Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AxklefXqrl3i7fcXDy1352qtHbg.roa
File: AxklefXqrl3i7fcXDy1352qtHbg.roa (raw, json)
Hash identifier: Fd0XI6e2bkhmGTbH9NqzX+GlY+xawuTYp1xMMC8i9ZY=
Subject key identifier: 03:19:25:79:F5:EA:AE:5D:E2:ED:F7:17:0F:2D:77:E7:6A:AD:1D:B8
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0193AA8CA10D0352D1DB858BA4B20D511A36
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AxklefXqrl3i7fcXDy1352qtHbg.roa
Signing time: Mon 09 Dec 2024 08:32:43 +0000
ROA not before: Mon 09 Dec 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.124.0/24 maxlen: 24
45.85.125.0/24 maxlen: 24
45.85.126.0/24 maxlen: 24
45.85.127.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.130.136.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
193.176.210.0/24 maxlen: 24
2a07:e340::/32 maxlen: 32
2a07:e341::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:8c:a1:0d:03:52:d1:db:85:8b:a4:b2:0d:51:1a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 9 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03192579f5eaae5de2edf7170f2d77e76aad1db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e6:af:04:c4:09:28:17:d4:27:f8:2f:65:fb:
f2:00:31:ec:e5:c2:53:d1:63:4b:05:95:ea:14:84:
8c:81:29:e5:4d:da:fc:ea:16:39:a6:c5:b9:d1:19:
1d:cf:7c:a5:32:49:89:82:4b:6c:aa:82:a4:97:2b:
22:69:f2:04:92:17:02:9a:0c:76:42:97:27:67:5c:
ae:59:ee:df:25:9d:b2:2b:a2:e5:79:7e:63:b8:0f:
f1:ba:47:b8:3c:dc:68:84:e5:4c:86:9a:73:75:53:
a7:e9:c9:0f:04:d5:cb:2e:95:f6:de:3e:dc:80:1b:
71:c9:59:d6:43:61:48:c9:91:24:f7:5c:02:a0:78:
89:33:9e:89:64:15:19:68:e2:27:15:db:72:15:2c:
58:5b:83:ac:80:34:d4:96:dc:23:2f:03:46:2e:53:
86:2c:67:0f:3e:b2:33:83:dd:8e:5c:ef:2b:6e:fb:
02:99:7a:95:60:a5:94:79:f4:0e:33:46:6d:42:44:
f2:bf:b3:cb:d6:3b:82:67:e2:1c:fa:16:e2:18:86:
9a:9c:e8:60:5b:8b:fd:27:8d:4d:97:a4:55:c5:e4:
1c:9e:c0:56:ea:85:45:50:fb:38:1b:5a:02:9e:33:
f5:83:4d:bc:60:a7:70:b2:b3:01:dc:b8:86:69:d1:
dd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:19:25:79:F5:EA:AE:5D:E2:ED:F7:17:0F:2D:77:E7:6A:AD:1D:B8
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AxklefXqrl3i7fcXDy1352qtHbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0/24
45.130.136.0/24
45.132.193.0/24
45.149.104.0/24
193.176.210.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
97:03:b6:cd:a1:70:5b:66:1e:93:3c:a7:4b:df:18:0b:b4:9e:
db:26:b4:bd:18:3f:62:43:58:ed:2a:23:43:c0:f1:6d:3c:db:
67:9f:18:81:ea:ab:77:54:12:1d:c6:cb:f6:2a:bc:42:f5:92:
45:ce:69:09:12:6f:1f:22:d8:72:62:7d:aa:f4:ba:30:c4:c9:
23:df:53:f9:7f:46:15:58:b9:99:8f:f2:11:ef:aa:58:a0:84:
a5:39:39:d0:5d:30:e7:9f:4d:9a:e3:04:54:8e:7f:12:60:3c:
73:06:5c:9b:16:65:c6:88:3f:73:12:a5:c7:e9:bc:2d:91:83:
e0:4a:04:88:d7:b9:ee:75:8b:e9:dd:ee:a6:de:3a:89:0e:4f:
96:47:dd:e9:e8:89:1c:95:f8:5a:47:41:fe:93:42:c3:92:50:
ac:22:7e:72:d6:4b:f5:c4:a7:28:10:6f:36:f6:e6:96:09:47:
3f:a4:21:4e:e9:ec:b7:d3:7e:d1:e3:c2:9b:0c:1b:e9:82:55:
a9:14:5a:08:a6:e7:86:76:d7:e9:fc:25:00:06:12:6b:44:1f:
d5:26:8d:ba:da:2a:3e:e0:71:6c:04:79:08:a4:33:e7:ab:3f:
fc:cf:ca:ed:4d:a0:ab:5b:d1:ef:ea:7a:da:24:61:f9:9a:18:
19:75:19:2f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZOqjKENA1LR24WLpLINURo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQxMjA5MDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzE5MjU3OWY1ZWFhZTVkZTJlZGY3MTcwZjJkNzdlNzZhYWQxZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uavBMQJKBfUJ/gvZfvyADHs5cJT
0WNLBZXqFISMgSnlTdr86hY5psW50Rkdz3ylMkmJgktsqoKklysiafIEkhcCmgx2
QpcnZ1yuWe7fJZ2yK6LleX5juA/xuke4PNxohOVMhppzdVOn6ckPBNXLLpX23j7c
gBtxyVnWQ2FIyZEk91wCoHiJM56JZBUZaOInFdtyFSxYW4OsgDTUltwjLwNGLlOG
LGcPPrIzg92OXO8rbvsCmXqVYKWUefQOM0ZtQkTyv7PL1juCZ+Ic+hbiGIaanOhg
W4v9J41Nl6RVxeQcnsBW6oVFUPs4G1oCnjP1g028YKdwsrMB3LiGadHdBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAMZJXn16q5d4u33Fw8td+dqrR24MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQXhrbGVmWHFybDNpN2ZjWER5MTM1MnF0SGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVV8AwQA
LVsUAwQALYKIAwQALYTBAwQALZVoAwQAwbDSMA0EAgACMAcDBQEqB+NAMA0GCSqG
SIb3DQEBCwUAA4IBAQCXA7bNoXBbZh6TPKdL3xgLtJ7bJrS9GD9iQ1jtKiNDwPFt
PNtnnxiB6qt3VBIdxsv2KrxC9ZJFzmkJEm8fIthyYn2q9LowxMkj31P5f0YVWLmZ
j/IR76pYoISlOTnQXTDnn02a4wRUjn8SYDxzBlybFmXGiD9zEqXH6bwtkYPgSgSI
17nudYvp3e6m3jqJDk+WR93p6IkclfhaR0H+k0LDklCsIn5y1kv1xKcoEG829uaW
CUc/pCFO6ey3037R48KbDBvpglWpFFoIpueGdtfp/CUABhJrRB/VJo262io+4HFs
BHkIpDPnqz/8z8rtTaCrW9Hv6nraJGH5mhgZdRkv
-----END CERTIFICATE-----
Generated at Thu Jan 2 23:20:35 2025 by rpki-client on console-ams.rpki-client.org