Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/cLEKj8GM0acRn7Cs8v580FPbBBs.roa
File: cLEKj8GM0acRn7Cs8v580FPbBBs.roa (raw, json)
Hash identifier: wo0XTDsRYRsl1PGcvpAOP0n7UmXDd0OQihwCBpXGJ9c=
Subject key identifier: 70:B1:0A:8F:C1:8C:D1:A7:11:9F:B0:AC:F2:FE:7C:D0:53:DB:04:1B
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 01946993E09BB6390F5BCBDEA9B3E40C65A7
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/cLEKj8GM0acRn7Cs8v580FPbBBs.roa
Signing time: Wed 15 Jan 2025 10:48:06 +0000
ROA not before: Wed 15 Jan 2025 10:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212552
IP address blocks: 146.19.130.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.221.237.0/24 maxlen: 24
185.231.59.0/24 maxlen: 24
193.163.201.0/24 maxlen: 24
2a14:7981::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 06 Apr 2025 10:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:93:e0:9b:b6:39:0f:5b:cb:de:a9:b3:e4:0c:65:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: Jan 15 10:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70b10a8fc18cd1a7119fb0acf2fe7cd053db041b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:2a:65:96:42:fd:a3:56:0b:1c:f2:35:43:
a3:c9:fa:26:3d:1a:78:a5:0f:04:d1:05:27:df:12:
2e:18:8a:36:b1:8a:1e:d9:cf:bb:b2:7c:ff:42:08:
cf:d9:d0:17:ed:57:4a:f0:6d:a5:0f:27:f3:41:a0:
fa:8f:79:bb:5e:42:f5:02:76:79:a3:fc:13:5b:50:
df:4d:bf:1a:c4:ad:c6:07:f8:25:e5:76:71:1b:80:
f8:b2:4d:eb:7a:75:fa:80:e9:3a:99:99:5e:2c:ef:
c7:98:c9:c4:1e:01:fa:b3:bc:4d:7e:d0:49:c3:2b:
6e:60:9c:c3:19:28:b7:ae:39:8c:12:48:77:b3:34:
9e:73:24:23:78:6d:f6:8d:20:f3:3b:3d:ab:96:aa:
1a:db:f8:3e:5b:5a:3c:49:ae:44:84:2c:17:e6:48:
7c:4f:13:d1:e7:09:31:51:9c:9f:0a:75:94:96:bc:
33:be:09:28:04:7d:e9:b5:9c:6c:b1:87:26:48:68:
59:0f:bf:bc:03:70:a0:10:47:82:94:e0:1d:0f:7d:
87:1f:07:7b:c4:dd:5a:95:4c:2f:83:7e:25:51:f2:
db:65:d8:85:f5:9d:3d:3b:5e:aa:f8:bd:32:c3:8a:
50:e5:92:69:a5:6b:69:8a:4c:25:cb:cf:70:87:af:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B1:0A:8F:C1:8C:D1:A7:11:9F:B0:AC:F2:FE:7C:D0:53:DB:04:1B
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/cLEKj8GM0acRn7Cs8v580FPbBBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.130.0/24
185.110.191.0/24
185.221.237.0/24
185.231.59.0/24
193.163.201.0/24
IPv6:
2a14:7981::/32
Signature Algorithm: sha256WithRSAEncryption
81:a8:f5:58:b7:c3:d2:1b:fb:9a:db:ea:4b:25:fc:0a:b5:b8:
92:1a:78:bc:11:ce:b4:b0:f9:7a:b3:89:6c:48:46:b0:cf:94:
86:48:26:8f:5e:55:f9:5e:de:68:f5:40:10:2e:7c:40:40:44:
9b:87:36:f4:de:10:1d:46:9f:00:d3:a2:82:f6:00:18:8c:e1:
c2:3d:e1:c1:35:74:74:1d:48:aa:2d:92:b0:54:4b:44:55:f4:
24:2c:c2:5a:c3:92:74:51:e4:9d:7e:5f:d3:85:0a:9b:af:ee:
0b:6e:88:d5:31:7f:c0:18:8b:f1:7f:ac:e4:2d:93:7f:3f:4b:
4d:08:50:6e:79:ad:bd:13:6a:36:b4:08:92:f6:3e:ab:e4:0d:
6d:6c:2a:1b:51:e1:c2:4b:80:bc:20:05:df:41:89:c8:8a:40:
72:21:d3:de:57:c4:bd:e2:3c:e1:9a:11:16:7b:21:32:98:1a:
cc:9f:bc:e4:54:9b:0b:5a:db:19:7e:7b:47:ed:5b:65:f6:c1:
fe:47:26:b6:e9:91:67:47:50:d8:05:bc:b7:08:b6:94:22:00:
90:2d:68:03:4a:87:e1:a0:c7:77:38:f9:76:a8:fa:e1:76:80:
da:2f:ec:a4:77:88:ce:00:dd:11:0a:5b:a0:23:26:40:18:7a:
bf:1c:6a:c1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZRpk+CbtjkPW8veqbPkDGWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjUwMTE1MTA0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIxMGE4ZmMxOGNkMWE3MTE5ZmIwYWNmMmZlN2NkMDUzZGIwNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8IqZZZC/aNWCxzyNUOjyfomPRp4
pQ8E0QUn3xIuGIo2sYoe2c+7snz/QgjP2dAX7VdK8G2lDyfzQaD6j3m7XkL1AnZ5
o/wTW1DfTb8axK3GB/gl5XZxG4D4sk3renX6gOk6mZleLO/HmMnEHgH6s7xNftBJ
wytuYJzDGSi3rjmMEkh3szSecyQjeG32jSDzOz2rlqoa2/g+W1o8Sa5EhCwX5kh8
TxPR5wkxUZyfCnWUlrwzvgkoBH3ptZxssYcmSGhZD7+8A3CgEEeClOAdD32HHwd7
xN1alUwvg34lUfLbZdiF9Z09O16q+L0yw4pQ5ZJppWtpikwly89wh6/BZQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHCxCo/BjNGnEZ+wrPL+fNBT2wQbMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvY0xFS2o4R00wYWNSbjdDczh2NTgwRlBiQkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAkhOCAwQA
uW6/AwQAud3tAwQAuec7AwQAwaPJMA0EAgACMAcDBQAqFHmBMA0GCSqGSIb3DQEB
CwUAA4IBAQCBqPVYt8PSG/ua2+pLJfwKtbiSGni8Ec60sPl6s4lsSEawz5SGSCaP
XlX5Xt5o9UAQLnxAQESbhzb03hAdRp8A06KC9gAYjOHCPeHBNXR0HUiqLZKwVEtE
VfQkLMJaw5J0UeSdfl/ThQqbr+4LbojVMX/AGIvxf6zkLZN/P0tNCFBuea29E2o2
tAiS9j6r5A1tbCobUeHCS4C8IAXfQYnIikByIdPeV8S94jzhmhEWeyEymBrMn7zk
VJsLWtsZfntH7Vtl9sH+Rya26ZFnR1DYBby3CLaUIgCQLWgDSofhoMd3OPl2qPrh
doDaL+ykd4jOAN0RClugIyZAGHq/HGrB
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:53:57 2025 by rpki-client