Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/cdgB9JFpJLrB8mhvhkm1ALztUtk.roa
File: cdgB9JFpJLrB8mhvhkm1ALztUtk.roa (raw, json)
Hash identifier: f7HWtbsAl17yhBchMnvAmTTJlee/+afBJJhaY3PuGwI=
Subject key identifier: 71:D8:01:F4:91:69:24:BA:C1:F2:68:6F:86:49:B5:00:BC:ED:52:D9
Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728
Certificate serial: 0193C01FB1A0F76ABE17164D0390321BE6B7
Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/cdgB9JFpJLrB8mhvhkm1ALztUtk.roa
Signing time: Fri 13 Dec 2024 13:05:22 +0000
ROA not before: Fri 13 Dec 2024 13:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51747
IP address blocks: 5.133.192.0/19 maxlen: 20
45.142.64.0/22 maxlen: 24
45.146.48.0/22 maxlen: 24
45.150.72.0/22 maxlen: 24
80.248.224.0/20 maxlen: 20
95.215.168.0/22 maxlen: 24
151.248.0.0/21 maxlen: 21
151.252.24.0/21 maxlen: 21
176.74.192.0/21 maxlen: 21
185.12.148.0/22 maxlen: 22
185.12.248.0/22 maxlen: 22
185.159.184.0/22 maxlen: 24
185.159.192.0/22 maxlen: 24
185.236.40.0/22 maxlen: 24
193.19.80.0/23 maxlen: 24
193.247.74.0/23 maxlen: 24
193.247.126.0/23 maxlen: 24
195.88.110.0/23 maxlen: 24
195.95.184.0/24 maxlen: 24
195.189.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:1f:b1:a0:f7:6a:be:17:16:4d:03:90:32:1b:e6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7844abef711c232c84f83c807a420af3804728
Validity
Not Before: Dec 13 13:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d801f4916924bac1f2686f8649b500bced52d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:32:8a:6e:74:1d:43:74:5a:a5:46:4d:52:
25:bd:9a:4b:dd:d1:52:d1:b8:be:6f:9d:cf:15:4b:
1f:19:87:74:b0:71:3f:8d:c6:c9:f9:ea:7f:8a:62:
e4:bb:b3:cd:79:58:db:cf:3b:11:12:2c:2a:86:fa:
b3:53:e5:06:97:65:c5:8d:98:33:2e:48:f2:a4:2e:
f1:20:2b:a5:a4:74:73:98:10:9a:e5:0a:85:e1:09:
d8:8c:88:1a:c1:77:1c:83:17:49:ba:f7:aa:a6:be:
7b:d2:79:ff:dc:56:81:d2:c8:93:d7:08:d0:5d:51:
f3:e2:e9:d5:75:19:c7:fc:ba:96:05:0e:f9:79:57:
cf:ed:d5:b6:5b:c1:ab:fc:08:e3:87:69:f2:c1:69:
7b:09:03:fa:a1:de:ec:8c:2b:e3:94:1b:21:c4:be:
10:3d:b7:5d:27:3c:03:c0:f1:4d:9c:a4:5e:66:4d:
33:c3:75:9a:38:d4:2f:d4:55:f4:7c:28:46:b7:ea:
3b:4d:d9:72:c9:0d:de:96:16:06:95:87:e3:9d:26:
e2:5c:5c:80:14:c3:a6:68:7f:91:67:1b:f9:5c:56:
72:1a:be:be:b3:c1:1d:a8:b5:a0:58:7d:6f:d9:58:
ac:17:b6:c8:cc:23:37:e6:40:21:57:40:1a:98:1d:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D8:01:F4:91:69:24:BA:C1:F2:68:6F:86:49:B5:00:BC:ED:52:D9
X509v3 Authority Key Identifier:
keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/cdgB9JFpJLrB8mhvhkm1ALztUtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.192.0/19
45.142.64.0/22
45.146.48.0/22
45.150.72.0/22
80.248.224.0/20
95.215.168.0/22
151.248.0.0/21
151.252.24.0/21
176.74.192.0/21
185.12.148.0/22
185.12.248.0/22
185.159.184.0/22
185.159.192.0/22
185.236.40.0/22
193.19.80.0/23
193.247.74.0/23
193.247.126.0/23
195.88.110.0/23
195.95.184.0/24
195.189.112.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:b0:23:ab:85:4d:53:d4:d5:3c:3d:57:3a:58:b6:87:14:4c:
af:f9:07:a4:19:70:04:49:d7:77:a7:4f:05:1e:a5:3b:c2:98:
f1:18:16:83:13:2b:d4:e8:e7:5a:3b:58:f0:3d:1c:a3:ba:d7:
a4:0f:75:14:67:76:5a:bb:d9:5d:28:35:5d:b3:85:e3:b8:d3:
7b:0c:85:ec:ab:6c:ab:9b:4e:68:19:9f:5f:8f:4b:c7:1a:19:
e2:99:0d:01:1e:22:a3:2c:77:e2:d3:26:c8:b6:0a:f5:4f:1b:
80:7a:e7:b8:1e:fd:a8:aa:b0:0c:45:0c:99:38:a3:36:cb:f6:
bc:09:9b:17:6a:b0:ab:79:e6:4d:ba:e6:8f:57:75:e2:0f:74:
a2:b0:66:55:3c:3b:fd:88:93:6a:c6:e0:0a:4a:13:16:41:ae:
ec:41:9a:a1:c1:c2:05:7a:48:6c:31:4e:8d:52:f3:37:3d:88:
b4:35:82:03:75:54:34:5c:52:bd:60:af:2e:9a:b5:23:c8:5b:
79:cb:54:6b:29:0f:d8:36:ba:37:47:04:74:29:9f:e6:ba:f8:
f3:f2:b2:8d:7c:84:b2:18:1e:c7:c4:5c:c3:3e:31:c5:2a:6b:
ab:2e:27:22:50:ae:7f:22:47:78:20:73:c5:71:63:3d:af:69:
f3:91:c0:32
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZPAH7Gg92q+FxZNA5AyG+a3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4
MDQ3MjgwHhcNMjQxMjEzMTMwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ4MDFmNDkxNjkyNGJhYzFmMjY4NmY4NjQ5YjUwMGJjZWQ1MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4yim50HUN0WqVGTVIlvZpL3dFS
0bi+b53PFUsfGYd0sHE/jcbJ+ep/imLku7PNeVjbzzsREiwqhvqzU+UGl2XFjZgz
LkjypC7xICulpHRzmBCa5QqF4QnYjIgawXccgxdJuveqpr570nn/3FaB0siT1wjQ
XVHz4unVdRnH/LqWBQ75eVfP7dW2W8Gr/Ajjh2nywWl7CQP6od7sjCvjlBshxL4Q
PbddJzwDwPFNnKReZk0zw3WaONQv1FX0fChGt+o7TdlyyQ3elhYGlYfjnSbiXFyA
FMOmaH+RZxv5XFZyGr6+s8EdqLWgWH1v2VisF7bIzCM35kAhV0AamB3CgwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHHYAfSRaSS6wfJob4ZJtQC87VLZMB8GA1UdIwQY
MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt
ZGFiNmI4M2NmN2VjLzEvY2RnQjlKRnBKTHJCOG1odmhrbTFBTHp0VXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj
LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQFBYXA
AwQCLY5AAwQCLZIwAwQCLZZIAwQEUPjgAwQCX9eoAwQDl/gAAwQDl/wYAwQDsErA
AwQCuQyUAwQCuQz4AwQCuZ+4AwQCuZ/AAwQCuewoAwQBwRNQAwQBwfdKAwQBwfd+
AwQBw1huAwQAw1+4AwQCw71wMA0GCSqGSIb3DQEBCwUAA4IBAQCmsCOrhU1T1NU8
PVc6WLaHFEyv+QekGXAESdd3p08FHqU7wpjxGBaDEyvU6OdaO1jwPRyjutekD3UU
Z3Zau9ldKDVds4XjuNN7DIXsq2yrm05oGZ9fj0vHGhnimQ0BHiKjLHfi0ybItgr1
TxuAeue4Hv2oqrAMRQyZOKM2y/a8CZsXarCreeZNuuaPV3XiD3SisGZVPDv9iJNq
xuAKShMWQa7sQZqhwcIFekhsMU6NUvM3PYi0NYIDdVQ0XFK9YK8umrUjyFt5y1Rr
KQ/YNro3RwR0KZ/muvjz8rKNfISyGB7HxFzDPjHFKmurLiciUK5/Ikd4IHPFcWM9
r2nzkcAy
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:30 2025 by rpki-client