Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/0rCGTaESoSDeDPFOl0lbQi7Cq1Y.roa
File: 0rCGTaESoSDeDPFOl0lbQi7Cq1Y.roa (raw, json)
Hash identifier: RKGGeHV4b050o0Amc04/mJmUei5lr3d47e8tcHKewAY=
Subject key identifier: D2:B0:86:4D:A1:12:A1:20:DE:0C:F1:4E:97:49:5B:42:2E:C2:AB:56
Certificate issuer: /CN=1349cceff4a48a3dab024067e1760dbf58650fda
Certificate serial: 01909BD7434ABCDB2FE7E2E30FA3543B63F5
Authority key identifier: 13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/0rCGTaESoSDeDPFOl0lbQi7Cq1Y.roa
Signing time: Wed 10 Jul 2024 08:51:34 +0000
ROA not before: Wed 10 Jul 2024 08:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209196
IP address blocks: 45.87.204.0/22 maxlen: 22
45.91.104.0/22 maxlen: 22
45.94.192.0/22 maxlen: 22
45.131.72.0/22 maxlen: 22
45.137.108.0/22 maxlen: 22
45.137.108.0/24 maxlen: 24
45.137.109.0/24 maxlen: 24
45.137.110.0/24 maxlen: 24
45.137.111.0/24 maxlen: 24
45.141.160.0/22 maxlen: 22
45.158.152.0/22 maxlen: 22
92.118.176.0/22 maxlen: 22
212.102.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:d7:43:4a:bc:db:2f:e7:e2:e3:0f:a3:54:3b:63:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1349cceff4a48a3dab024067e1760dbf58650fda
Validity
Not Before: Jul 10 08:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2b0864da112a120de0cf14e97495b422ec2ab56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:85:c9:47:bb:c3:38:90:fb:25:e3:c4:7e:
f6:f5:ff:3c:70:50:d5:4a:29:b8:9c:9f:fc:5f:81:
d7:bf:fd:e4:06:15:ae:cb:6f:29:85:7a:a8:78:bb:
3e:62:83:1e:ea:94:5b:40:5d:66:bc:f8:19:24:0f:
78:d9:f0:fa:14:6a:89:5e:c9:27:29:c0:22:e1:e4:
1d:25:4c:e0:03:38:89:e4:d7:01:4d:23:f6:a0:ce:
9f:42:6f:03:91:8f:50:a3:62:8f:79:97:a9:4d:84:
31:65:b0:66:b9:82:9c:5e:92:8f:ff:5a:9d:bc:a3:
6c:1d:a0:04:8b:46:d3:61:9f:58:0b:e8:55:5c:09:
52:c9:59:78:01:f5:9c:35:61:13:d8:79:cc:cf:a0:
0a:da:99:c6:ff:fc:2e:6b:bf:e3:08:8e:10:a1:29:
1a:59:a2:5f:f7:9e:c7:8f:32:3a:ee:3e:f3:83:92:
eb:a6:8f:e7:7e:47:eb:34:b2:42:76:73:6b:43:b8:
a5:a7:12:9c:ca:3b:cc:1e:7e:ee:a6:d0:35:09:8e:
7d:cc:13:2b:63:52:46:4a:a9:46:6e:f5:f3:80:97:
44:fa:d4:f3:76:2c:ba:92:86:fc:b8:6d:ba:c7:6d:
80:ee:68:46:c0:d4:fe:ac:8b:65:3f:6f:41:07:cc:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B0:86:4D:A1:12:A1:20:DE:0C:F1:4E:97:49:5B:42:2E:C2:AB:56
X509v3 Authority Key Identifier:
keyid:13:49:CC:EF:F4:A4:8A:3D:AB:02:40:67:E1:76:0D:BF:58:65:0F:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0nM7_Skij2rAkBn4XYNv1hlD9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/0rCGTaESoSDeDPFOl0lbQi7Cq1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a306d0-4a20-4bcf-848e-d2ae2c336328/1/E0nM7_Skij2rAkBn4XYNv1hlD9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.204.0/22
45.91.104.0/22
45.94.192.0/22
45.131.72.0/22
45.137.108.0/22
45.141.160.0/22
45.158.152.0/22
92.118.176.0/22
212.102.99.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c7:1a:e5:52:6d:94:e0:9e:c1:db:c9:5f:2c:eb:a0:d2:39:
f4:0b:d4:bd:e9:41:3e:97:db:a5:d8:a0:a2:bb:2f:f7:ec:4d:
d3:d4:cb:5c:31:d3:86:a9:fb:d4:32:4e:f5:ca:06:d6:e8:d5:
9d:ac:5b:49:b3:0b:03:9f:3a:26:18:59:e9:8c:02:18:53:e1:
8c:c8:ea:d7:dc:88:a4:9c:ee:c7:d6:cc:46:b7:56:c7:36:d7:
d7:4c:89:2d:f1:12:d3:ff:e4:f7:1b:ff:4d:04:4f:e5:71:53:
91:0c:22:09:5d:2b:38:e5:c2:a4:6a:e9:57:32:91:00:33:19:
06:c9:0f:6e:dd:56:f0:d2:f1:04:b5:6b:ee:b5:47:a7:77:06:
d6:fc:7d:d6:00:dc:c9:d3:2c:e5:13:b6:43:3d:eb:05:f0:62:
6a:17:db:45:18:a2:09:ab:1c:de:6f:7d:31:e1:d4:62:35:05:
1a:c7:6b:d9:a8:a6:a2:42:bd:bc:34:b6:05:95:f1:c5:ed:38:
50:b2:a1:6f:ba:cc:0b:29:a2:eb:21:50:7f:87:f4:8e:6c:5a:
5c:2f:e1:67:51:2e:c9:58:6c:93:64:4e:91:85:c4:98:62:9b:
3e:0e:b2:8c:af:2d:4e:53:25:80:c2:aa:1d:2e:ac:0a:4c:07:
6a:86:f6:cd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZCb10NKvNsv5+LjD6NUO2P1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDljY2VmZjRhNDhhM2RhYjAyNDA2N2UxNzYwZGJmNTg2
NTBmZGEwHhcNMjQwNzEwMDg1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmIwODY0ZGExMTJhMTIwZGUwY2YxNGU5NzQ5NWI0MjJlYzJhYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJyFyUe7wziQ+yXjxH729f88cFDV
Sim4nJ/8X4HXv/3kBhWuy28phXqoeLs+YoMe6pRbQF1mvPgZJA942fD6FGqJXskn
KcAi4eQdJUzgAziJ5NcBTSP2oM6fQm8DkY9Qo2KPeZepTYQxZbBmuYKcXpKP/1qd
vKNsHaAEi0bTYZ9YC+hVXAlSyVl4AfWcNWET2HnMz6AK2pnG//wua7/jCI4QoSka
WaJf957HjzI67j7zg5Lrpo/nfkfrNLJCdnNrQ7ilpxKcyjvMHn7uptA1CY59zBMr
Y1JGSqlGbvXzgJdE+tTzdiy6kob8uG26x22A7mhGwNT+rItlP29BB8xaQwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNKwhk2hEqEg3gzxTpdJW0IuwqtWMB8GA1UdIwQY
MBaAFBNJzO/0pIo9qwJAZ+F2Db9YZQ/aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBuTTdfU2tpajJyQWtCbjRYWU52MWhsRDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzA2ZDAtNGEyMC00YmNmLTg0OGUt
ZDJhZTJjMzM2MzI4LzEvMHJDR1RhRVNvU0RlRFBGT2wwbGJRaTdDcTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzA2ZDAtNGEyMC00YmNmLTg0OGUtZDJhZTJjMzM2MzI4
LzEvRTBuTTdfU2tpajJyQWtCbjRYWU52MWhsRDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLVfMAwQC
LVtoAwQCLV7AAwQCLYNIAwQCLYlsAwQCLY2gAwQCLZ6YAwQCXHawAwQA1GZjMA0G
CSqGSIb3DQEBCwUAA4IBAQAyxxrlUm2U4J7B28lfLOug0jn0C9S96UE+l9ul2KCi
uy/37E3T1MtcMdOGqfvUMk71ygbW6NWdrFtJswsDnzomGFnpjAIYU+GMyOrX3Iik
nO7H1sxGt1bHNtfXTIkt8RLT/+T3G/9NBE/lcVORDCIJXSs45cKkaulXMpEAMxkG
yQ9u3Vbw0vEEtWvutUendwbW/H3WANzJ0yzlE7ZDPesF8GJqF9tFGKIJqxzeb30x
4dRiNQUax2vZqKaiQr28NLYFlfHF7ThQsqFvuswLKaLrIVB/h/SObFpcL+FnUS7J
WGyTZE6RhcSYYps+DrKMry1OUyWAwqodLqwKTAdqhvbN
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:11:25 2025 by rpki-client