Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/S45tWIW9zOrm8b2SA7KL8MXNWGo.roa
File: S45tWIW9zOrm8b2SA7KL8MXNWGo.roa (raw, json)
Hash identifier: XsrDpXrOp/HDW91mYKeZwfx+tJ2W8fC0Z0AQVGUBV38=
Subject key identifier: 4B:8E:6D:58:85:BD:CC:EA:E6:F1:BD:92:03:B2:8B:F0:C5:CD:58:6A
Certificate issuer: /CN=7b26cfcda397163d835c897adea9071e61c8bc4d
Certificate serial: 018CC348A82DF8791682B84DD98ACE15D4E1
Authority key identifier: 7B:26:CF:CD:A3:97:16:3D:83:5C:89:7A:DE:A9:07:1E:61:C8:BC:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eybPzaOXFj2DXIl63qkHHmHIvE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/S45tWIW9zOrm8b2SA7KL8MXNWGo.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24971
IP address blocks: 185.8.164.0/23 maxlen: 23
185.8.166.0/23 maxlen: 24
37.205.8.0/22 maxlen: 22
37.205.12.0/22 maxlen: 22
2a03:3b40::/40 maxlen: 40
2a03:3b40:100::/40 maxlen: 40
2a03:3b40:200::/39 maxlen: 39
Validation: Failed, certificate revoked on Thu 01 Feb 2024 18:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a8:2d:f8:79:16:82:b8:4d:d9:8a:ce:15:d4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b26cfcda397163d835c897adea9071e61c8bc4d
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b8e6d5885bdcceae6f1bd9203b28bf0c5cd586a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e5:87:49:db:32:b3:1e:a9:7e:be:52:15:82:
8a:96:58:2d:c0:c5:55:37:f3:6e:69:97:f6:c2:88:
62:5d:8f:cb:ac:41:05:58:50:e4:1f:e8:33:cc:8a:
49:12:5b:dd:9a:b7:ba:4f:3f:59:62:4a:1c:f5:0a:
88:85:37:be:fc:d8:ca:65:03:e8:36:08:c1:c4:6b:
75:a5:73:ae:92:72:fc:6f:08:2a:ad:2a:ac:f1:e6:
73:36:ce:61:e7:89:dd:4f:91:fa:8c:3f:dd:d2:19:
d8:ea:8d:07:8a:c1:ca:6c:d2:d3:7a:f3:97:2a:44:
63:36:e2:10:a9:83:45:ea:83:b8:5f:59:ad:b6:01:
90:bd:ab:dc:95:8c:d7:c0:3c:52:c4:11:d9:a5:05:
a0:67:6b:08:4b:25:97:1a:d5:ad:19:c6:58:5b:bb:
e1:2e:54:94:27:e0:85:39:00:45:25:9d:c6:73:5a:
02:5b:25:00:1a:31:94:b7:c6:57:91:2a:c6:14:6f:
df:0a:5a:38:e3:a3:51:69:7d:ae:4d:7e:4d:99:a8:
14:e2:31:fb:73:4c:cb:c5:62:6f:55:ef:ae:c5:45:
e4:eb:fc:12:56:fe:5a:74:fb:97:0b:db:74:65:86:
42:ac:da:1b:b7:1c:13:46:d9:a8:b9:af:7b:95:96:
c2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8E:6D:58:85:BD:CC:EA:E6:F1:BD:92:03:B2:8B:F0:C5:CD:58:6A
X509v3 Authority Key Identifier:
keyid:7B:26:CF:CD:A3:97:16:3D:83:5C:89:7A:DE:A9:07:1E:61:C8:BC:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eybPzaOXFj2DXIl63qkHHmHIvE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/S45tWIW9zOrm8b2SA7KL8MXNWGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/89757a-911a-41b7-bad1-6cd51c84c015/1/eybPzaOXFj2DXIl63qkHHmHIvE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.8.0/21
185.8.164.0/22
IPv6:
2a03:3b40::/38
Signature Algorithm: sha256WithRSAEncryption
12:e6:60:f8:7d:70:23:1a:65:d3:f0:1e:f4:11:b3:fe:f8:9a:
3b:97:a3:fe:3e:78:e8:51:d3:c1:9e:d0:8c:8d:cb:6e:bc:18:
32:af:a8:b2:bf:62:00:76:d1:f5:63:19:43:04:9d:80:f0:50:
05:e2:05:92:90:79:2f:2a:01:9b:c1:27:0b:71:7c:ea:9e:f9:
8f:91:e6:62:be:d4:d6:ec:4a:6a:c6:80:72:63:ed:c1:67:65:
1d:d3:89:c0:8d:c4:5e:9d:10:41:bd:4c:f2:72:5f:60:d9:f0:
f0:9d:f1:87:9a:31:50:23:e0:72:f3:0b:43:f5:29:6e:11:a4:
bf:f0:c2:e0:1c:4a:5b:b9:44:52:bc:24:23:6a:5c:ac:4c:cd:
33:77:57:6e:08:6a:2b:b9:8c:1e:75:c7:5a:28:ae:7b:d2:23:
cc:3e:64:35:22:97:47:eb:54:c7:7a:57:37:be:31:3c:aa:1d:
e6:f5:4d:05:dd:dd:1d:4f:f9:2a:f0:70:03:8b:79:96:b4:2a:
04:8a:50:e7:21:bd:17:ab:61:4d:9c:88:d8:b0:b4:64:32:07:
64:af:10:74:fc:4c:db:57:ce:c6:ee:5c:87:c0:c1:17:40:ec:
bb:af:ef:43:3e:e6:59:ff:67:6d:a4:40:76:31:63:19:a2:af:
dd:5b:8b:2e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDSKgt+HkWgrhN2YrOFdThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMjZjZmNkYTM5NzE2M2Q4MzVjODk3YWRlYTkwNzFlNjFj
OGJjNGQwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjhlNmQ1ODg1YmRjY2VhZTZmMWJkOTIwM2IyOGJmMGM1Y2Q1ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOWHSdsysx6pfr5SFYKKllgtwMVV
N/NuaZf2wohiXY/LrEEFWFDkH+gzzIpJElvdmre6Tz9ZYkoc9QqIhTe+/NjKZQPo
NgjBxGt1pXOuknL8bwgqrSqs8eZzNs5h54ndT5H6jD/d0hnY6o0HisHKbNLTevOX
KkRjNuIQqYNF6oO4X1mttgGQvavclYzXwDxSxBHZpQWgZ2sISyWXGtWtGcZYW7vh
LlSUJ+CFOQBFJZ3Gc1oCWyUAGjGUt8ZXkSrGFG/fClo446NRaX2uTX5NmagU4jH7
c0zLxWJvVe+uxUXk6/wSVv5adPuXC9t0ZYZCrNobtxwTRtmoua97lZbCxQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEuObViFvczq5vG9kgOyi/DFzVhqMB8GA1UdIwQY
MBaAFHsmz82jlxY9g1yJet6pBx5hyLxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXliUHphT1hGajJEWElsNjNxa0hIbUhJdkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84OTc1N2EtOTExYS00MWI3LWJhZDEt
NmNkNTFjODRjMDE1LzEvUzQ1dFdJVzl6T3JtOGIyU0E3S0w4TVhOV0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84OTc1N2EtOTExYS00MWI3LWJhZDEtNmNkNTFjODRjMDE1
LzEvZXliUHphT1hGajJEWElsNjNxa0hIbUhJdkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDJc0IAwQC
uQikMA4EAgACMAgDBgIqAztAADANBgkqhkiG9w0BAQsFAAOCAQEAEuZg+H1wIxpl
0/Ae9BGz/viaO5ej/j546FHTwZ7QjI3LbrwYMq+osr9iAHbR9WMZQwSdgPBQBeIF
kpB5LyoBm8EnC3F86p75j5HmYr7U1uxKasaAcmPtwWdlHdOJwI3EXp0QQb1M8nJf
YNnw8J3xh5oxUCPgcvMLQ/UpbhGkv/DC4BxKW7lEUrwkI2pcrEzNM3dXbghqK7mM
HnXHWiiue9IjzD5kNSKXR+tUx3pXN74xPKod5vVNBd3dHU/5KvBwA4t5lrQqBIpQ
5yG9F6thTZyI2LC0ZDIHZK8QdPxM21fOxu5ch8DBF0Dsu6/vQz7mWf9nbaRAdjFj
GaKv3VuLLg==
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:38:42 2025 by rpki-client