Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/3AuHdVhbFAKboGJkMBJQ-2uqMJw.roa
File: 3AuHdVhbFAKboGJkMBJQ-2uqMJw.roa (raw, json)
Hash identifier: WWAeRvL6VsXpatQ0EOhEAI3xS6V9+V1TdyIqHe9SqxY=
Subject key identifier: DC:0B:87:75:58:5B:14:02:9B:A0:62:64:30:12:50:FB:6B:AA:30:9C
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 01937837E76421D50590272DA09670ACB75F
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/3AuHdVhbFAKboGJkMBJQ-2uqMJw.roa
Signing time: Fri 29 Nov 2024 13:59:09 +0000
ROA not before: Fri 29 Nov 2024 13:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 45.87.180.0/22 maxlen: 24
45.128.40.0/22 maxlen: 24
94.103.120.0/22 maxlen: 24
185.97.101.0/24 maxlen: 24
185.97.102.0/24 maxlen: 24
185.97.103.0/24 maxlen: 24
185.212.212.0/22 maxlen: 24
194.110.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 17:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:37:e7:64:21:d5:05:90:27:2d:a0:96:70:ac:b7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Nov 29 13:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc0b8775585b14029ba06264301250fb6baa309c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a9:c1:bd:7d:19:66:37:d0:a5:0e:9c:08:8c:
3f:de:b8:07:77:52:6d:10:30:b2:17:c5:d6:5b:0c:
cd:a3:5c:e4:42:28:a2:76:04:5a:93:55:0e:42:75:
01:5e:19:46:dc:74:5d:7e:3b:6a:1f:10:16:c5:15:
e0:1a:11:0d:4b:f6:b8:31:6f:5c:e0:7f:07:c1:5f:
fb:6c:22:fe:2b:fa:d9:28:ae:89:29:9e:a6:dc:7a:
1d:82:3a:1b:b1:d7:e4:54:f9:74:aa:df:38:bd:1d:
63:6b:2b:ba:88:25:1f:87:a7:09:ee:5b:22:de:bd:
6b:06:8c:4a:ef:b7:01:08:d1:95:b6:e2:c1:a6:6e:
07:a0:41:1b:bb:94:61:f3:47:e4:e6:dd:cd:29:86:
99:fa:59:b2:61:26:1e:19:b5:76:b1:c7:1a:c0:a8:
a9:a4:eb:ce:c2:1e:49:4d:45:a5:b1:f4:46:3b:66:
58:d8:ae:5b:e8:31:0a:07:ae:6e:ca:bb:33:d5:8a:
03:0d:06:c3:38:4e:da:d0:68:e2:73:7e:26:f7:fd:
a6:cc:9d:6e:98:d2:47:ba:b0:bf:22:cd:c9:3f:9c:
45:71:9a:f1:bf:ac:a3:72:61:bb:66:7a:2a:25:37:
d8:37:b5:51:4f:ed:99:7b:de:76:bf:00:9c:33:8e:
ae:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0B:87:75:58:5B:14:02:9B:A0:62:64:30:12:50:FB:6B:AA:30:9C
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/3AuHdVhbFAKboGJkMBJQ-2uqMJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.180.0/22
45.128.40.0/22
94.103.120.0/22
185.97.101.0-185.97.103.255
185.212.212.0/22
194.110.120.0/22
Signature Algorithm: sha256WithRSAEncryption
55:cb:33:62:bd:50:5a:48:5e:b9:6d:08:3d:11:e5:7d:78:e4:
c7:0a:ec:67:3c:36:e7:a5:d9:29:2f:e4:9d:f4:a9:d3:ea:9c:
b2:51:fb:4f:1f:84:68:12:27:2e:50:8f:f8:52:da:4b:77:c7:
28:8d:9f:93:e2:e4:4a:50:02:65:95:ab:e6:9d:77:39:a0:9e:
c4:c8:65:48:49:fc:58:3d:bc:89:2c:7c:0f:4f:14:43:97:a5:
ae:05:9b:4b:12:5b:0d:f1:b7:fd:a5:e1:32:08:45:6c:b8:34:
9c:a4:23:9e:a6:0b:97:0f:8e:47:7f:41:a4:d7:f4:a8:57:98:
d7:4d:47:fc:f3:36:55:7e:67:ad:04:fd:33:ac:30:48:d1:33:
b6:9c:9f:a1:26:51:72:3a:e6:b2:3e:ca:cd:f7:17:61:a1:c1:
7e:20:e4:e5:a3:84:2a:11:96:1a:69:2b:0a:4c:6d:a9:c2:fb:
42:92:30:08:06:76:14:43:65:01:15:e3:84:2f:05:d6:f4:85:
29:f3:aa:82:9e:cb:55:87:a1:2f:47:77:42:2a:cb:f7:82:11:
c4:ab:c2:22:8c:c5:44:db:b0:56:0a:99:82:81:7f:3a:0d:20:
fb:fd:ca:41:28:93:b2:0a:2d:9e:ed:be:99:5b:69:ac:3a:7a:
4c:bc:fc:83
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZN4N+dkIdUFkCctoJZwrLdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjQxMTI5MTM1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBiODc3NTU4NWIxNDAyOWJhMDYyNjQzMDEyNTBmYjZiYWEzMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKnBvX0ZZjfQpQ6cCIw/3rgHd1Jt
EDCyF8XWWwzNo1zkQiiidgRak1UOQnUBXhlG3HRdfjtqHxAWxRXgGhENS/a4MW9c
4H8HwV/7bCL+K/rZKK6JKZ6m3HodgjobsdfkVPl0qt84vR1jayu6iCUfh6cJ7lsi
3r1rBoxK77cBCNGVtuLBpm4HoEEbu5Rh80fk5t3NKYaZ+lmyYSYeGbV2sccawKip
pOvOwh5JTUWlsfRGO2ZY2K5b6DEKB65uyrsz1YoDDQbDOE7a0Gjic34m9/2mzJ1u
mNJHurC/Is3JP5xFcZrxv6yjcmG7ZnoqJTfYN7VRT+2Ze952vwCcM46u4wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNwLh3VYWxQCm6BiZDASUPtrqjCcMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvM0F1SGRWaGJGQUtib0dKa01CSlEtMnVxTUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLVe0AwQC
LYAoAwQCXmd4MAwDBAC5YWUDBAO5YWADBAK51NQDBALCbngwDQYJKoZIhvcNAQEL
BQADggEBAFXLM2K9UFpIXrltCD0R5X145McK7Gc8Nuel2Skv5J30qdPqnLJR+08f
hGgSJy5Qj/hS2kt3xyiNn5Pi5EpQAmWVq+addzmgnsTIZUhJ/Fg9vIksfA9PFEOX
pa4Fm0sSWw3xt/2l4TIIRWy4NJykI56mC5cPjkd/QaTX9KhXmNdNR/zzNlV+Z60E
/TOsMEjRM7acn6EmUXI65rI+ys33F2GhwX4g5OWjhCoRlhppKwpMbanC+0KSMAgG
dhRDZQEV44QvBdb0hSnzqoKey1WHoS9Hd0Iqy/eCEcSrwiKMxUTbsFYKmYKBfzoN
IPv9ykEok7IKLZ7tvplbaaw6eky8/IM=
-----END CERTIFICATE-----
Generated at Wed Apr 23 09:58:50 2025 by rpki-client