Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DExDZHkxO8FgYzD1J8cYWGWi-t0.roa
File: DExDZHkxO8FgYzD1J8cYWGWi-t0.roa (raw, json)
Hash identifier: SnbmkXkrF1ypDmdzpxcoz8klbvKby3OE1AFgphDE6KY=
Subject key identifier: 0C:4C:43:64:79:31:3B:C1:60:63:30:F5:27:C7:18:58:65:A2:FA:DD
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01943B92BAF7B0B8D42EB2EC62BD509DA069
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DExDZHkxO8FgYzD1J8cYWGWi-t0.roa
Signing time: Mon 06 Jan 2025 12:24:19 +0000
ROA not before: Mon 06 Jan 2025 12:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
46.249.110.0/24 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
178.173.232.0/21 maxlen: 24
178.173.240.0/20 maxlen: 24
185.231.172.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:92:ba:f7:b0:b8:d4:2e:b2:ec:62:bd:50:9d:a0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 6 12:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c4c436479313bc1606330f527c7185865a2fadd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:99:45:f9:10:af:aa:e6:9f:76:64:e9:28:
dc:89:65:07:41:b6:48:71:d8:55:dd:28:e7:48:de:
1a:77:33:94:94:46:8d:1c:d8:fe:2c:fc:5a:05:50:
f3:6c:61:1a:0b:c9:c0:52:52:b6:a8:a1:3c:54:de:
46:cf:82:3a:f1:aa:17:cf:2c:e7:6b:96:76:11:4f:
01:2a:94:0b:f5:91:82:90:8f:82:ef:51:32:62:4c:
82:10:ba:39:a0:ef:81:12:42:db:ae:9e:d1:f4:c2:
a9:48:f7:c7:63:5e:9d:35:b2:24:34:89:d8:15:51:
74:3a:c2:cf:b4:5d:30:c0:4b:b0:41:e0:29:e4:e4:
bc:f4:ed:60:e2:2c:fc:6e:ff:8c:56:b4:52:ac:89:
9f:73:b4:1f:3f:b3:dd:56:86:cc:6c:92:52:5c:b6:
09:d4:85:fd:58:63:55:e8:86:66:4a:07:93:82:4d:
a9:6d:3e:65:ef:5f:1c:b6:1c:12:95:74:8b:f0:e1:
7c:69:67:bf:d5:29:a0:d3:19:56:25:ba:00:d9:18:
00:d9:4c:92:61:f1:f8:40:60:bd:37:16:7f:4d:1b:
db:52:90:7f:19:6a:9d:90:6d:2d:db:ad:0e:a2:6e:
9e:a1:9d:e6:f8:3f:ec:ae:c3:a8:9e:37:ed:2f:23:
96:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4C:43:64:79:31:3B:C1:60:63:30:F5:27:C7:18:58:65:A2:FA:DD
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DExDZHkxO8FgYzD1J8cYWGWi-t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
46.249.110.0/24
82.115.28.0/23
89.251.10.0/24
159.255.32.0/21
178.173.232.0-178.173.255.255
185.231.172.0/22
188.253.8.0/21
202.133.90.0/23
212.90.100.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
67:06:18:dd:82:f6:56:27:f2:8b:8d:e5:94:8c:33:43:b2:06:
9c:19:da:3d:b7:aa:36:b9:63:12:c4:7a:03:b0:4d:d3:f4:1e:
ef:1a:c3:16:52:56:29:62:3f:58:52:95:f1:d3:00:aa:b6:28:
6e:29:d8:0c:3c:a1:36:6c:66:42:8f:c0:d4:d6:e6:c1:d6:5b:
87:2b:28:e1:91:86:fc:5f:ad:0b:bf:36:fd:7a:b0:3a:cc:05:
f5:17:77:d3:ab:df:b3:8d:cd:61:84:e4:e5:a0:36:e1:73:bb:
d3:46:46:70:40:0a:6c:4f:e6:46:94:bc:e8:a9:a1:c2:1e:70:
c4:2f:73:29:96:34:fc:02:11:60:d7:e8:4c:15:4a:00:55:cf:
fd:17:47:71:11:43:24:13:55:8d:c9:5c:bf:f1:43:98:cb:04:
6b:32:2c:2a:26:6c:55:6a:ae:0a:3a:9e:fd:4d:c2:9c:de:00:
4c:e9:c9:e8:ae:3a:e6:2b:ab:98:ec:8a:b6:b2:4d:69:43:53:
b8:c9:a6:b3:b1:1a:6c:76:97:a6:37:fe:ff:75:9d:4d:56:69:
ba:aa:60:0f:ad:f9:7b:a2:b9:0c:e7:e2:3d:a7:34:87:8e:cc:
54:1e:4c:4a:1d:42:ce:91:0c:87:0f:95:8a:46:ef:55:64:b6:
af:bf:13:fa
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZQ7krr3sLjULrLsYr1QnaBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTA2MTIyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzRjNDM2NDc5MzEzYmMxNjA2MzMwZjUyN2M3MTg1ODY1YTJmYWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcKZRfkQr6rmn3Zk6SjciWUHQbZI
cdhV3SjnSN4adzOUlEaNHNj+LPxaBVDzbGEaC8nAUlK2qKE8VN5Gz4I68aoXzyzn
a5Z2EU8BKpQL9ZGCkI+C71EyYkyCELo5oO+BEkLbrp7R9MKpSPfHY16dNbIkNInY
FVF0OsLPtF0wwEuwQeAp5OS89O1g4iz8bv+MVrRSrImfc7QfP7PdVobMbJJSXLYJ
1IX9WGNV6IZmSgeTgk2pbT5l718cthwSlXSL8OF8aWe/1Smg0xlWJboA2RgA2UyS
YfH4QGC9NxZ/TRvbUpB/GWqdkG0t260Oom6eoZ3m+D/srsOonjftLyOWtQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFAxMQ2R5MTvBYGMw9SfHGFhlovrdMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvREV4RFpIa3hPOEZnWXpEMUo4Y1lXR1dpLXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJAwQBLYsGAwQA
LvluAwQBUnMcAwQAWfsKAwQDn/8gMAsDBAOyregDAwGyrAMEArnnrAMEA7z9CAME
AcqFWgMEAtRaZAMEAtWtIDANBgkqhkiG9w0BAQsFAAOCAQEAZwYY3YL2Vifyi43l
lIwzQ7IGnBnaPbeqNrljEsR6A7BN0/Qe7xrDFlJWKWI/WFKV8dMAqrYobinYDDyh
NmxmQo/A1NbmwdZbhyso4ZGG/F+tC782/XqwOswF9Rd306vfs43NYYTk5aA24XO7
00ZGcEAKbE/mRpS86Kmhwh5wxC9zKZY0/AIRYNfoTBVKAFXP/RdHcRFDJBNVjclc
v/FDmMsEazIsKiZsVWquCjqe/U3CnN4ATOnJ6K465iurmOyKtrJNaUNTuMmms7Ea
bHaXpjf+/3WdTVZpuqpgD635e6K5DOfiPac0h47MVB5MSh1CzpEMhw+VikbvVWS2
r78T+g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:41:31 2025 by rpki-client