Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/7ju5VKN0E0FiqdP-LDUOY5M__8w.roa
File: 7ju5VKN0E0FiqdP-LDUOY5M__8w.roa (raw, json)
Hash identifier: rBU4Nu1gjgldS0IJ8cdxt+V/WJStRioaRDp1CcQs/v8=
Subject key identifier: EE:3B:B9:54:A3:74:13:41:62:A9:D3:FE:2C:35:0E:63:93:3F:FF:CC
Certificate issuer: /CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Certificate serial: 018CC492455EDD5B6FBAA8FE4864DB3F1FD2
Authority key identifier: 7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/7ju5VKN0E0FiqdP-LDUOY5M__8w.roa
Signing time: Mon 01 Jan 2024 10:29:29 +0000
ROA not before: Mon 01 Jan 2024 10:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60587
IP address blocks: 46.151.200.0/24 maxlen: 24
46.151.201.0/24 maxlen: 24
46.151.204.0/24 maxlen: 24
185.29.88.0/24 maxlen: 24
91.227.230.0/24 maxlen: 24
45.82.168.0/22 maxlen: 22
2a00:a6a0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:45:5e:dd:5b:6f:ba:a8:fe:48:64:db:3f:1f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Validity
Not Before: Jan 1 10:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee3bb954a374134162a9d3fe2c350e63933fffcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:66:64:22:08:ef:75:d8:95:76:07:5e:eb:
af:4d:c1:08:0c:d5:9e:19:61:e8:fc:f6:1e:cb:0e:
10:c1:87:40:0c:9f:6c:98:c8:d2:01:ca:37:e7:67:
72:c6:40:17:64:26:ff:07:1d:f9:b5:b4:e4:04:40:
03:43:16:58:7e:41:f7:36:bc:1d:42:9d:bc:36:f6:
59:c5:9e:b5:4a:f7:1e:cb:1c:b0:c9:8f:ce:db:36:
8f:72:1d:c3:e8:e6:ac:ae:ff:84:4d:a3:4c:bf:bf:
c8:38:88:d6:6c:c3:e8:03:d7:dc:3c:09:a4:30:2f:
81:a8:94:7f:b7:35:a8:be:3c:78:98:24:46:cc:6a:
77:3a:0d:88:61:2a:31:bb:6d:4e:3a:62:91:a6:b3:
a2:8c:86:85:d2:32:ad:27:21:a6:8d:f1:0a:4e:84:
e8:74:a0:15:38:a4:64:65:2f:79:fc:26:85:db:44:
5d:9a:ed:72:ad:42:ae:13:27:78:1a:08:3b:b7:0c:
60:68:b5:0d:f7:3a:b0:d5:8e:49:4b:d0:c2:f5:5f:
70:8e:4a:13:84:02:2b:1b:aa:13:cd:72:bc:db:5b:
63:31:1e:fd:42:dd:2a:e2:bf:3a:c8:62:6e:f2:fb:
c5:58:ce:5c:8b:6a:0a:fa:27:3a:33:26:5c:52:32:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3B:B9:54:A3:74:13:41:62:A9:D3:FE:2C:35:0E:63:93:3F:FF:CC
X509v3 Authority Key Identifier:
keyid:7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/7ju5VKN0E0FiqdP-LDUOY5M__8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
46.151.200.0/23
46.151.204.0/24
91.227.230.0/24
185.29.88.0/24
IPv6:
2a00:a6a0:1::/48
Signature Algorithm: sha256WithRSAEncryption
1f:22:59:f5:69:93:8d:cb:48:c5:71:cf:32:76:14:2e:94:20:
ef:4d:ad:d3:09:34:7d:13:d0:15:5a:bb:d7:18:a9:8c:a1:31:
7e:34:80:aa:0f:a4:24:5d:90:2a:9b:9c:5f:dd:23:9c:a9:73:
9e:8e:51:78:02:43:7d:5f:43:dc:6e:1d:9b:87:63:87:65:50:
de:ba:7e:55:36:47:fd:66:e6:32:0f:2f:6e:ce:d4:7e:b0:c4:
05:a5:bd:07:41:45:04:6b:47:3c:b1:ff:4f:a0:40:ec:e7:a0:
a3:70:e0:4b:27:1f:bf:82:5a:fd:3c:45:f0:0d:11:76:5b:43:
fb:cf:b4:df:36:a5:5d:a8:c8:b3:63:b5:d7:70:a8:f9:4b:d0:
a0:bf:a6:c7:fa:f1:75:d4:fa:65:d3:e1:af:54:84:08:8b:d3:
de:32:94:50:e2:9a:ba:54:83:f5:ee:93:32:c2:91:55:db:47:
c8:a1:f8:7f:1b:5e:99:80:b6:f0:91:ec:c4:5d:c0:4a:02:25:
15:a3:62:30:e0:9a:90:bd:fd:34:e7:9b:a6:54:d4:3b:5e:30:
33:25:1a:c0:b6:43:fa:a6:95:9f:e7:0e:0b:c5:ea:8c:c3:33:
4e:14:97:c1:20:b9:0b:51:a5:60:99:dc:fc:9d:02:d1:bd:f8:
7c:8f:1d:52
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzEkkVe3Vtvuqj+SGTbPx/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDIxM2UzZTdlYmU2MTcwYTM2MDBhOGUzYWU2NGVkOTYy
YzBlMzYwHhcNMjQwMTAxMTAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTNiYjk1NGEzNzQxMzQxNjJhOWQzZmUyYzM1MGU2MzkzM2ZmZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP1mZCII73XYlXYHXuuvTcEIDNWe
GWHo/PYeyw4QwYdADJ9smMjSAco352dyxkAXZCb/Bx35tbTkBEADQxZYfkH3Nrwd
Qp28NvZZxZ61SvceyxywyY/O2zaPch3D6Oasrv+ETaNMv7/IOIjWbMPoA9fcPAmk
MC+BqJR/tzWovjx4mCRGzGp3Og2IYSoxu21OOmKRprOijIaF0jKtJyGmjfEKToTo
dKAVOKRkZS95/CaF20Rdmu1yrUKuEyd4Ggg7twxgaLUN9zqw1Y5JS9DC9V9wjkoT
hAIrG6oTzXK821tjMR79Qt0q4r86yGJu8vvFWM5ci2oK+ic6MyZcUjJbswIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFO47uVSjdBNBYqnT/iw1DmOTP//MMB8GA1UdIwQY
MBaAFH0CE+Pn6+YXCjYAqOOuZO2WLA42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3Nzct
MDM1MzIxNDBlZjUyLzEvN2p1NVZLTjBFMEZpcWRQLUxEVU9ZNU1fXzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3NzctMDM1MzIxNDBlZjUy
LzEvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCLVKoAwQB
LpfIAwQALpfMAwQAW+PmAwQAuR1YMA8EAgACMAkDBwAqAKagAAEwDQYJKoZIhvcN
AQELBQADggEBAB8iWfVpk43LSMVxzzJ2FC6UIO9NrdMJNH0T0BVau9cYqYyhMX40
gKoPpCRdkCqbnF/dI5ypc56OUXgCQ31fQ9xuHZuHY4dlUN66flU2R/1m5jIPL27O
1H6wxAWlvQdBRQRrRzyx/0+gQOznoKNw4EsnH7+CWv08RfANEXZbQ/vPtN82pV2o
yLNjtddwqPlL0KC/psf68XXU+mXT4a9UhAiL094ylFDimrpUg/XukzLCkVXbR8ih
+H8bXpmAtvCR7MRdwEoCJRWjYjDgmpC9/TTnm6ZU1DteMDMlGsC2Q/qmlZ/nDgvF
6ozDM04Ul8EguQtRpWCZ3PydAtG9+HyPHVI=
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:48:15 2025 by rpki-client