Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/aIxoRdMF39dj4RsAyLgTR6A3aic.roa
File: aIxoRdMF39dj4RsAyLgTR6A3aic.roa (raw, json)
Hash identifier: a7MLTzCbW24kRq9cfIkb94MF7KpXkkHbIuAMblJfY4A=
Subject key identifier: 68:8C:68:45:D3:05:DF:D7:63:E1:1B:00:C8:B8:13:47:A0:37:6A:27
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 0194091D8C7DF4187E0EE34A92851758D6D6
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/aIxoRdMF39dj4RsAyLgTR6A3aic.roa
Signing time: Fri 27 Dec 2024 17:15:18 +0000
ROA not before: Fri 27 Dec 2024 17:15:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48305
IP address blocks: 45.148.0.0/22 maxlen: 22
91.242.128.0/22 maxlen: 24
91.242.128.0/24 maxlen: 24
91.242.130.0/23 maxlen: 23
91.242.132.0/22 maxlen: 24
91.242.133.0/24 maxlen: 24
185.86.184.0/22 maxlen: 22
2a03:77e0:3301::/48 maxlen: 48
2a03:77e0:3302::/48 maxlen: 48
2a03:77e0:4401::/48 maxlen: 48
2a03:77e0:5301::/48 maxlen: 48
2a0f:4400::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:1d:8c:7d:f4:18:7e:0e:e3:4a:92:85:17:58:d6:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Dec 27 17:15:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=688c6845d305dfd763e11b00c8b81347a0376a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:0e:c9:7a:cd:93:a6:ee:04:55:3e:1b:d6:
0a:cc:8f:94:45:28:a4:d6:93:f7:3d:9b:d1:9a:39:
3a:8f:83:b6:d5:f6:a5:9c:56:cc:7b:4a:6c:22:d9:
35:e2:1c:c2:56:52:57:82:9a:f7:39:82:10:b6:60:
87:ed:2b:f8:a4:24:ba:88:88:ee:04:25:1b:6b:ff:
cf:53:74:0e:ac:12:a9:dc:1e:a3:d0:48:d4:86:1f:
29:dc:5f:b2:ee:42:44:50:03:24:58:b9:48:4b:0a:
70:75:13:a5:8d:73:aa:88:42:06:3e:b1:7a:f8:ea:
43:6d:5d:ff:a8:ea:35:30:f5:6c:98:8d:0f:b2:d8:
1d:01:a8:f3:62:e5:17:85:13:d9:00:e2:48:33:b5:
96:39:54:a8:5d:18:2e:12:02:22:68:25:da:66:2f:
28:32:2f:23:40:5c:d0:7d:53:4f:d2:0c:62:22:6f:
c3:24:46:9d:9f:83:e9:54:ce:b3:a8:7b:c6:2d:e4:
39:2e:db:ff:1e:0f:8e:98:cb:bd:5a:49:24:7e:75:
c6:89:2c:48:dc:27:0f:d0:3b:26:4b:36:56:b1:7a:
91:4a:0d:0d:64:eb:9a:77:0e:60:58:13:8e:ca:aa:
07:f9:f4:61:d9:06:31:85:ab:77:84:06:4b:3e:d2:
c8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8C:68:45:D3:05:DF:D7:63:E1:1B:00:C8:B8:13:47:A0:37:6A:27
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/aIxoRdMF39dj4RsAyLgTR6A3aic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.0.0/22
91.242.128.0/21
185.86.184.0/22
IPv6:
2a03:77e0:3301::-2a03:77e0:3302:ffff:ffff:ffff:ffff:ffff
2a03:77e0:4401::/48
2a03:77e0:5301::/48
2a0f:4400::/29
Signature Algorithm: sha256WithRSAEncryption
d4:0f:f0:3f:2d:88:ff:e2:36:a7:be:dc:74:4c:18:96:a2:3c:
64:8e:17:84:c7:da:2f:6b:da:34:f6:e8:0d:e4:f0:5a:c6:5d:
8a:87:49:ec:b1:08:3e:a1:e8:64:63:c3:79:2b:64:fa:75:1a:
ad:57:b2:5f:fa:f4:f8:3a:93:85:38:48:34:26:b4:50:44:3e:
63:ed:09:09:24:83:0e:41:d6:8b:bd:f4:08:ef:67:e0:5c:66:
d9:f0:2f:18:cf:c1:e2:94:55:07:fc:89:02:0e:31:0a:86:3e:
b0:1e:f3:4c:ed:13:76:7b:08:bb:1f:e4:a2:31:a3:b0:b2:00:
c9:d6:57:da:74:f9:70:20:d6:d5:11:b9:6c:20:3d:47:20:35:
33:04:a0:df:eb:dc:a1:36:a7:05:e1:a8:10:bf:cd:15:97:be:
7d:79:72:65:61:ad:f1:ba:1d:86:1c:b4:d0:cb:6c:5b:8a:d3:
d2:3e:eb:51:6b:e5:1e:9c:ee:ff:17:07:b2:df:8f:fa:b8:83:
58:52:c4:8e:ed:b2:fd:75:d4:89:23:b6:32:8d:a2:2d:90:00:
09:4b:8b:22:b4:ed:8e:94:a4:e0:a6:e9:70:01:84:61:22:4f:
02:6e:56:7a:de:ca:2a:ee:b3:66:54:22:24:07:14:71:fb:63:
fe:03:e8:63
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQJHYx99Bh+DuNKkoUXWNbWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjQxMjI3MTcxNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODhjNjg0NWQzMDVkZmQ3NjNlMTFiMDBjOGI4MTM0N2EwMzc2YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOkOyXrNk6buBFU+G9YKzI+URSik
1pP3PZvRmjk6j4O21falnFbMe0psItk14hzCVlJXgpr3OYIQtmCH7Sv4pCS6iIju
BCUba//PU3QOrBKp3B6j0EjUhh8p3F+y7kJEUAMkWLlISwpwdROljXOqiEIGPrF6
+OpDbV3/qOo1MPVsmI0PstgdAajzYuUXhRPZAOJIM7WWOVSoXRguEgIiaCXaZi8o
Mi8jQFzQfVNP0gxiIm/DJEadn4PpVM6zqHvGLeQ5Ltv/Hg+OmMu9WkkkfnXGiSxI
3CcP0DsmSzZWsXqRSg0NZOuadw5gWBOOyqoH+fRh2QYxhat3hAZLPtLIuwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGiMaEXTBd/XY+EbAMi4E0egN2onMB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvYUl4b1JkTUYzOWRqNFJzQXlMZ1RSNkEzYWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQCLZQAAwQD
W/KAAwQCuVa4MDMEAgACMC0wEgMHACoDd+AzAQMHACoDd+AzAgMHACoDd+BEAQMH
ACoDd+BTAQMFAyoPRAAwDQYJKoZIhvcNAQELBQADggEBANQP8D8tiP/iNqe+3HRM
GJaiPGSOF4TH2i9r2jT26A3k8FrGXYqHSeyxCD6h6GRjw3krZPp1Gq1Xsl/69Pg6
k4U4SDQmtFBEPmPtCQkkgw5B1ou99AjvZ+BcZtnwLxjPweKUVQf8iQIOMQqGPrAe
80ztE3Z7CLsf5KIxo7CyAMnWV9p0+XAg1tURuWwgPUcgNTMEoN/r3KE2pwXhqBC/
zRWXvn15cmVhrfG6HYYctNDLbFuK09I+61Fr5R6c7v8XB7Lfj/q4g1hSxI7tsv11
1IkjtjKNoi2QAAlLiyK07Y6UpOCm6XABhGEiTwJuVnreyirus2ZUIiQHFHH7Y/4D
6GM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:34 2025 by rpki-client