Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/1-7Od1IvqCJj0d1RLZbbDociseF4.roa
File: 1-7Od1IvqCJj0d1RLZbbDociseF4.roa (raw, json)
Hash identifier: 7lgc+JSaw06bNf872jQ+lWPjmR8mQxdN8AyB4F5RUQ4=
Subject key identifier: FB:B3:9D:D4:8B:EA:08:98:F4:77:54:4B:65:B6:C3:A1:C8:AC:78:5E
Certificate issuer: /CN=8c6eadb8659bc734dccb29f638421036bb922e36
Certificate serial: 0192D722D49B46996AAA650048CC8DA70549
Authority key identifier: 8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/1-7Od1IvqCJj0d1RLZbbDociseF4.roa
Signing time: Tue 29 Oct 2024 07:17:16 +0000
ROA not before: Tue 29 Oct 2024 07:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200781
IP address blocks: 45.13.124.0/22 maxlen: 22
45.13.124.0/23 maxlen: 23
45.13.126.0/23 maxlen: 23
45.13.126.0/24 maxlen: 24
185.96.40.0/22 maxlen: 22
185.96.40.0/23 maxlen: 23
185.96.42.0/23 maxlen: 23
2a03:fd80::/29 maxlen: 29
2a03:fd80::/32 maxlen: 32
2a03:fd83::/32 maxlen: 48
2a03:fd84:200::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:22:d4:9b:46:99:6a:aa:65:00:48:cc:8d:a7:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c6eadb8659bc734dccb29f638421036bb922e36
Validity
Not Before: Oct 29 07:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbb39dd48bea0898f477544b65b6c3a1c8ac785e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fa:df:8d:c2:d9:63:8a:1a:9d:9a:1b:ef:2c:
94:d1:36:34:c5:32:a4:7e:4b:ae:9b:80:82:d6:71:
b6:11:e1:93:8c:a7:96:de:04:4b:aa:d1:d5:3d:a7:
e5:01:93:b6:7a:f9:da:4c:32:cb:99:02:af:8b:fc:
22:3b:c9:a0:1f:c6:e7:1f:dc:db:28:32:09:e8:16:
51:8c:c3:f3:bf:5a:af:b9:a6:02:bd:77:d4:f4:f0:
1b:94:5e:ab:76:f0:99:23:05:f8:de:8f:a7:8c:ff:
dd:3f:91:f0:fb:6c:7a:e7:2e:5c:9e:3a:d3:af:37:
a9:8d:69:14:41:24:64:80:06:10:74:ba:6a:c2:56:
22:22:0f:92:8b:2d:41:51:b9:90:d9:66:88:0b:93:
bb:e9:02:92:94:09:54:0e:3f:a5:0c:55:da:a4:27:
56:06:23:a8:60:55:ee:2c:40:10:43:d3:65:e0:c2:
ba:c9:06:72:e8:6c:5f:5a:03:f0:32:38:8b:93:4e:
43:62:45:44:1b:72:1a:52:79:c1:52:3e:90:7d:00:
43:3d:86:e6:ea:2b:4c:ce:28:2b:f2:57:66:03:0c:
b7:b9:ce:7a:79:9e:8d:1f:5b:e4:55:58:3c:6a:52:
9f:65:64:a4:f6:7b:d0:03:00:96:ac:f3:4c:2e:75:
f9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B3:9D:D4:8B:EA:08:98:F4:77:54:4B:65:B6:C3:A1:C8:AC:78:5E
X509v3 Authority Key Identifier:
keyid:8C:6E:AD:B8:65:9B:C7:34:DC:CB:29:F6:38:42:10:36:BB:92:2E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jG6tuGWbxzTcyyn2OEIQNruSLjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/1-7Od1IvqCJj0d1RLZbbDociseF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/bfdba0-2c60-4027-af0d-6645dd3d624b/1/jG6tuGWbxzTcyyn2OEIQNruSLjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.124.0/22
185.96.40.0/22
IPv6:
2a03:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
bb:11:50:59:9b:18:26:59:77:ab:1e:5e:28:6a:84:13:7b:0c:
f7:6f:52:17:a3:df:73:ac:9b:1a:d3:4b:76:d7:a2:7d:59:ee:
c4:43:bf:78:1c:6d:ab:2f:53:c6:af:a6:3b:b0:3b:d5:9f:ab:
34:2c:92:cb:57:ea:8b:c0:e4:45:96:c8:4f:2c:4b:94:b4:2f:
38:56:ac:7f:99:f9:40:17:d3:d1:df:dd:fc:30:28:b7:96:24:
85:b4:ab:38:06:d1:c3:eb:e4:f6:19:fc:30:2e:b7:ee:3b:90:
e6:77:e4:55:b0:ae:7f:46:e9:69:28:f4:dc:5f:ba:fb:25:d8:
a9:77:b1:a6:2d:a6:da:c6:54:42:3a:a1:74:c8:67:f8:6d:c8:
b6:42:4f:3f:67:17:9e:de:72:85:b0:6f:20:8d:90:2a:86:a6:
a7:6a:c1:28:67:6a:ac:98:01:a1:ea:b7:dc:9c:ee:0a:1b:e3:
31:a2:ba:be:35:61:84:79:14:ce:bf:25:ed:e7:10:88:38:5c:
88:33:10:0b:d4:41:0b:96:6e:73:37:4c:36:09:e5:37:02:60:
01:3e:81:31:e0:6d:50:4b:25:4d:6a:1d:b4:09:0c:f5:f9:94:
6f:7c:d7:ec:b4:66:02:f1:8c:35:51:ac:5e:78:e3:e5:95:3e:
1a:58:11:c7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZLXItSbRplqqmUASMyNpwVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNmVhZGI4NjU5YmM3MzRkY2NiMjlmNjM4NDIxMDM2YmI5
MjJlMzYwHhcNMjQxMDI5MDcxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIzOWRkNDhiZWEwODk4ZjQ3NzU0NGI2NWI2YzNhMWM4YWM3ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPrfjcLZY4oanZob7yyU0TY0xTKk
fkuum4CC1nG2EeGTjKeW3gRLqtHVPaflAZO2evnaTDLLmQKvi/wiO8mgH8bnH9zb
KDIJ6BZRjMPzv1qvuaYCvXfU9PAblF6rdvCZIwX43o+njP/dP5Hw+2x65y5cnjrT
rzepjWkUQSRkgAYQdLpqwlYiIg+Siy1BUbmQ2WaIC5O76QKSlAlUDj+lDFXapCdW
BiOoYFXuLEAQQ9Nl4MK6yQZy6GxfWgPwMjiLk05DYkVEG3IaUnnBUj6QfQBDPYbm
6itMzigr8ldmAwy3uc56eZ6NH1vkVVg8alKfZWSk9nvQAwCWrPNMLnX5uQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPuzndSL6giY9HdUS2W2w6HIrHheMB8GA1UdIwQY
MBaAFIxurbhlm8c03Msp9jhCEDa7ki42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakc2dHVHV2J4elRjeXluMk9FSVFOcnVTTGpZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iZmRiYTAtMmM2MC00MDI3LWFmMGQt
NjY0NWRkM2Q2MjRiLzEvMS03T2QxSXZxQ0pqMGQxUkxaYmJEb2Npc2VGNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvYmZkYmEwLTJjNjAtNDAyNy1hZjBkLTY2NDVkZDNkNjI0
Yi8xL2pHNnR1R1dieHpUY3l5bjJPRUlRTnJ1U0xqWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAi0NfAME
ArlgKDANBAIAAjAHAwUDKgP9gDANBgkqhkiG9w0BAQsFAAOCAQEAuxFQWZsYJll3
qx5eKGqEE3sM929SF6Pfc6ybGtNLdteifVnuxEO/eBxtqy9Txq+mO7A71Z+rNCyS
y1fqi8DkRZbITyxLlLQvOFasf5n5QBfT0d/d/DAot5YkhbSrOAbRw+vk9hn8MC63
7juQ5nfkVbCuf0bpaSj03F+6+yXYqXexpi2m2sZUQjqhdMhn+G3ItkJPP2cXnt5y
hbBvII2QKoamp2rBKGdqrJgBoeq33JzuChvjMaK6vjVhhHkUzr8l7ecQiDhciDMQ
C9RBC5ZuczdMNgnlNwJgAT6BMeBtUEslTWodtAkM9fmUb3zX7LRmAvGMNVGsXnjj
5ZU+GlgRxw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:06:54 2025 by rpki-client