Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/b4XwyAIbHYVH1wCLq_SGinFaPd8.roa
File: b4XwyAIbHYVH1wCLq_SGinFaPd8.roa (raw, json)
Hash identifier: i6CLIZHv5UHdRulHKK+KuZIp2+RT0X+UQcJQinQhiUQ=
Subject key identifier: 6F:85:F0:C8:02:1B:1D:85:47:D7:00:8B:AB:F4:86:8A:71:5A:3D:DF
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 01932A1A0B03EED64CF439D223E0A110CF95
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/b4XwyAIbHYVH1wCLq_SGinFaPd8.roa
Signing time: Thu 14 Nov 2024 09:56:10 +0000
ROA not before: Thu 14 Nov 2024 09:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:1a:0b:03:ee:d6:4c:f4:39:d2:23:e0:a1:10:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Nov 14 09:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f85f0c8021b1d8547d7008babf4868a715a3ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:20:33:3d:bd:c2:2b:07:b5:52:0c:01:ac:
f8:7a:86:56:79:06:24:d5:4e:4a:12:8d:5c:22:c9:
41:44:0b:bd:24:4e:c5:35:fd:f0:d4:17:d1:06:2c:
8f:11:7d:f8:fe:57:9a:31:5d:e8:35:b2:2e:93:0b:
4d:99:e9:b7:99:26:e3:01:b6:85:4e:28:e2:5b:d2:
e5:55:30:60:07:9d:ef:d5:94:1c:bc:d6:4e:5f:b7:
2c:72:4a:5b:39:4e:99:a0:a2:8f:f3:b3:aa:7e:ba:
b7:ca:ff:fb:09:80:62:3a:b9:4b:b3:e7:d5:12:ac:
f9:ff:d0:66:a0:a7:3b:dd:a7:28:42:af:99:e2:30:
bd:42:bb:3d:9f:4c:45:e0:4a:f4:0d:64:2d:3d:e8:
bf:df:63:45:7e:b3:2d:a9:06:14:6c:57:ec:f3:68:
bc:df:cf:f4:5e:e9:9d:84:aa:6e:e8:db:ab:87:53:
3f:cf:49:13:4b:ff:ba:b9:4e:2b:2c:d9:dc:56:72:
93:8b:68:65:5a:b4:08:1d:28:5b:c3:e2:98:53:84:
85:a6:82:03:63:e7:cd:48:3e:53:20:f3:80:6f:9d:
9b:98:22:3c:25:c8:e2:91:21:92:35:7e:ac:43:57:
af:ac:10:1f:da:00:5a:32:af:d3:1b:39:71:f9:52:
6e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:85:F0:C8:02:1B:1D:85:47:D7:00:8B:AB:F4:86:8A:71:5A:3D:DF
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/b4XwyAIbHYVH1wCLq_SGinFaPd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2c:ae:35:41:67:15:dc:29:11:8b:b1:d2:11:e8:23:57:ea:ba:
3f:81:27:85:42:2a:6e:fb:36:a0:bd:99:a5:0f:be:c9:73:95:
ec:66:ea:07:44:9a:ec:b0:06:16:05:3c:ea:69:68:95:b9:19:
ce:01:0f:6b:b2:11:66:b2:ef:87:ca:66:a4:f3:e1:b1:7b:1e:
b9:74:03:49:e0:c7:cf:2d:8f:ac:37:7e:11:8b:ca:e9:9d:df:
01:3c:c5:f8:52:ac:51:be:58:45:7b:85:ae:69:c9:c9:e5:2d:
21:19:62:40:33:f1:fc:36:80:ca:57:92:58:a5:21:1d:98:db:
d7:aa:f8:83:0c:74:52:f3:65:46:d3:4e:e1:63:3e:ae:7c:a5:
6a:e5:1f:db:ab:b4:20:ca:e4:1a:21:07:14:07:a4:dc:0c:5a:
62:23:10:db:6a:3e:95:6b:db:eb:7b:45:f4:48:81:36:b2:3c:
1d:a5:d5:fd:58:74:ef:4e:c6:b4:a9:97:39:e4:13:10:c4:94:
59:90:8b:c9:c7:af:c5:ed:da:39:d7:e6:aa:fe:d5:5b:3d:49:
63:62:e1:ca:bb:db:7e:a8:37:98:b7:ab:5f:f4:8a:82:4a:1a:
90:d2:6a:0e:90:23:bc:56:86:33:05:d5:5f:77:34:7c:3f:d3:
ca:41:a7:52
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMqGgsD7tZM9DnSI+ChEM+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQxMTE0MDk1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg1ZjBjODAyMWIxZDg1NDdkNzAwOGJhYmY0ODY4YTcxNWEzZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtecgMz29wisHtVIMAaz4eoZWeQYk
1U5KEo1cIslBRAu9JE7FNf3w1BfRBiyPEX34/leaMV3oNbIukwtNmem3mSbjAbaF
TijiW9LlVTBgB53v1ZQcvNZOX7csckpbOU6ZoKKP87Oqfrq3yv/7CYBiOrlLs+fV
Eqz5/9BmoKc73acoQq+Z4jC9Qrs9n0xF4Er0DWQtPei/32NFfrMtqQYUbFfs82i8
38/0XumdhKpu6Nurh1M/z0kTS/+6uU4rLNncVnKTi2hlWrQIHShbw+KYU4SFpoID
Y+fNSD5TIPOAb52bmCI8JcjikSGSNX6sQ1evrBAf2gBaMq/TGzlx+VJuuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG+F8MgCGx2FR9cAi6v0hopxWj3fMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvYjRYd3lBSWJIWVZIMXdDTHFfU0dpbkZhUGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeR4IAD
BAWR4MADBAajTIAwDQYJKoZIhvcNAQELBQADggEBACyuNUFnFdwpEYux0hHoI1fq
uj+BJ4VCKm77NqC9maUPvslzlexm6gdEmuywBhYFPOppaJW5Gc4BD2uyEWay74fK
ZqTz4bF7Hrl0A0ngx88tj6w3fhGLyumd3wE8xfhSrFG+WEV7ha5pycnlLSEZYkAz
8fw2gMpXklilIR2Y29eq+IMMdFLzZUbTTuFjPq58pWrlH9urtCDK5BohBxQHpNwM
WmIjENtqPpVr2+t7RfRIgTayPB2l1f1YdO9OxrSplznkExDElFmQi8nHr8Xt2jnX
5qr+1Vs9SWNi4cq7236oN5i3q1/0ioJKGpDSag6QI7xWhjMF1V93NHw/08pBp1I=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:08:51 2025 by rpki-client