Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/a4HTWTTcxAiUab7fE4n4LX1wAl0.roa
File: a4HTWTTcxAiUab7fE4n4LX1wAl0.roa (raw, json)
Hash identifier: xnWX8xVd4y0udnFX0qVT+8HvRdZolPxeI270uZZivAw=
Subject key identifier: 6B:81:D3:59:34:DC:C4:08:94:69:BE:DF:13:89:F8:2D:7D:70:02:5D
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018CC3B6C7175E17EC451EBCE9193F9281C0
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/a4HTWTTcxAiUab7fE4n4LX1wAl0.roa
Signing time: Mon 01 Jan 2024 06:29:44 +0000
ROA not before: Mon 01 Jan 2024 06:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 188.119.121.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c7:17:5e:17:ec:45:1e:bc:e9:19:3f:92:81:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 06:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b81d35934dcc4089469bedf1389f82d7d70025d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:da:18:35:b5:69:45:f8:7b:3c:31:4b:f6:50:
5e:9a:e4:22:f1:36:0b:72:fa:c8:51:60:ad:d6:c7:
66:74:cf:6d:6d:58:27:20:b1:a3:00:32:9f:bd:35:
d4:90:d0:eb:0a:36:41:88:c4:ed:c4:ed:74:1b:34:
fe:d0:10:a2:4b:78:6f:53:8f:65:c0:77:1a:37:ca:
63:2b:84:8d:d9:6b:a5:0c:e1:0d:3b:8d:8e:f9:bb:
53:37:8f:d9:c9:c2:48:5d:f2:a2:f4:6f:b5:b9:57:
ce:4a:cb:21:42:e8:0c:a1:bc:2a:60:73:12:f8:88:
4b:c5:40:11:62:2f:ee:a9:ec:35:27:ce:93:b3:fb:
b9:90:7e:dd:64:7c:78:dd:97:cb:07:99:b5:75:bd:
74:f8:bf:a6:54:bb:1f:e3:7f:06:52:a1:48:63:68:
ef:23:bc:a4:72:de:2a:71:14:0d:74:13:57:3b:66:
13:2a:09:54:e6:bf:6a:42:94:ed:75:99:f3:95:bf:
03:c5:6f:87:7a:ab:ec:d1:7c:0e:b7:56:63:a6:8b:
c8:ee:50:c8:ab:94:e7:90:c4:30:e8:71:78:23:7e:
e7:ef:87:54:53:37:01:31:87:fb:c9:d7:d7:4e:52:
6a:f7:cc:d9:2a:02:e9:0b:b2:96:32:32:4f:92:a1:
28:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:81:D3:59:34:DC:C4:08:94:69:BE:DF:13:89:F8:2D:7D:70:02:5D
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/a4HTWTTcxAiUab7fE4n4LX1wAl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.146.0/24
45.87.152.0/24
141.98.168.0/24
141.98.170.0/24
188.119.121.0/24
194.116.173.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:cc:ba:a9:29:23:46:15:a5:a7:59:0c:92:d1:07:2f:24:95:
01:f1:24:82:c5:aa:63:fb:c1:1b:85:7b:30:49:84:ef:b7:51:
b2:85:2d:14:6b:66:8a:01:5c:50:aa:a2:cf:f0:c1:d3:00:b4:
d9:fc:85:61:5f:36:f6:29:64:3f:f4:f7:78:6c:27:31:83:67:
73:f9:20:55:71:e9:4b:23:f4:c6:05:c1:8a:99:1c:5b:9a:77:
2d:27:68:40:29:a2:ec:cf:36:84:06:15:ff:ac:3b:e8:92:fa:
d5:1c:55:a3:25:d8:98:2d:60:35:b6:bc:47:fa:9e:82:dd:3c:
3b:84:6a:26:55:1d:76:71:8f:d5:c0:40:fd:11:7e:f1:49:bb:
c4:ff:a8:35:27:8e:60:58:9d:92:e8:44:d1:9a:df:b4:46:34:
47:94:b8:0c:bd:55:e8:11:f5:d0:f2:32:55:99:19:3a:94:60:
ba:46:0f:54:83:d4:01:99:33:e6:49:80:8f:40:f5:ca:ad:69:
cb:9f:fe:b7:64:a3:ed:2e:29:c2:f8:87:f1:06:de:e6:4d:74:
9d:c0:44:5e:3b:a3:e7:91:f3:c2:ab:dd:23:e4:81:ef:e7:1f:
b0:9c:f3:40:a5:1a:55:8c:57:83:24:67:42:32:09:d2:bc:d9:
2f:16:c6:f3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDtscXXhfsRR686Rk/koHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMTAxMDYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjgxZDM1OTM0ZGNjNDA4OTQ2OWJlZGYxMzg5ZjgyZDdkNzAwMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdoYNbVpRfh7PDFL9lBemuQi8TYL
cvrIUWCt1sdmdM9tbVgnILGjADKfvTXUkNDrCjZBiMTtxO10GzT+0BCiS3hvU49l
wHcaN8pjK4SN2WulDOENO42O+btTN4/ZycJIXfKi9G+1uVfOSsshQugMobwqYHMS
+IhLxUARYi/uqew1J86Ts/u5kH7dZHx43ZfLB5m1db10+L+mVLsf438GUqFIY2jv
I7ykct4qcRQNdBNXO2YTKglU5r9qQpTtdZnzlb8DxW+Heqvs0XwOt1ZjpovI7lDI
q5TnkMQw6HF4I37n74dUUzcBMYf7ydfXTlJq98zZKgLpC7KWMjJPkqEovwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGuB01k03MQIlGm+3xOJ+C19cAJdMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvYTRIVFdUVGN4QWlVYWI3ZkU0bjRMWDF3QWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQiSAwQA
LVeYAwQAjWKoAwQAjWKqAwQAvHd5AwQAwnStMA0GCSqGSIb3DQEBCwUAA4IBAQCi
zLqpKSNGFaWnWQyS0QcvJJUB8SSCxapj+8EbhXswSYTvt1GyhS0Ua2aKAVxQqqLP
8MHTALTZ/IVhXzb2KWQ/9Pd4bCcxg2dz+SBVcelLI/TGBcGKmRxbmnctJ2hAKaLs
zzaEBhX/rDvokvrVHFWjJdiYLWA1trxH+p6C3Tw7hGomVR12cY/VwED9EX7xSbvE
/6g1J45gWJ2S6ETRmt+0RjRHlLgMvVXoEfXQ8jJVmRk6lGC6Rg9Ug9QBmTPmSYCP
QPXKrWnLn/63ZKPtLinC+IfxBt7mTXSdwEReO6PnkfPCq90j5IHv5x+wnPNApRpV
jFeDJGdCMgnSvNkvFsbz
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:12 2025 by rpki-client