Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5nPsBJE62uVKwVy40Nof40vQ0Qw.roa
File: 5nPsBJE62uVKwVy40Nof40vQ0Qw.roa (raw, json)
Hash identifier: f1GvIxRZ/EX35lLNnWEZPwjHXBzHV3xpr4Ere/Xt65s=
Subject key identifier: E6:73:EC:04:91:3A:DA:E5:4A:C1:5C:B8:D0:DA:1F:E3:4B:D0:D1:0C
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0193AA8CA13D813360BE43715E5DDFE9A159
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5nPsBJE62uVKwVy40Nof40vQ0Qw.roa
Signing time: Mon 09 Dec 2024 08:32:43 +0000
ROA not before: Mon 09 Dec 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.91.22.0/24 maxlen: 24
45.130.141.0/24 maxlen: 24
2a0f:2740::/29 maxlen: 48
2a0f:e383::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Dec 2024 08:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:8c:a1:3d:81:33:60:be:43:71:5e:5d:df:e9:a1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 9 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e673ec04913adae54ac15cb8d0da1fe34bd0d10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:88:55:cf:2d:a6:b4:5c:8d:f3:9b:15:25:1c:
d3:cd:32:74:8f:70:0c:a2:76:3f:c4:ac:bd:63:4d:
2d:fc:dc:db:6e:e0:58:9c:d6:20:36:b2:f8:0e:89:
69:52:11:fc:c9:fc:9a:5e:cd:3f:07:d5:2e:2a:3f:
22:60:b3:05:4c:6f:ab:9d:1e:75:2f:03:18:e7:ab:
4a:01:cb:2a:92:0f:b1:5a:1b:fc:1d:02:0e:24:8e:
51:34:a6:7b:8b:3b:8e:21:3d:65:18:d9:d1:46:d4:
95:2c:0d:5d:a1:15:95:5c:be:a2:a7:48:6a:ff:14:
a8:d7:6d:f3:d8:39:1a:98:da:87:51:a2:cc:a0:83:
a5:b1:a2:48:c7:74:b0:0d:88:7b:4d:18:e3:ea:fa:
b2:dc:b7:7b:4b:33:13:df:15:0b:17:ea:fd:3e:50:
8b:dc:bc:05:b7:7e:16:21:fe:6f:de:5a:7a:b7:f2:
da:1a:af:a5:7f:31:96:ce:90:7a:06:f7:7f:2f:19:
cd:6b:a9:6c:3d:c6:db:1a:5e:dd:94:c5:3d:ce:cf:
1a:d7:3c:9b:7e:07:8d:90:8b:31:c3:d3:57:8c:1c:
9f:07:50:af:af:4e:43:3e:b3:18:30:f7:48:29:00:
9e:bd:81:19:fc:42:17:e9:33:f7:25:b6:cf:65:34:
bf:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:73:EC:04:91:3A:DA:E5:4A:C1:5C:B8:D0:DA:1F:E3:4B:D0:D1:0C
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5nPsBJE62uVKwVy40Nof40vQ0Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.22.0/24
45.130.141.0/24
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
ab:fe:32:b9:3a:b1:71:21:0c:c9:67:e9:c5:d5:b5:a8:77:60:
01:ef:2e:47:65:2d:58:c8:74:fe:6e:b6:a7:83:b2:eb:e8:03:
5c:6c:27:ec:2d:88:f8:60:b9:03:89:c5:28:4e:66:9f:a5:24:
71:90:4f:12:42:d9:04:d7:f5:98:e3:46:89:66:d9:10:ce:24:
7c:d1:cd:0d:c4:30:8a:55:c2:46:cb:c0:bf:21:76:8e:e9:8b:
d0:f4:7c:b0:ff:0b:6c:33:82:58:09:0c:48:2b:72:20:ee:50:
54:7a:bb:e6:39:cd:3d:8d:6e:e0:76:e8:06:b9:06:f2:49:64:
4b:79:3a:47:f3:42:90:39:9c:1b:1b:ec:05:47:92:fb:2b:3d:
3f:31:bc:57:00:16:65:72:30:2a:2d:64:ec:76:0f:5c:03:d3:
e0:85:21:8c:c2:ed:64:6e:c8:2c:bd:5f:ea:6b:ca:44:dc:83:
f3:b1:7b:32:16:16:42:89:f1:80:2b:1e:c3:bb:eb:bc:b9:e5:
c9:2a:23:ff:ce:ee:b2:5a:dd:66:e0:d2:7a:2e:d4:8a:3b:46:
4a:59:3c:a5:64:c9:f5:e2:72:97:d1:0a:90:a4:48:c4:da:1c:
c8:42:c9:2d:94:f6:b6:50:d5:4d:a7:3b:5a:0f:88:ba:d0:fb:
2c:aa:2f:98
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZOqjKE9gTNgvkNxXl3f6aFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQxMjA5MDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjczZWMwNDkxM2FkYWU1NGFjMTVjYjhkMGRhMWZlMzRiZDBkMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4hVzy2mtFyN85sVJRzTzTJ0j3AM
onY/xKy9Y00t/NzbbuBYnNYgNrL4DolpUhH8yfyaXs0/B9UuKj8iYLMFTG+rnR51
LwMY56tKAcsqkg+xWhv8HQIOJI5RNKZ7izuOIT1lGNnRRtSVLA1doRWVXL6ip0hq
/xSo123z2DkamNqHUaLMoIOlsaJIx3SwDYh7TRjj6vqy3Ld7SzMT3xULF+r9PlCL
3LwFt34WIf5v3lp6t/LaGq+lfzGWzpB6Bvd/LxnNa6lsPcbbGl7dlMU9zs8a1zyb
fgeNkIsxw9NXjByfB1Cvr05DPrMYMPdIKQCevYEZ/EIX6TP3JbbPZTS/gwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOZz7ASROtrlSsFcuNDaH+NL0NEMMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNW5Qc0JKRTYydVZLd1Z5NDBOb2Y0MHZRMFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjASBAIAATAMAwQALVsWAwQA
LYKNMCQEAgACMB4DBQMqDydAMA4DBQAqD+ODAwUBKg/jhAMFACoP44cwDQYJKoZI
hvcNAQELBQADggEBAKv+Mrk6sXEhDMln6cXVtah3YAHvLkdlLVjIdP5utqeDsuvo
A1xsJ+wtiPhguQOJxShOZp+lJHGQTxJC2QTX9ZjjRolm2RDOJHzRzQ3EMIpVwkbL
wL8hdo7pi9D0fLD/C2wzglgJDEgrciDuUFR6u+Y5zT2NbuB26Aa5BvJJZEt5Okfz
QpA5nBsb7AVHkvsrPT8xvFcAFmVyMCotZOx2D1wD0+CFIYzC7WRuyCy9X+prykTc
g/OxezIWFkKJ8YArHsO767y55ckqI//O7rJa3Wbg0nou1Io7RkpZPKVkyfXicpfR
CpCkSMTaHMhCyS2U9rZQ1U2nO1oPiLrQ+yyqL5g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:31:10 2025 by rpki-client