Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iUDOQVOqgQbp2VnpFhadbiV18S0.roa
File: iUDOQVOqgQbp2VnpFhadbiV18S0.roa (raw, json)
Hash identifier: sVeWmO32za0Omjn8hrFX83FlI/DKYDnlUFH4SD+LBtw=
Subject key identifier: 89:40:CE:41:53:AA:81:06:E9:D9:59:E9:16:16:9D:6E:25:75:F1:2D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D0E62EF83DA4BBD4C5EE29415986C0009
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iUDOQVOqgQbp2VnpFhadbiV18S0.roa
Signing time: Mon 15 Jan 2024 18:29:41 +0000
ROA not before: Mon 15 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.148.116.0/22 maxlen: 24
185.238.188.0/22 maxlen: 24
2a0e:b107:1870::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a10:ccc0:110::/44 maxlen: 48
2a06:de01:d0::/44 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a10:ccc3:ccce::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
2a06:de01:400::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 21:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0e:62:ef:83:da:4b:bd:4c:5e:e2:94:15:98:6c:00:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 15 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8940ce4153aa8106e9d959e916169d6e2575f12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:16:41:b4:1a:06:93:ff:50:1f:50:7f:eb:ec:
fa:03:c1:00:b5:2d:94:7d:c9:98:39:73:8d:57:d6:
75:c1:b6:ea:b4:7a:5a:e2:7c:69:66:40:84:6d:fa:
84:92:63:1c:1b:90:a7:2b:6f:dd:5b:71:40:7f:be:
18:54:7a:47:ce:8b:fb:30:3c:29:b3:a3:f3:f4:ba:
d1:73:fa:b0:47:bb:bd:b9:22:d0:f7:cf:6e:40:71:
75:9b:fe:59:52:2b:24:d1:12:eb:f4:68:7f:db:82:
df:49:64:cd:72:cc:b5:2d:12:54:9e:75:42:88:da:
d8:d7:c6:16:7c:78:0e:a6:6c:c0:ed:b7:88:5d:44:
ad:91:49:29:32:fa:b0:ea:ef:ab:e1:3a:27:5a:77:
4b:f1:90:44:23:f0:e7:ac:a7:20:d4:96:c4:47:4a:
a8:c8:02:3e:af:f6:49:91:4f:2c:9c:ad:91:10:9a:
48:fd:99:24:9d:e3:1b:3e:a3:ab:c9:91:64:e9:cc:
52:40:3b:a0:28:f6:63:fc:77:d0:fa:b0:78:e2:38:
dd:8e:72:7a:80:ee:34:17:72:0f:c6:14:97:e4:cd:
3b:0f:77:03:67:07:ea:10:2a:43:8e:fb:2d:5d:00:
07:2b:ed:70:a4:64:6b:80:af:74:7e:db:cc:a1:8f:
f8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:40:CE:41:53:AA:81:06:E9:D9:59:E9:16:16:9D:6E:25:75:F1:2D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iUDOQVOqgQbp2VnpFhadbiV18S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
185.238.188.0/22
IPv6:
2a06:de01:d0::/44
2a06:de01:400::/48
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc0:110::/44
2a10:ccc3:ccce::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
01:b4:0b:de:51:d6:fd:1f:20:74:3b:e7:9d:52:5d:67:1b:59:
11:6b:7e:e4:6c:9d:2a:bc:ee:f8:2f:8b:47:c7:1d:98:d0:42:
5b:3b:54:c8:b1:2a:a1:1a:1b:ed:38:91:91:f6:c1:e2:1b:c3:
48:8b:f3:9e:14:6d:4a:43:6d:59:01:a7:42:c0:3e:df:02:c2:
b0:72:36:8c:7d:f2:fa:5e:b5:7c:72:7d:83:cf:f2:96:a3:52:
d1:f6:9e:b9:e7:ca:ec:90:97:4f:17:d0:99:a5:66:89:03:dd:
b4:6b:04:fe:ff:84:a3:7c:7a:45:50:34:e4:81:0f:da:d3:0e:
e5:49:77:3e:4d:b9:00:49:db:84:99:d3:07:40:a5:46:03:73:
86:a8:9c:8b:e8:c3:ba:9c:c8:6e:8c:bd:00:71:b0:86:60:3f:
ac:d4:1b:02:68:a8:00:cf:46:ab:95:ac:9c:b3:b3:b0:50:30:
3b:4f:76:49:6b:fc:9a:fb:a1:2b:68:cf:9e:8a:65:93:7f:80:
cc:06:ff:34:59:f3:fb:7f:17:5e:74:2d:05:cf:f3:22:69:51:
5c:4e:dd:fc:f9:35:61:cf:98:fd:31:50:f2:29:7c:48:06:25:
bb:e7:9d:81:a7:c4:4a:ad:6f:7a:59:3c:e6:87:b2:1e:1a:fc:
1a:b2:40:35
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAY0OYu+D2ku9TF7ilBWYbAAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTE1MTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQwY2U0MTUzYWE4MTA2ZTlkOTU5ZTkxNjE2OWQ2ZTI1NzVmMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRZBtBoGk/9QH1B/6+z6A8EAtS2U
fcmYOXONV9Z1wbbqtHpa4nxpZkCEbfqEkmMcG5CnK2/dW3FAf74YVHpHzov7MDwp
s6Pz9LrRc/qwR7u9uSLQ989uQHF1m/5ZUisk0RLr9Gh/24LfSWTNcsy1LRJUnnVC
iNrY18YWfHgOpmzA7beIXUStkUkpMvqw6u+r4TonWndL8ZBEI/DnrKcg1JbER0qo
yAI+r/ZJkU8snK2REJpI/ZkkneMbPqOryZFk6cxSQDugKPZj/HfQ+rB44jjdjnJ6
gO40F3IPxhSX5M07D3cDZwfqECpDjvstXQAHK+1wpGRrgK90ftvMoY/4nQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFIlAzkFTqoEG6dlZ6RYWnW4ldfEtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVVET1FWT3FnUWJwMlZucEZoYWRiaVYxOFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTASBAIAATAMAwQCLZR0
AwQCue68MIGWBAIAAjCBjwMHBCoG3gEA0AMHACoG3gEEAAMGACoMO4f/AwcAKg6X
wAdQMBIDBwAqDpfAB5EDBwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMHACoOsQcJ
9gMHACoOsQcN8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcniwMHBCoQzMABEAMH
ACoQzMPMzgMGAioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQABtAveUdb9HyB0O+ed
Ul1nG1kRa37kbJ0qvO74L4tHxx2Y0EJbO1TIsSqhGhvtOJGR9sHiG8NIi/OeFG1K
Q21ZAadCwD7fAsKwcjaMffL6XrV8cn2Dz/KWo1LR9p6558rskJdPF9CZpWaJA920
awT+/4SjfHpFUDTkgQ/a0w7lSXc+TbkASduEmdMHQKVGA3OGqJyL6MO6nMhujL0A
cbCGYD+s1BsCaKgAz0arlaycs7OwUDA7T3ZJa/ya+6EraM+eimWTf4DMBv80WfP7
fxdedC0Fz/MiaVFcTt38+TVhz5j9MVDyKXxIBiW7552Bp8RKrW96WTzmh7IeGvwa
skA1
-----END CERTIFICATE-----
Generated at Fri Jan 19 00:54:50 2024 by rpki-client on console-fra.rpki-client.org