Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NddL5Qv3CsoY2ASdfckiTKVKWYY.roa
File: NddL5Qv3CsoY2ASdfckiTKVKWYY.roa (raw, json)
Hash identifier: AvLMuH3zdjO9yK4hjOtj/IyGQ7F90Dkw4CGAa8TZKQc=
Subject key identifier: 35:D7:4B:E5:0B:F7:0A:CA:18:D8:04:9D:7D:C9:22:4C:A5:4A:59:86
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 0190265D1BF09676B424975485A67DABEC75
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NddL5Qv3CsoY2ASdfckiTKVKWYY.roa
Signing time: Mon 17 Jun 2024 13:22:34 +0000
ROA not before: Mon 17 Jun 2024 13:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.22.0/24 maxlen: 24
145.219.23.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10::/48 maxlen: 48
2a04:b0c0:11::/48 maxlen: 48
2a04:b0c0:12::/48 maxlen: 48
2a04:b0c0:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jun 2024 08:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:5d:1b:f0:96:76:b4:24:97:54:85:a6:7d:ab:ec:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jun 17 13:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35d74be50bf70aca18d8049d7dc9224ca54a5986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:3f:61:c7:ef:18:a6:ee:04:aa:e8:10:52:
ad:88:9d:97:96:18:31:ef:5a:44:4f:c7:e5:7d:c9:
fa:e8:2f:49:62:30:c6:95:d6:c0:e6:08:4f:fd:49:
f4:47:3d:92:83:43:07:85:77:6d:fb:fd:b0:15:64:
f5:91:60:d3:82:fc:25:1c:dd:cf:bf:80:1f:93:48:
6f:03:a8:62:fa:93:f0:8b:d0:5a:fc:c9:4c:63:77:
8c:8b:93:24:6e:60:36:62:cf:7b:af:ea:23:d2:c9:
e9:25:b1:2e:99:4b:14:02:84:83:6e:54:6d:f1:c6:
84:7d:06:d0:df:7c:90:e5:66:f5:e3:0d:08:6c:5f:
3c:a6:49:14:3b:91:f9:6b:6d:ea:ad:59:ff:66:39:
d3:fd:6a:17:c4:b5:24:4d:0d:51:de:7e:49:b5:9c:
9a:6b:5d:ec:35:ce:e3:32:19:18:13:de:82:8a:ee:
ff:ef:e3:95:be:b0:06:39:ba:e1:52:b3:82:97:c1:
94:a2:40:b6:f2:ad:74:8c:95:1b:47:dc:5d:b7:8e:
af:e6:c2:fa:1b:7d:32:7b:58:ae:dd:8d:69:7b:b5:
16:c7:71:c7:ea:41:66:a5:47:99:5d:47:a1:56:df:
b5:1c:46:45:44:31:20:6f:0a:14:02:72:12:25:78:
3a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D7:4B:E5:0B:F7:0A:CA:18:D8:04:9D:7D:C9:22:4C:A5:4A:59:86
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/NddL5Qv3CsoY2ASdfckiTKVKWYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.22.0-145.219.31.255
IPv6:
2a04:b0c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
41:6f:7d:fb:aa:bb:61:01:cb:c7:24:80:8e:c1:89:8f:ac:46:
24:05:ab:cd:44:93:fc:06:21:94:e5:12:ff:6a:80:b8:60:58:
64:77:98:67:9b:48:f1:27:1e:b9:e3:a1:ac:fd:9e:5f:6a:3a:
c1:ba:50:f0:ae:d7:c3:e3:16:9d:3b:cd:a4:05:f9:3c:09:90:
a1:6e:59:6e:e5:07:13:85:7d:1b:76:1e:ea:bb:2e:4a:5c:bf:
73:ca:3d:ee:a6:8e:1d:88:d4:98:6b:97:1d:78:85:77:17:5c:
69:28:a1:a3:80:f5:45:a1:2f:d1:fc:90:bd:3b:58:48:44:0e:
e4:be:64:5a:1c:ca:f4:0d:e8:ed:1b:10:bb:15:d2:a3:b2:06:
8b:ef:36:8d:ad:2f:d2:86:a3:53:fa:87:27:c1:1f:17:a4:b8:
f3:72:2e:cb:e4:75:fd:8c:0c:3e:f1:78:f8:5e:a1:5a:a2:0f:
4a:3e:15:6d:85:b7:b3:b1:62:0f:1b:51:10:cc:fc:86:5d:8d:
69:b3:80:cf:02:ea:7b:f9:76:e9:2d:64:39:3f:e7:91:15:89:
3b:88:ab:11:ce:89:02:d4:7c:e3:34:f5:16:bd:0f:f1:7c:2e:
b4:36:07:a8:f9:50:81:88:88:d0:f0:46:9d:b6:36:31:3f:93:
79:e2:ec:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAmXRvwlna0JJdUhaZ9q+x1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwNjE3MTMyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ3NGJlNTBiZjcwYWNhMThkODA0OWQ3ZGM5MjI0Y2E1NGE1OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGI/YcfvGKbuBKroEFKtiJ2Xlhgx
71pET8flfcn66C9JYjDGldbA5ghP/Un0Rz2Sg0MHhXdt+/2wFWT1kWDTgvwlHN3P
v4Afk0hvA6hi+pPwi9Ba/MlMY3eMi5MkbmA2Ys97r+oj0snpJbEumUsUAoSDblRt
8caEfQbQ33yQ5Wb14w0IbF88pkkUO5H5a23qrVn/ZjnT/WoXxLUkTQ1R3n5JtZya
a13sNc7jMhkYE96Ciu7/7+OVvrAGObrhUrOCl8GUokC28q10jJUbR9xdt46v5sL6
G30ye1iu3Y1pe7UWx3HH6kFmpUeZXUehVt+1HEZFRDEgbwoUAnISJXg68QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXXS+UL9wrKGNgEnX3JIkylSlmGMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvTmRkTDVRdjNDc29ZMkFTZGZja2lUS1ZLV1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAGR2xYD
BAWR2wAwDwQCAAIwCQMHAioEsMAAEDANBgkqhkiG9w0BAQsFAAOCAQEAQW99+6q7
YQHLxySAjsGJj6xGJAWrzUST/AYhlOUS/2qAuGBYZHeYZ5tI8SceueOhrP2eX2o6
wbpQ8K7Xw+MWnTvNpAX5PAmQoW5ZbuUHE4V9G3Ye6rsuSly/c8o97qaOHYjUmGuX
HXiFdxdcaSiho4D1RaEv0fyQvTtYSEQO5L5kWhzK9A3o7RsQuxXSo7IGi+82ja0v
0oajU/qHJ8EfF6S483Iuy+R1/YwMPvF4+F6hWqIPSj4VbYW3s7FiDxtREMz8hl2N
abOAzwLqe/l26S1kOT/nkRWJO4irEc6JAtR84zT1Fr0P8XwutDYHqPlQgYiI0PBG
nbY2MT+TeeLsXQ==
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:44:45 2024 by rpki-client on console-fra.rpki-client.org