Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/B89uxnxV9Zuum0RJZQOXldthb7A.roa
File: B89uxnxV9Zuum0RJZQOXldthb7A.roa (raw, json)
Hash identifier: LNAIilH3mJSx+Z2mHhpMV8gEoiw4amNNr3E/BBQvkmI=
Subject key identifier: 07:CF:6E:C6:7C:55:F5:9B:AE:9B:44:49:65:03:97:95:DB:61:6F:B0
Certificate issuer: /CN=30a55632ec9034c9b9a3f290aaecd9a07c1f26ab
Certificate serial: 01938D18C15B4DC9A9B5D793B6D9DCA0C611
Authority key identifier: 30:A5:56:32:EC:90:34:C9:B9:A3:F2:90:AA:EC:D9:A0:7C:1F:26:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKVWMuyQNMm5o_KQquzZoHwfJqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/B89uxnxV9Zuum0RJZQOXldthb7A.roa
Signing time: Tue 03 Dec 2024 15:17:10 +0000
ROA not before: Tue 03 Dec 2024 15:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199508
IP address blocks: 45.8.128.0/22 maxlen: 22
62.220.252.0/22 maxlen: 22
85.194.236.0/23 maxlen: 23
89.41.48.0/24 maxlen: 24
89.42.43.0/24 maxlen: 24
185.11.208.0/22 maxlen: 22
185.195.149.0/24 maxlen: 24
185.195.150.0/23 maxlen: 23
195.192.250.0/23 maxlen: 23
2a03:6f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Dec 2024 09:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:18:c1:5b:4d:c9:a9:b5:d7:93:b6:d9:dc:a0:c6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30a55632ec9034c9b9a3f290aaecd9a07c1f26ab
Validity
Not Before: Dec 3 15:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07cf6ec67c55f59bae9b444965039795db616fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cb:8e:a5:dc:90:f0:9f:d3:7d:a8:ce:52:f5:
11:0f:38:c3:d3:46:20:d7:fe:a3:79:5e:c2:87:8b:
56:79:89:94:ea:34:6b:cb:43:22:e2:36:cc:8a:59:
86:67:9d:82:3e:33:af:d5:a2:ac:87:20:05:3d:08:
e6:07:2d:5e:a8:1f:5c:62:53:4e:b2:49:aa:be:74:
18:e3:be:9a:de:b7:09:8e:86:ea:96:83:96:1a:5a:
7c:cb:8d:bb:27:49:9d:a5:ae:66:d7:73:3a:cf:58:
38:7a:c2:fa:35:9c:7d:80:7c:ce:27:ae:c0:eb:1e:
10:61:f5:c0:93:9a:b4:3d:4f:6b:46:09:2f:8c:2a:
bf:74:d6:b4:72:44:cc:8b:9a:47:dd:04:f9:14:2d:
2e:1b:71:f6:5f:00:ca:99:8a:28:2f:96:76:ef:f7:
ea:5a:fe:c9:9e:52:b3:95:ff:c6:a7:de:19:90:c5:
fe:c2:14:47:1f:d3:6d:66:44:ca:f4:33:4f:08:52:
ed:17:cb:88:61:60:04:7d:25:4b:d0:e4:9a:da:fe:
db:ef:3c:20:8e:14:49:28:da:7f:9a:fe:de:fa:61:
25:06:fc:95:3d:97:5a:98:3e:26:40:b3:95:de:51:
d2:fa:f7:3e:70:b8:2a:62:b6:58:49:ed:84:65:fe:
aa:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:CF:6E:C6:7C:55:F5:9B:AE:9B:44:49:65:03:97:95:DB:61:6F:B0
X509v3 Authority Key Identifier:
keyid:30:A5:56:32:EC:90:34:C9:B9:A3:F2:90:AA:EC:D9:A0:7C:1F:26:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKVWMuyQNMm5o_KQquzZoHwfJqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/B89uxnxV9Zuum0RJZQOXldthb7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/MKVWMuyQNMm5o_KQquzZoHwfJqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.128.0/22
62.220.252.0/22
85.194.236.0/23
89.41.48.0/24
89.42.43.0/24
185.11.208.0/22
185.195.149.0-185.195.151.255
195.192.250.0/23
IPv6:
2a03:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
17:02:15:14:f1:93:48:05:fa:66:a6:bf:23:11:5d:1d:3b:bb:
1e:0f:ee:f6:e6:a6:2d:ed:e1:1d:68:d7:ed:f0:11:65:7e:88:
3f:30:59:c8:68:a5:23:b9:a8:7d:58:00:c9:37:3e:19:f5:b8:
44:9d:94:12:db:c0:d4:1c:26:fc:a8:32:30:8e:fa:3c:1e:af:
0d:bd:7d:82:e7:38:1e:a1:c2:bb:42:8c:0c:da:39:7c:bf:15:
90:38:03:92:dc:3e:c0:02:1e:8b:d1:2c:a3:f3:70:68:be:e5:
cb:4f:3c:5f:22:4e:6c:7a:42:1e:12:44:9a:96:3a:a2:f4:51:
2d:44:a0:49:7d:50:62:d5:8d:1c:99:16:9f:05:6c:e1:4c:6c:
24:98:2b:a2:e8:16:96:08:78:63:e1:5b:3d:da:11:ce:ae:18:
ab:bb:af:3c:42:db:21:0a:77:fa:a4:71:4a:fe:c8:fd:8f:5b:
4d:bb:57:7d:23:ed:98:0d:58:32:47:ec:7b:05:40:c3:c5:d0:
fd:41:ac:95:a9:ca:cb:a5:24:87:40:9f:a0:5f:06:e7:a8:0c:
aa:f8:b6:14:2a:99:79:38:53:a8:3c:64:8c:f8:46:37:68:45:
1a:84:07:57:a7:f5:cc:4f:c7:5a:27:92:ef:02:af:4f:08:ef:
38:51:18:85
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZONGMFbTcmptdeTttncoMYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTU1NjMyZWM5MDM0YzliOWEzZjI5MGFhZWNkOWEwN2Mx
ZjI2YWIwHhcNMjQxMjAzMTUxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2NmNmVjNjdjNTVmNTliYWU5YjQ0NDk2NTAzOTc5NWRiNjE2ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8uOpdyQ8J/TfajOUvURDzjD00Yg
1/6jeV7Ch4tWeYmU6jRry0Mi4jbMilmGZ52CPjOv1aKshyAFPQjmBy1eqB9cYlNO
skmqvnQY476a3rcJjobqloOWGlp8y427J0mdpa5m13M6z1g4esL6NZx9gHzOJ67A
6x4QYfXAk5q0PU9rRgkvjCq/dNa0ckTMi5pH3QT5FC0uG3H2XwDKmYooL5Z27/fq
Wv7JnlKzlf/Gp94ZkMX+whRHH9NtZkTK9DNPCFLtF8uIYWAEfSVL0OSa2v7b7zwg
jhRJKNp/mv7e+mElBvyVPZdamD4mQLOV3lHS+vc+cLgqYrZYSe2EZf6qyQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAfPbsZ8VfWbrptESWUDl5XbYW+wMB8GA1UdIwQY
MBaAFDClVjLskDTJuaPykKrs2aB8HyarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtWV011eVFOTW01b19LUXF1elpvSHdmSnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NTAwMjQtODRlZS00NGM4LWIyZDkt
N2QyMGViMDYzNDU1LzEvQjg5dXhueFY5WnV1bTBSSlpRT1hsZHRoYjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NTAwMjQtODRlZS00NGM4LWIyZDktN2QyMGViMDYzNDU1
LzEvTUtWV011eVFOTW01b19LUXF1elpvSHdmSnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQCLQiAAwQC
Ptz8AwQBVcLsAwQAWSkwAwQAWSorAwQCuQvQMAwDBAC5w5UDBAO5w5ADBAHDwPow
DQQCAAIwBwMFACoDb0AwDQYJKoZIhvcNAQELBQADggEBABcCFRTxk0gF+mamvyMR
XR07ux4P7vbmpi3t4R1o1+3wEWV+iD8wWchopSO5qH1YAMk3Phn1uESdlBLbwNQc
JvyoMjCO+jwerw29fYLnOB6hwrtCjAzaOXy/FZA4A5LcPsACHovRLKPzcGi+5ctP
PF8iTmx6Qh4SRJqWOqL0US1EoEl9UGLVjRyZFp8FbOFMbCSYK6LoFpYIeGPhWz3a
Ec6uGKu7rzxC2yEKd/qkcUr+yP2PW027V30j7ZgNWDJH7HsFQMPF0P1BrJWpysul
JIdAn6BfBueoDKr4thQqmXk4U6g8ZIz4RjdoRRqEB1en9cxPx1onku8Cr08I7zhR
GIU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:14:49 2025 by rpki-client