Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/feMbhUdQaQROeS6igjMgth4g2KI.roa
File: feMbhUdQaQROeS6igjMgth4g2KI.roa (raw, json)
Hash identifier: 03EAQ+bB6tZLmycHhCXP50lGoyuQBBGGI6FQUdM988A=
Subject key identifier: 7D:E3:1B:85:47:50:69:04:4E:79:2E:A2:82:33:20:B6:1E:20:D8:A2
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194280BF2EA369493388325C6FF8E9BD549
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/feMbhUdQaQROeS6igjMgth4g2KI.roa
Signing time: Thu 02 Jan 2025 17:24:19 +0000
ROA not before: Thu 02 Jan 2025 17:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8903
IP address blocks: 45.10.104.0/22 maxlen: 22
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
85.209.72.0/22 maxlen: 22
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
91.132.31.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/23 maxlen: 23
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:0b:f2:ea:36:94:93:38:83:25:c6:ff:8e:9b:d5:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 17:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7de31b85475069044e792ea2823320b61e20d8a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:f6:7d:bd:bc:83:c7:5c:2d:12:4c:94:f9:
8b:83:64:37:c6:69:35:be:ac:ba:d6:52:b3:43:ca:
7a:26:6a:36:cd:8c:45:55:2c:bd:ac:9e:f7:37:47:
26:00:d9:54:9b:9f:53:a5:c9:f3:e1:cd:e7:a5:16:
36:dc:f2:04:65:b9:42:37:72:1c:da:17:29:0c:6f:
8d:68:34:1e:a7:5b:20:c2:cd:97:40:31:69:fc:9e:
20:01:a7:79:6b:25:bc:4f:ab:4c:8e:92:9f:7a:21:
04:57:49:ec:3c:2d:d3:81:57:ed:c2:cb:1c:2a:26:
9a:60:d5:79:20:f6:4d:70:98:9e:62:aa:b2:00:0d:
48:6b:09:e7:88:f2:13:c8:20:e3:ca:44:74:41:77:
c2:6d:18:73:da:d0:fd:79:2b:62:36:10:30:b0:a1:
77:dc:8b:3f:02:b1:9e:7f:c2:93:16:d8:8a:21:a0:
27:1f:6c:87:f8:cf:28:03:0a:3a:92:73:56:5f:d9:
b1:d5:7b:c6:07:71:16:91:89:14:e9:5d:16:74:e1:
36:2e:ef:3c:c9:95:2b:9b:62:67:14:30:d3:ae:06:
a6:76:7d:cd:a6:9c:83:34:0f:eb:5a:29:0b:4a:38:
b8:85:e6:ad:3b:a9:d3:13:6e:26:47:08:33:7a:4b:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E3:1B:85:47:50:69:04:4E:79:2E:A2:82:33:20:B6:1E:20:D8:A2
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/feMbhUdQaQROeS6igjMgth4g2KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.104.0/22
45.83.50.0/23
80.66.112.0/20
85.209.72.0/22
89.42.70.0/24
89.44.150.0/23
89.45.208.0/24
91.132.31.0/24
94.198.46.0/23
178.19.34.0/23
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
12:d7:79:ca:b6:c3:25:86:62:25:c2:de:69:f7:02:f4:d4:68:
6b:ef:bb:33:69:61:b5:81:9e:2d:8d:33:c4:d2:57:d4:75:52:
7d:a9:20:cf:e3:bd:83:f6:b7:7a:ae:63:1d:b6:7c:4b:8b:31:
57:b3:84:4a:2a:86:ba:b0:b2:b3:cb:8a:1c:1d:6f:a6:72:ad:
e8:8d:3f:c4:2a:de:32:2c:2a:25:42:54:f3:81:9f:6c:8e:02:
ec:49:e0:bf:dd:3b:90:73:e4:f6:cb:06:be:51:85:35:4c:d0:
d2:46:48:9c:20:ac:25:3f:6e:17:31:90:63:9a:69:ba:99:35:
8b:14:da:a8:06:bc:5c:52:be:9e:2e:d9:3e:97:fc:87:0e:93:
59:e1:3d:c8:97:ba:48:14:7f:d7:35:b3:ab:ec:f6:23:0a:9d:
3f:3f:d1:ba:c8:21:82:d1:c1:c5:29:28:fa:c6:ef:7c:27:a0:
e5:a6:94:b2:27:1e:72:e4:59:c9:38:07:e2:f3:09:5c:02:b4:
99:2d:ff:10:fd:d2:af:7f:21:b2:66:66:ae:6a:03:6f:10:c4:
24:a9:86:ff:42:2f:fa:1e:da:da:94:02:9f:cf:d6:5a:e1:8d:
62:70:ae:93:bd:24:5e:df:28:b3:0d:b4:46:af:05:0c:c1:61:
53:52:02:9b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZQoC/LqNpSTOIMlxv+Om9VJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTcyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGUzMWI4NTQ3NTA2OTA0NGU3OTJlYTI4MjMzMjBiNjFlMjBkOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvD2fb28g8dcLRJMlPmLg2Q3xmk1
vqy61lKzQ8p6Jmo2zYxFVSy9rJ73N0cmANlUm59Tpcnz4c3npRY23PIEZblCN3Ic
2hcpDG+NaDQep1sgws2XQDFp/J4gAad5ayW8T6tMjpKfeiEEV0nsPC3TgVftwssc
KiaaYNV5IPZNcJieYqqyAA1IawnniPITyCDjykR0QXfCbRhz2tD9eStiNhAwsKF3
3Is/ArGef8KTFtiKIaAnH2yH+M8oAwo6knNWX9mx1XvGB3EWkYkU6V0WdOE2Lu88
yZUrm2JnFDDTrgamdn3NppyDNA/rWikLSji4heatO6nTE24mRwgzekv1ZQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFH3jG4VHUGkETnkuooIzILYeINiiMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZmVNYmhVZFFhUVJPZVM2aWdqTWd0aDRnMktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIt
CmgDBAEtUzIDBARQQnADBAJV0UgDBABZKkYDBAFZLJYDBABZLdADBABbhB8DBAFe
xi4DBAGyEyIDBAKyEywDBAC5RxwwDAMEALnLFQMEA7nLEAMEALnyrwMEAMGy1AME
AMGy2gMEAMG6AQMEAMG6CwMEAMIPjAMEAMIPkgMEAMIPtgMEAMIPwzANBgkqhkiG
9w0BAQsFAAOCAQEAEtd5yrbDJYZiJcLeafcC9NRoa++7M2lhtYGeLY0zxNJX1HVS
fakgz+O9g/a3eq5jHbZ8S4sxV7OESiqGurCys8uKHB1vpnKt6I0/xCreMiwqJUJU
84GfbI4C7Engv907kHPk9ssGvlGFNUzQ0kZInCCsJT9uFzGQY5ppupk1ixTaqAa8
XFK+ni7ZPpf8hw6TWeE9yJe6SBR/1zWzq+z2IwqdPz/RusghgtHBxSko+sbvfCeg
5aaUsicecuRZyTgH4vMJXAK0mS3/EP3Sr38hsmZmrmoDbxDEJKmG/0Iv+h7a2pQC
n8/WWuGNYnCuk70kXt8osw20Rq8FDMFhU1ICmw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:58:27 2025 by rpki-client