Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/50ZHDvC0LH6RF13VWTNRu91OT1g.roa
File: 50ZHDvC0LH6RF13VWTNRu91OT1g.roa (raw, json)
Hash identifier: 5XfUllA4F2wjCIdwZbu6DPQWgwbEvq3OlMMCf2rZuRQ=
Subject key identifier: E7:46:47:0E:F0:B4:2C:7E:91:17:5D:D5:59:33:51:BB:DD:4E:4F:58
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018CC2DAFC75CE4CEC3A45E463C87FE53732
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/50ZHDvC0LH6RF13VWTNRu91OT1g.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56382
IP address blocks: 45.152.125.0/24 maxlen: 24
45.152.124.0/24 maxlen: 24
45.152.127.0/24 maxlen: 24
45.152.126.0/24 maxlen: 24
2a0f:5700:1220::/44 maxlen: 44
2a0f:5702::/32 maxlen: 48
2a0f:5701:fe80::/48 maxlen: 48
2a0f:5700::/32 maxlen: 48
2a0f:5700:fe80::/48 maxlen: 48
2a0f:5707:ffff::/48 maxlen: 48
2a0f:5701:fe01::/48 maxlen: 48
2a0f:5701:1220::/44 maxlen: 44
2a0f:5707:1220::/44 maxlen: 44
2a0f:5707:aa80::/44 maxlen: 48
2a0f:5707:ab80::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Sep 2024 12:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fc:75:ce:4c:ec:3a:45:e4:63:c8:7f:e5:37:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e746470ef0b42c7e91175dd5593351bbdd4e4f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:2e:cb:86:76:6e:e8:b3:ac:b6:af:26:89:
cd:eb:bb:93:c1:4d:db:7e:17:90:42:77:9a:eb:43:
0a:c9:23:f1:7a:38:09:2f:42:3f:a8:8a:5e:66:4e:
dc:66:dc:e0:1c:69:60:e1:80:d4:f9:c6:10:33:e2:
59:dd:a7:6e:10:2e:77:b6:7a:3d:fd:70:0e:b9:e1:
51:ae:ab:9f:24:88:72:78:86:e8:c7:e6:e9:eb:9e:
27:f0:78:f0:da:22:54:0b:27:5f:37:8f:56:68:47:
62:9c:fd:21:b6:14:cd:84:13:cf:87:3b:26:9f:13:
14:f0:a8:ae:3d:f8:52:96:33:e1:8f:cf:24:5a:29:
2f:18:16:f7:7b:de:03:ec:1c:99:13:cb:fc:3d:62:
cf:57:82:c6:a2:52:97:2d:11:7c:95:b6:ba:0a:ca:
50:b8:ea:b0:5a:35:f9:f8:47:45:fd:53:96:da:a1:
72:4f:d1:a5:8a:2e:89:22:56:4f:b2:b2:25:a8:89:
87:ec:10:44:d1:7c:79:76:91:b0:1d:0f:e5:78:8c:
46:da:48:65:6c:f1:3e:9f:99:79:5e:31:fb:1a:ba:
ee:50:7a:eb:9d:8c:1d:39:59:14:3c:5c:e8:ac:2a:
53:7d:d1:26:e8:06:d6:5f:f9:13:91:00:8a:b7:98:
a4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:46:47:0E:F0:B4:2C:7E:91:17:5D:D5:59:33:51:BB:DD:4E:4F:58
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/50ZHDvC0LH6RF13VWTNRu91OT1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/22
IPv6:
2a0f:5700::/32
2a0f:5701:1220::/44
2a0f:5701:fe01::/48
2a0f:5701:fe80::/48
2a0f:5702::/32
2a0f:5707:1220::/44
2a0f:5707:aa80::/44
2a0f:5707:ab80::/44
2a0f:5707:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
86:02:dd:58:af:31:41:d5:de:18:b9:ef:f2:bd:6a:bf:6e:19:
e8:a6:b0:55:0f:79:78:16:97:1f:6e:ce:3f:16:67:49:22:07:
2f:3a:8a:ea:66:fb:d3:59:ca:55:82:de:63:75:50:8b:44:44:
f7:52:91:65:44:50:d5:aa:82:33:9b:1d:e6:8a:e2:3f:19:b4:
53:c1:92:3b:1b:ce:c3:1e:5c:c9:31:90:56:c9:b7:3d:03:c9:
e7:7f:2e:bf:8b:c2:7a:f0:27:39:be:b7:2b:bd:a3:4b:60:fe:
6e:ed:65:f6:b7:83:25:27:af:07:d8:9e:bc:c2:e9:c4:c2:fe:
27:9f:ca:5b:30:09:36:ab:e8:fd:05:40:04:97:08:7a:57:f9:
7a:6c:96:31:bf:0a:a4:4c:0d:b4:d3:ff:9f:4f:15:8a:cb:32:
5e:a0:b8:c4:6a:4b:56:81:ef:2b:90:af:86:68:ce:5a:10:b4:
e8:df:dc:c6:7c:83:54:96:66:e3:a7:ec:1b:a4:4a:d7:f6:7c:
3a:58:e2:33:21:d5:81:fb:d3:72:81:d5:9d:2a:33:f1:cc:31:
69:a4:33:32:95:0c:db:17:af:7d:02:50:1a:6b:19:34:ed:03:
b9:e3:5e:29:0b:c1:88:30:55:30:d9:20:43:5b:47:08:b6:f1:
3c:b3:56:41
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzC2vx1zkzsOkXkY8h/5TcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ2NDcwZWYwYjQyYzdlOTExNzVkZDU1OTMzNTFiYmRkNGU0ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqguy4Z2buizrLavJonN67uTwU3b
fheQQnea60MKySPxejgJL0I/qIpeZk7cZtzgHGlg4YDU+cYQM+JZ3aduEC53tno9
/XAOueFRrqufJIhyeIbox+bp654n8Hjw2iJUCydfN49WaEdinP0hthTNhBPPhzsm
nxMU8KiuPfhSljPhj88kWikvGBb3e94D7ByZE8v8PWLPV4LGolKXLRF8lba6CspQ
uOqwWjX5+EdF/VOW2qFyT9Glii6JIlZPsrIlqImH7BBE0Xx5dpGwHQ/leIxG2khl
bPE+n5l5XjH7GrruUHrrnYwdOVkUPFzorCpTfdEm6AbWX/kTkQCKt5ikvQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFOdGRw7wtCx+kRdd1VkzUbvdTk9YMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvNTBaSER2QzBMSDZSRjEzVldUTlJ1OTFPVDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAMBAIAATAGAwQCLZh8MFME
AgACME0DBQAqD1cAAwcEKg9XARIgAwcAKg9XAf4BAwcAKg9XAf6AAwUAKg9XAgMH
BCoPVwcSIAMHBCoPVweqgAMHBCoPVwergAMHACoPVwf//zANBgkqhkiG9w0BAQsF
AAOCAQEAhgLdWK8xQdXeGLnv8r1qv24Z6KawVQ95eBaXH27OPxZnSSIHLzqK6mb7
01nKVYLeY3VQi0RE91KRZURQ1aqCM5sd5oriPxm0U8GSOxvOwx5cyTGQVsm3PQPJ
538uv4vCevAnOb63K72jS2D+bu1l9reDJSevB9ievMLpxML+J5/KWzAJNqvo/QVA
BJcIelf5emyWMb8KpEwNtNP/n08VissyXqC4xGpLVoHvK5CvhmjOWhC06N/cxnyD
VJZm46fsG6RK1/Z8OljiMyHVgfvTcoHVnSoz8cwxaaQzMpUM2xevfQJQGmsZNO0D
ueNeKQvBiDBVMNkgQ1tHCLbxPLNWQQ==
-----END CERTIFICATE-----
Generated at Wed Sep 18 15:59:08 2024 by rpki-client on console-fra.rpki-client.org