Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RnMmTUeUrFq-zSipvkigbapyiBc.roa
File: RnMmTUeUrFq-zSipvkigbapyiBc.roa (raw, json)
Hash identifier: 0skm66saBLa2ssLmOx4tITBYx87gDv/XfeUh7LBO3IE=
Subject key identifier: 46:73:26:4D:47:94:AC:5A:BE:CD:28:A9:BE:48:A0:6D:AA:72:88:17
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 01942067C210A04AF5B6FC4D4A652E3086D8
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RnMmTUeUrFq-zSipvkigbapyiBc.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139659
IP address blocks: 45.136.12.0/22 maxlen: 22
45.136.13.0/24 maxlen: 24
45.136.14.0/24 maxlen: 24
45.136.15.0/24 maxlen: 24
45.144.136.0/24 maxlen: 24
45.144.137.0/24 maxlen: 24
45.144.138.0/24 maxlen: 24
45.145.228.0/24 maxlen: 24
45.145.229.0/24 maxlen: 24
45.152.64.0/24 maxlen: 24
45.152.65.0/24 maxlen: 24
45.152.66.0/24 maxlen: 24
45.152.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Mar 2025 19:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c2:10:a0:4a:f5:b6:fc:4d:4a:65:2e:30:86:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4673264d4794ac5abecd28a9be48a06daa728817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:49:d1:cf:fc:66:53:68:a1:ca:5e:54:9d:
a4:fd:27:20:8f:13:92:0f:02:0c:35:c3:22:d0:ea:
92:44:38:d4:38:74:6a:f0:f1:6f:f0:0d:cf:be:f9:
ab:2d:b1:be:04:6a:c6:f0:6c:62:a0:15:88:b3:13:
32:66:00:ac:e1:6b:4f:c1:64:cc:d2:ea:f5:35:e8:
1a:d4:23:36:d3:c0:16:f1:ab:22:1b:3a:a3:3a:7e:
b1:b7:1c:75:45:fe:db:6b:cc:9b:eb:99:cb:97:e9:
d4:53:a8:ab:7e:11:c6:12:67:ca:b3:d9:27:81:4a:
4e:d3:b2:04:3a:43:6c:da:88:b6:e7:6f:26:d1:19:
d2:5a:ea:87:00:d7:66:d8:3b:7d:ce:c2:e8:33:ba:
87:e7:c8:46:d7:ea:e0:e8:ad:a6:5d:00:ba:74:10:
4a:72:51:62:e6:4b:5f:5c:4b:f8:6b:99:03:e6:c1:
a1:8d:be:e9:50:f7:5b:59:f1:4d:b5:7a:2e:b0:5f:
ae:70:3d:70:37:49:da:de:e1:dd:15:3d:c3:9e:78:
89:2e:eb:e7:11:d6:0d:3a:52:6a:f8:56:01:83:7e:
3c:19:13:a8:75:40:7d:65:9f:40:00:42:4b:fd:18:
ed:dc:c7:84:33:1a:8c:f3:c7:19:91:0d:db:af:7d:
0a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:73:26:4D:47:94:AC:5A:BE:CD:28:A9:BE:48:A0:6D:AA:72:88:17
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/RnMmTUeUrFq-zSipvkigbapyiBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.12.0/22
45.144.136.0-45.144.138.255
45.145.228.0/23
45.152.64.0/22
Signature Algorithm: sha256WithRSAEncryption
10:b2:f6:f5:ac:3d:13:4e:d9:25:76:d4:e2:c4:5a:ce:31:e9:
0d:2f:2c:3a:4c:c5:91:ea:a1:1c:ad:c1:d1:f2:68:ff:ec:ad:
9f:1c:99:c6:cf:4c:6e:a4:d9:28:92:da:7c:70:ce:19:8a:90:
1c:9a:11:f9:20:ad:2c:e7:e3:8e:e5:28:f5:b1:dc:3d:3f:32:
ea:16:4f:12:eb:8d:93:e8:db:35:9f:0e:16:58:03:58:95:30:
b5:ac:7a:93:ff:7d:99:22:b3:fe:c5:dd:75:64:a4:62:0d:31:
42:04:99:8d:44:04:55:63:30:1f:35:2b:c2:59:c9:8b:f5:73:
56:2c:b4:d8:e3:80:5d:0e:07:20:43:78:19:25:a2:a3:80:ac:
50:9c:54:68:8e:76:50:98:99:ba:62:8f:38:c8:fa:bd:8a:f7:
00:14:80:50:d4:44:5c:c0:fc:c3:57:2a:7d:10:b5:57:03:d8:
e6:dc:8c:e1:1a:48:76:50:0f:53:10:db:21:27:ce:66:00:6f:
61:81:54:a4:95:6b:f4:d7:3b:4e:1e:d4:af:74:2f:1e:da:3a:
c4:e9:62:f2:65:c3:83:94:55:97:ca:5b:a4:28:6e:38:f8:6d:
8e:1e:56:27:7a:e1:f4:3c:c2:55:4b:a2:74:ec:7d:60:6e:d5:
a2:ed:05:b2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQgZ8IQoEr1tvxNSmUuMIbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjczMjY0ZDQ3OTRhYzVhYmVjZDI4YTliZTQ4YTA2ZGFhNzI4ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRlJ0c/8ZlNoocpeVJ2k/ScgjxOS
DwIMNcMi0OqSRDjUOHRq8PFv8A3PvvmrLbG+BGrG8GxioBWIsxMyZgCs4WtPwWTM
0ur1Nega1CM208AW8asiGzqjOn6xtxx1Rf7ba8yb65nLl+nUU6irfhHGEmfKs9kn
gUpO07IEOkNs2oi2528m0RnSWuqHANdm2Dt9zsLoM7qH58hG1+rg6K2mXQC6dBBK
clFi5ktfXEv4a5kD5sGhjb7pUPdbWfFNtXousF+ucD1wN0na3uHdFT3DnniJLuvn
EdYNOlJq+FYBg348GROodUB9ZZ9AAEJL/Rjt3MeEMxqM88cZkQ3br30K8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEZzJk1HlKxavs0oqb5IoG2qcogXMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvUm5NbVRVZVVyRnEtelNpcHZraWdiYXB5aUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLYgMMAwD
BAMtkIgDBAAtkIoDBAEtkeQDBAItmEAwDQYJKoZIhvcNAQELBQADggEBABCy9vWs
PRNO2SV21OLEWs4x6Q0vLDpMxZHqoRytwdHyaP/srZ8cmcbPTG6k2SiS2nxwzhmK
kByaEfkgrSzn447lKPWx3D0/MuoWTxLrjZPo2zWfDhZYA1iVMLWsepP/fZkis/7F
3XVkpGINMUIEmY1EBFVjMB81K8JZyYv1c1YstNjjgF0OByBDeBkloqOArFCcVGiO
dlCYmbpijzjI+r2K9wAUgFDURFzA/MNXKn0QtVcD2ObcjOEaSHZQD1MQ2yEnzmYA
b2GBVKSVa/TXO04e1K90Lx7aOsTpYvJlw4OUVZfKW6Qobjj4bY4eVid64fQ8wlVL
onTsfWBu1aLtBbI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:46:30 2025 by rpki-client