Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bL5UyFk_hl26v04FvkSGpkXKH10.roa
File: bL5UyFk_hl26v04FvkSGpkXKH10.roa (raw, json)
Hash identifier: jEg7jlrAHfssOVr0aHZUX4q/YM9FPAY9rJlQlX1N8UM=
Subject key identifier: 6C:BE:54:C8:59:3F:86:5D:BA:BF:4E:05:BE:44:86:A6:45:CA:1F:5D
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018CC7948F3FF3C31BC90D82B5909D2DE565
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bL5UyFk_hl26v04FvkSGpkXKH10.roa
Signing time: Tue 02 Jan 2024 00:30:51 +0000
ROA not before: Tue 02 Jan 2024 00:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210636
IP address blocks: 45.88.184.0/24 maxlen: 24
45.88.185.0/24 maxlen: 24
45.91.117.0/24 maxlen: 24
45.93.150.0/24 maxlen: 24
45.93.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 04:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:8f:3f:f3:c3:1b:c9:0d:82:b5:90:9d:2d:e5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 2 00:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cbe54c8593f865dbabf4e05be4486a645ca1f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:11:23:61:40:a8:0a:f5:1e:95:4e:a0:28:8a:
2d:9b:0e:36:d2:13:da:9e:54:5a:2e:15:cc:d1:21:
9c:21:22:ed:8b:03:b0:ca:da:07:3e:5d:6f:3f:e1:
1e:5a:9d:8a:d1:5d:b8:ce:78:a6:2c:e3:5f:99:5b:
69:15:59:f6:71:8e:f9:33:c5:bb:5b:55:28:59:2a:
f4:fb:ee:63:ca:65:52:a7:cb:3d:7c:c7:5d:da:74:
ad:41:d0:a5:db:dd:9c:4b:ae:c7:5c:9c:9a:88:2a:
16:b0:64:a2:c2:41:69:08:14:de:23:22:66:fa:94:
a7:87:1e:27:27:44:cf:c5:0b:0f:c8:ea:2c:f4:9b:
4b:9f:0c:70:a6:96:57:b8:d8:c9:36:01:30:86:13:
27:0a:dc:c8:53:26:a0:9a:20:f0:a1:79:61:99:73:
45:e6:01:0c:f8:e2:14:71:72:91:2a:41:0c:7b:ab:
df:62:ba:55:26:75:f1:c7:1b:04:ef:91:0a:31:db:
20:bb:4d:38:88:4b:77:0d:a0:51:d1:8d:1c:71:ef:
3c:2f:0a:d0:93:a5:73:2a:38:4c:c5:eb:c2:00:8e:
fe:d1:de:08:41:a7:4c:84:3f:c4:7c:c7:2d:77:f0:
0d:87:a6:5c:a3:9a:2c:7d:9d:3a:81:2a:f7:db:aa:
22:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BE:54:C8:59:3F:86:5D:BA:BF:4E:05:BE:44:86:A6:45:CA:1F:5D
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bL5UyFk_hl26v04FvkSGpkXKH10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.184.0/23
45.91.117.0/24
45.93.150.0/23
Signature Algorithm: sha256WithRSAEncryption
80:66:d0:08:60:69:cb:3a:9b:d7:a3:92:b0:d3:1c:be:5a:8b:
4b:fd:dc:a4:aa:d4:b0:b3:4b:b6:b2:c0:58:06:45:bd:a9:bf:
6a:a7:8a:c8:5c:93:9a:71:46:44:1d:a5:c3:47:3c:3d:80:f3:
af:11:4c:ec:ae:36:ea:08:42:36:c8:aa:60:81:a8:b4:02:5a:
38:0f:a2:b6:76:cf:1f:43:85:82:4d:2a:41:36:a3:5f:e2:0a:
f0:a3:d1:81:80:8f:af:ef:23:ba:ae:a2:82:79:69:a8:50:91:
d8:44:e3:a2:6a:a0:85:ca:3f:f8:84:2c:73:59:89:52:ed:2d:
4f:aa:7a:c9:d7:38:64:93:d6:21:a6:e2:c0:d2:c1:eb:5a:38:
56:12:ef:6e:35:37:e8:c7:bf:1b:5a:90:d2:bc:84:dc:99:cd:
a6:8b:5f:a0:5c:2d:a0:9e:e9:12:f7:fa:a8:4b:81:2e:3a:ff:
f7:9a:d6:a2:13:42:1f:72:64:aa:5f:9a:87:0f:cd:1f:20:ab:
6e:ea:6c:21:1f:29:e6:c5:af:47:17:19:95:12:4f:b2:b4:97:
a0:bc:44:a1:ae:01:94:37:69:1f:09:0f:76:0e:85:29:2e:52:
66:49:6d:0a:8a:2d:97:e7:b0:10:28:58:bc:8b:d1:76:41:2b:
b3:8e:8c:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlI8/88MbyQ2CtZCdLeVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQwMTAyMDAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JlNTRjODU5M2Y4NjVkYmFiZjRlMDViZTQ0ODZhNjQ1Y2ExZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhEjYUCoCvUelU6gKIotmw420hPa
nlRaLhXM0SGcISLtiwOwytoHPl1vP+EeWp2K0V24znimLONfmVtpFVn2cY75M8W7
W1UoWSr0++5jymVSp8s9fMdd2nStQdCl292cS67HXJyaiCoWsGSiwkFpCBTeIyJm
+pSnhx4nJ0TPxQsPyOos9JtLnwxwppZXuNjJNgEwhhMnCtzIUyagmiDwoXlhmXNF
5gEM+OIUcXKRKkEMe6vfYrpVJnXxxxsE75EKMdsgu004iEt3DaBR0Y0cce88LwrQ
k6VzKjhMxevCAI7+0d4IQadMhD/EfMctd/ANh6Zco5osfZ06gSr326oi7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGy+VMhZP4Zdur9OBb5EhqZFyh9dMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvYkw1VXlGa19obDI2djA0RnZrU0dwa1hLSDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVi4AwQA
LVt1AwQBLV2WMA0GCSqGSIb3DQEBCwUAA4IBAQCAZtAIYGnLOpvXo5Kw0xy+WotL
/dykqtSws0u2ssBYBkW9qb9qp4rIXJOacUZEHaXDRzw9gPOvEUzsrjbqCEI2yKpg
gai0Alo4D6K2ds8fQ4WCTSpBNqNf4grwo9GBgI+v7yO6rqKCeWmoUJHYROOiaqCF
yj/4hCxzWYlS7S1PqnrJ1zhkk9YhpuLA0sHrWjhWEu9uNTfox78bWpDSvITcmc2m
i1+gXC2gnukS9/qoS4EuOv/3mtaiE0IfcmSqX5qHD80fIKtu6mwhHynmxa9HFxmV
Ek+ytJegvEShrgGUN2kfCQ92DoUpLlJmSW0Kii2X57AQKFi8i9F2QSuzjoxL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:48 2025 by rpki-client