7B3YWctJI10KA17
zq4V7+G2R4q7tT3eYPLhE9a2b+7kpW43Coa8Sw4/0ouHUyZ8nvlgvlvYcZpPOhtw
BZQJ2Is8jq8HbRrKXazbO1r7WpddWuEKPHHs+tDrdyz/LREDYywKMMAGzBTyFDCJ
P9z8NPTt74iUaElLl/euwqHV+9OplW1px8UITWeH3gAZEOtgko9dT/ntlQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG4pk9/KqwkZhm5+cPZvNObBAorxMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvYmltVDM4cXJDUm1HYm41dzltODA1c0VDaXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBLQqsAwQB
VPxmAwQBWZYiAwQAWZYpAwQAWZY7MA0EAgACMAcDBQAqDNtAMA0GCSqGSIb3DQEB
CwUAA4IBAQCoPOI/TxqH1qcGbXW3MzBIHd76yHvXQKylUyiHRLkOh2AdMrJAK54o
YAWlIqbu+Qfzkjdq7smKT8N1LSSgtD7kB5QMxztmJInRrDfaDcUp6XwE1glB/fIp
UQxGmAZOn/pU+nCXHT70Cuy3fqU7UdyoQV3Jg+4PTbSlY/uqJ4p5eeu/9Wr/CoJN
bNQta8HuOOvV42mjMZmi2ec6lQ7+rO/txjTidbNsLD8qAxvmy6KDpqUtcZx4o08O
2Zk1cCMZs6tWa2bLzxLP/I36GcdPFf22cSIqacrNWPbCQDgcv6RpF0Z9AoWC1OgI
pNu8rLHfhuF1YgZBAjLsRnHIFI/ZN6pG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:11 2025 by rpki-client