Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/gL7sW1fE98JxWUbEULsIgApOo-c.roa
File: gL7sW1fE98JxWUbEULsIgApOo-c.roa (raw, json)
Hash identifier: uWIO+hssnPWRCuhmzGDJg4R+YbLF4eDlIDstrbkntek=
Subject key identifier: 80:BE:EC:5B:57:C4:F7:C2:71:59:46:C4:50:BB:08:80:0A:4E:A3:E7
Certificate issuer: /CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
Certificate serial: 0193D44C2DF6CE281C89A0F31FB8BF52B064
Authority key identifier: FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/gL7sW1fE98JxWUbEULsIgApOo-c.roa
Signing time: Tue 17 Dec 2024 11:06:22 +0000
ROA not before: Tue 17 Dec 2024 11:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60631
IP address blocks: 45.149.76.0/24 maxlen: 24
45.149.77.0/24 maxlen: 24
45.149.78.0/24 maxlen: 24
45.149.79.0/24 maxlen: 24
158.255.74.0/24 maxlen: 24
171.22.24.0/24 maxlen: 24
171.22.25.0/24 maxlen: 24
171.22.26.0/24 maxlen: 24
171.22.27.0/24 maxlen: 24
176.97.218.0/24 maxlen: 24
178.211.145.0/24 maxlen: 24
212.23.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 06:43:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:4c:2d:f6:ce:28:1c:89:a0:f3:1f:b8:bf:52:b0:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd8eff201218a5a823cbe85336853e3db4dd16eb
Validity
Not Before: Dec 17 11:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80beec5b57c4f7c2715946c450bb08800a4ea3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:51:86:dc:ab:8e:82:e2:cb:83:8a:71:3d:
58:4c:1f:77:46:34:6f:65:9d:b0:9f:f7:63:74:48:
65:e2:82:75:6f:76:1b:be:71:e5:49:4a:5b:ec:70:
92:0b:cd:ae:54:0d:42:94:1b:78:53:a9:64:7c:65:
f1:bd:40:c4:e1:bf:de:14:47:8d:69:ba:30:80:e5:
b1:ae:57:24:e8:1b:c3:ef:49:fe:dc:c3:09:5e:a0:
36:02:20:f2:37:7a:42:6b:77:19:af:56:05:57:1b:
12:d0:5a:ff:89:dd:d2:0b:2b:ad:88:25:67:15:53:
1d:76:f0:14:53:4d:29:fb:e4:24:54:5d:80:0c:57:
17:98:e2:b5:f4:9c:c2:af:ad:70:0c:74:6d:cc:ab:
6d:e0:b8:b5:23:b2:ef:97:9a:59:ba:41:9e:fb:56:
57:b8:ee:ee:84:92:69:f7:ba:bd:ac:e8:b7:e8:36:
69:d3:6e:a3:3c:79:d7:bd:d6:b3:3b:65:f5:76:cb:
0d:14:65:53:85:f4:60:6a:c4:ce:b6:e1:80:5c:f2:
e5:27:dc:fd:52:f3:5b:e6:47:c2:f6:38:2d:cd:12:
8b:a1:88:0a:df:16:f2:6a:37:85:64:30:00:bb:91:
67:e0:4e:e5:a1:db:9d:4e:7f:05:91:99:e6:8a:1c:
c9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BE:EC:5B:57:C4:F7:C2:71:59:46:C4:50:BB:08:80:0A:4E:A3:E7
X509v3 Authority Key Identifier:
keyid:FD:8E:FF:20:12:18:A5:A8:23:CB:E8:53:36:85:3E:3D:B4:DD:16:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Y7_IBIYpagjy-hTNoU-PbTdFus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/gL7sW1fE98JxWUbEULsIgApOo-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/99fd41-7ed8-4b25-8d56-c7ac26bcc2da/1/_Y7_IBIYpagjy-hTNoU-PbTdFus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.76.0/22
158.255.74.0/24
171.22.24.0/22
176.97.218.0/24
178.211.145.0/24
212.23.201.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ce:16:ca:a8:70:ef:e6:33:5a:64:44:e8:e4:5d:48:eb:3f:
80:4d:0a:a6:aa:fd:39:43:d8:e5:fb:b5:62:8e:c1:55:3e:7b:
cf:a5:fd:f7:8b:d9:4e:13:49:e2:93:cc:db:c3:db:91:fb:71:
1e:97:a4:a2:63:be:83:f7:0a:11:90:53:1b:de:58:44:8e:75:
fe:3b:36:5c:93:f0:d8:85:2d:81:07:0e:70:ad:90:8f:47:18:
ae:9c:02:e9:5e:fd:40:81:4a:28:1d:f3:3f:5c:1f:d7:0a:2e:
c5:2e:f8:2f:67:f6:a6:70:38:82:b2:ad:e6:b2:80:3c:be:f8:
2b:3c:8d:be:8b:5d:93:49:65:1e:26:c4:29:4e:21:9c:ec:a5:
42:c6:c1:f1:58:c8:f8:ce:78:00:7e:a6:f4:c2:96:e7:47:2c:
ce:48:33:70:a0:fa:44:ec:29:ce:11:96:c7:f7:18:dd:20:ee:
8a:c6:d9:95:46:fb:2e:80:b7:94:a9:7e:f2:a6:c8:52:81:bd:
c1:ed:e4:0b:1e:3b:c5:df:f5:33:04:81:04:14:61:a6:94:8d:
c9:35:ad:11:d0:4f:8f:7d:b7:c0:25:c6:7d:39:a0:1c:1e:e7:
70:05:d6:63:c8:a5:27:87:53:e1:3f:ed:6e:8a:01:dd:bd:26:
0b:33:a8:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPUTC32zigciaDzH7i/UrBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOGVmZjIwMTIxOGE1YTgyM2NiZTg1MzM2ODUzZTNkYjRk
ZDE2ZWIwHhcNMjQxMjE3MTEwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJlZWM1YjU3YzRmN2MyNzE1OTQ2YzQ1MGJiMDg4MDBhNGVhM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbdRhtyrjoLiy4OKcT1YTB93RjRv
ZZ2wn/djdEhl4oJ1b3YbvnHlSUpb7HCSC82uVA1ClBt4U6lkfGXxvUDE4b/eFEeN
abowgOWxrlck6BvD70n+3MMJXqA2AiDyN3pCa3cZr1YFVxsS0Fr/id3SCyutiCVn
FVMddvAUU00p++QkVF2ADFcXmOK19JzCr61wDHRtzKtt4Li1I7Lvl5pZukGe+1ZX
uO7uhJJp97q9rOi36DZp026jPHnXvdazO2X1dssNFGVThfRgasTOtuGAXPLlJ9z9
UvNb5kfC9jgtzRKLoYgK3xbyajeFZDAAu5Fn4E7lodudTn8FkZnmihzJ5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIC+7FtXxPfCcVlGxFC7CIAKTqPnMB8GA1UdIwQY
MBaAFP2O/yASGKWoI8voUzaFPj203RbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYt
YzdhYzI2YmNjMmRhLzEvZ0w3c1cxZkU5OEp4V1ViRVVMc0lnQXBPby1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85OWZkNDEtN2VkOC00YjI1LThkNTYtYzdhYzI2YmNjMmRh
LzEvX1k3X0lCSVlwYWdqeS1oVE5vVS1QYlRkRnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZVMAwQA
nv9KAwQCqxYYAwQAsGHaAwQAstORAwQA1BfJMA0GCSqGSIb3DQEBCwUAA4IBAQAj
zhbKqHDv5jNaZETo5F1I6z+ATQqmqv05Q9jl+7VijsFVPnvPpf33i9lOE0nik8zb
w9uR+3Eel6SiY76D9woRkFMb3lhEjnX+OzZck/DYhS2BBw5wrZCPRxiunALpXv1A
gUooHfM/XB/XCi7FLvgvZ/amcDiCsq3msoA8vvgrPI2+i12TSWUeJsQpTiGc7KVC
xsHxWMj4zngAfqb0wpbnRyzOSDNwoPpE7CnOEZbH9xjdIO6KxtmVRvsugLeUqX7y
pshSgb3B7eQLHjvF3/UzBIEEFGGmlI3JNa0R0E+PfbfAJcZ9OaAcHudwBdZjyKUn
h1PhP+1uigHdvSYLM6gc
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:36:48 2025 by rpki-client